Red Hat Security Api | Red Hat Customer Portal Labs

CVE-2026-25152
Severity: moderate
Released on: 30/01/2026
Advisory:
Bugzilla: 2435575
Bugzilla Description: @backstage/plugin-techdocs-node: @backstage/plugin-techdocs-node Path Traversal in TechDocs Local Generator
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Developer Hub,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-25153
Severity: important
Released on: 30/01/2026
Advisory:
Bugzilla: 2435576
Bugzilla Description: @backstage/plugin-techdocs-node: @backstage/plugin-techdocs-node vulnerable to arbitrary code execution via MkDocs hooks
CVSS Score:
CVSSv3 Score: 7.7
Vector:
CWE: CWE-94
Affected Packages:
Package States: Red Hat Developer Hub,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-25128
Severity: moderate
Released on: 30/01/2026
Advisory:
Bugzilla: 2435497
Bugzilla Description: fast-xml-parser: fast-xml-parser has RangeError DoS Numeric Entities Bug
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-248
Affected Packages:
Package States: Migration Toolkit for Applications 8,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Developer Hub,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Satellite 6,Red Hat Satellite 6,Self-service automation portal 2,
Full Details
CVE document

CVE-2024-4027
Severity: important
Released on: 30/01/2026
Advisory:
Bugzilla: 2276410
Bugzilla Description: undertow: OutOfMemoryError in HttpServletRequestImpl.getParameterNames() can cause remote DoS attacks
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: OpenShift Serverless,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat JBoss Data Grid 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Fuse Service Works 6,Red Hat Process Automation 7,Red Hat Single Sign-On 7,streams for Apache Kafka,
Full Details
CVE document

CVE-2026-25210
Severity: moderate
Released on: 30/01/2026
Advisory:
Bugzilla: 2435454
Bugzilla Description: libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation
CVSS Score:
CVSSv3 Score: 6.9
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-25068
Severity: moderate
Released on: 29/01/2026
Advisory:
Bugzilla: 2435372
Bugzilla Description: alsa-lib: alsa-lib Topology Decoder Heap-based Buffer Overflow
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-24054
Severity: moderate
Released on: 29/01/2026
Advisory:
Bugzilla: 2435336
Bugzilla Description: kata-containers: Kata Containers: Denial of Service and filesystem errors due to malformed container image processing
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2020-37011
Severity: moderate
Released on: 29/01/2026
Advisory:
Bugzilla: 2435296
Bugzilla Description: gnome-font-viewer: Gnome Fonts Viewer: Denial of Service via malicious TTF font file
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-24835
Severity: moderate
Released on: 28/01/2026
Advisory:
Bugzilla: 2434657
Bugzilla Description: podman-desktop: Podman Desktop: Authentication bypass allows malicious extensions to gain unauthorized access.
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-305
Affected Packages:
Package States: Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Enterprise Linux 10,
Full Details
CVE document

CVE-2025-61728
Severity: moderate
Released on: 28/01/2026
Advisory:
Bugzilla: 2434431
Bugzilla Description: golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Cryostat 4,Custom Metric Autoscaler operator for Red Hat Openshift,Custom Metric Autoscaler operator for Red Hat Openshift,Custom Metric Autoscaler operator for Red Hat Openshift,Custom Metric Autoscaler operator for Red Hat Openshift,Deployment Validation Operator,External Secrets Operator for Red Hat OpenShift,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Network Observability Operator,Network Observability Operator,Node Maintenance Operator,Node Maintenance Operator,Node Maintenance Operator,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ceph Storage 5,Red Hat Ceph Storage 5,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 6,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Ceph Storage 8,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift for Windows Containers,Red Hat OpenShift for Windows Containers,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2026-1530
Severity: important
Released on: 28/01/2026
Advisory:
Bugzilla: 2433784
Bugzilla Description: fog-kubevirt: fog-kubevirt: Man-in-the-Middle vulnerability due to disabled certificate validation
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-295
Affected Packages:
Package States: Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-1531
Severity: important
Released on: 28/01/2026
Advisory:
Bugzilla: 2433786
Bugzilla Description: foreman-kubevirt: foreman_kubevirt: Man-in-the-Middle due to insecure default SSL verification
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-295
Affected Packages:
Package States: Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-24842
Severity: important
Released on: 28/01/2026
Advisory:
Bugzilla: 2433645
Bugzilla Description: node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: (CWE-22|CWE-59)
Affected Packages:
Package States: Cryostat 4,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AMQ Broker 7,Red Hat build of Apache Camel - HawtIO 4,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Single Sign-On 7,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2026-1539
Severity: moderate
Released on: 28/01/2026
Advisory:
Bugzilla:
Bugzilla Description:
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-201
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-1536
Severity: moderate
Released on: 28/01/2026
Advisory:
Bugzilla: 2433834
Bugzilla Description: libsoup: libsoup: HTTP header injection or response splitting via CRLF injection in Content-Disposition header
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-93
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23014
Severity: low
Released on: 28/01/2026
Advisory:
Bugzilla: 2433917
Bugzilla Description: kernel: perf: Ensure swevent hrtimer is properly destroyed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-57283
Severity: important
Released on: 28/01/2026
Advisory:
Bugzilla: 2433928
Bugzilla Description: browserstack-local: OS command injection in the logfile variable in lib/Local.js
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Fuse 7,
Full Details
CVE document

CVE-2025-61140
Severity: important
Released on: 28/01/2026
Advisory:
Bugzilla: 2433946
Bugzilla Description: jsonpath: jsonpath: Prototype Pollution vulnerability in the value function
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-502
Affected Packages:
Package States: Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Developer Hub,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Quay 3,Self-service automation portal 2,
Full Details
CVE document

CVE-2026-24779
Severity: important
Released on: 27/01/2026
Advisory:
Bugzilla: 2433624
Bugzilla Description: vLLM: vLLM: Server-Side Request Forgery allows internal network access
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-918
Affected Packages:
Package States: Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-24765
Severity: important
Released on: 27/01/2026
Advisory:
Bugzilla: 2433606
Bugzilla Description: phpunit: PHPUnit: Arbitrary code execution via unsafe deserialization of code coverage files
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-502
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-24747
Severity: important
Released on: 27/01/2026
Advisory:
Bugzilla: 2433612
Bugzilla Description: pytorch: PyTorch: Arbitrary code execution via malicious checkpoint file loading
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: (CWE-502|CWE-94)
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-24688
Severity: moderate
Released on: 27/01/2026
Advisory:
Bugzilla: 2433492
Bugzilla Description: pypdf: pypdf Infinite Loop when processing outlines/bookmarks
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-835
Affected Packages:
Package States: OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-24883
Severity: low
Released on: 27/01/2026
Advisory:
Bugzilla: 2433463
Bugzilla Description: GnuPG: GnuPG: Denial of service due to specially crafted signature packet
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-24882
Severity: important
Released on: 27/01/2026
Advisory:
Bugzilla: 2433464
Bugzilla Description: GnuPG: GnuPG: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution
CVSS Score:
CVSSv3 Score: 8.4
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-24881
Severity: important
Released on: 27/01/2026
Advisory:
Bugzilla: 2433480
Bugzilla Description: GnuPG: GnuPG: Remote code execution and denial of service via crafted CMS EnvelopedData message
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22263
Severity: moderate
Released on: 27/01/2026
Advisory:
Bugzilla: 2433481
Bugzilla Description: suricata: Suricata: Denial of Service via inefficient HTTP/1 header parsing
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-1050
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-22262
Severity: moderate
Released on: 27/01/2026
Advisory:
Bugzilla: 2433479
Bugzilla Description: suricata: Suricata: Denial of service due to stack overflow when saving large datasets
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-121
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-22261
Severity: low
Released on: 27/01/2026
Advisory:
Bugzilla: 2433482
Bugzilla Description: suricata: Suricata: Denial of Service due to XFF handling inefficiencies
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-1050
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-14911
Severity: moderate
Released on: 27/01/2026
Advisory:
Bugzilla: 2433448
Bugzilla Description: mongodb: MongoDB: Denial of Service due to malformed GridFS metadata
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Openshift Data Foundation 4,
Full Details
CVE document

CVE-2025-15467
Severity: important
Released on: 27/01/2026
Advisory: RHSA-2026:1503, RHSA-2026:1519, RHSA-2026:1496, RHSA-2026:1473, RHSA-2026:1594, RHSA-2026:1472,
Bugzilla: 2430376
Bugzilla Description: openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-120
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,openssl-1:3.0.7-18.el9_2.3,openssl-1:3.2.2-7.el9_6.2,openssl-1:3.2.2-16.el10_0.6,openssl-1:3.0.7-29.el9_4.2,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-13881
Severity: low
Released on: 27/01/2026
Advisory:
Bugzilla: 2418330
Bugzilla Description: org.keycloak.services.resources.admin: Keycloak: Limited administrator can retrieve sensitive user attributes via Admin API
CVSS Score:
CVSSv3 Score: 2.7
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document

CVE-2026-21721
Severity: important
Released on: 27/01/2026
Advisory:
Bugzilla: 2433242
Bugzilla Description: grafana/grafana/pkg/services/dashboards: Grafana Dashboard Permissions Scope Bypass Enables Cross‑Dashboard Privilege Escalation
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-639
Affected Packages:
Package States: Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 5,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 6,Red Hat Ceph Storage 6,Red Hat Ceph Storage 8,Red Hat Ceph Storage 8,Red Hat Ceph Storage 8,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-21720
Severity: important
Released on: 27/01/2026
Advisory:
Bugzilla: 2433226
Bugzilla Description: grafana: Grafana: Denial of Service via resource exhaustion from avatar requests
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Ceph Storage 7,Red Hat Ceph Storage 8,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-24686
Severity: moderate
Released on: 27/01/2026
Advisory:
Bugzilla: 2433138
Bugzilla Description: github.com/theupdateframework/go-tuf/v2: go-tuf Path Traversal in TAP 4 Multirepo Client Allows Arbitrary File Write via Malicious Repository Names
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-22
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Security Profiles Operator,Security Profiles Operator,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,
Full Details
CVE document

CVE-2026-24486
Severity: important
Released on: 27/01/2026
Advisory: RHSA-2026:1504,
Bugzilla: 2433132
Bugzilla Description: python-multipart: Python-Multipart: Arbitrary file write via path traversal vulnerability
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: CWE-22
Affected Packages: satellite/foreman-mcp-server-rhel9:sha256:ff4edaa605127e763ada037ec63ab7cc2054b853f079e7e28a0355234b24b2a0,
Package States: Lightspeed Core,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-24480
Severity: important
Released on: 27/01/2026
Advisory:
Bugzilla: 2433134
Bugzilla Description: QGIS: QGIS GitHub Actions workflow: Remote Code Execution and repository compromise via insecure `pull_request_target` configuration
CVSS Score:
CVSSv3 Score: 9.9
Vector:
CWE: CWE-863
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-11187
Severity: moderate
Released on: 27/01/2026
Advisory: RHSA-2026:1496, RHSA-2026:1473, RHSA-2026:1472,
Bugzilla: 2430375
Bugzilla Description: openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-233
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,openssl-1:3.2.2-16.el10_0.6,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-15468
Severity: low
Released on: 27/01/2026
Advisory: RHSA-2026:1473, RHSA-2026:1472,
Bugzilla: 2430377
Bugzilla Description: openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-476
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-15469
Severity: low
Released on: 27/01/2026
Advisory: RHSA-2026:1473, RHSA-2026:1472,
Bugzilla: 2430378
Bugzilla Description: openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1284
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-66199
Severity: low
Released on: 27/01/2026
Advisory: RHSA-2026:1473, RHSA-2026:1472,
Bugzilla: 2430379
Bugzilla Description: openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-770
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-68160
Severity: low
Released on: 27/01/2026
Advisory: RHSA-2026:1473, RHSA-2026:1472,
Bugzilla: 2430380
Bugzilla Description: openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-787
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-69418
Severity: low
Released on: 27/01/2026
Advisory: RHSA-2026:1473, RHSA-2026:1472,
Bugzilla: 2430381
Bugzilla Description: openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-325
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-69419
Severity: moderate
Released on: 27/01/2026
Advisory: RHSA-2026:1503, RHSA-2026:1519, RHSA-2026:1496, RHSA-2026:1473, RHSA-2026:1594, RHSA-2026:1472,
Bugzilla: 2430386
Bugzilla Description: openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-131
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,openssl-1:3.0.7-18.el9_2.3,openssl-1:3.2.2-7.el9_6.2,openssl-1:3.2.2-16.el10_0.6,openssl-1:3.0.7-29.el9_4.2,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-69421
Severity: low
Released on: 27/01/2026
Advisory: RHSA-2026:1473, RHSA-2026:1472,
Bugzilla: 2430387
Bugzilla Description: openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-476
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-69420
Severity: low
Released on: 27/01/2026
Advisory: RHSA-2026:1473, RHSA-2026:1472,
Bugzilla: 2430388
Bugzilla Description: openssl: OpenSSL: Denial of Service via malformed TimeStamp Response
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-843
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-22795
Severity: low
Released on: 27/01/2026
Advisory: RHSA-2026:1473, RHSA-2026:1472,
Bugzilla: 2430389
Bugzilla Description: openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-843
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-22796
Severity: low
Released on: 27/01/2026
Advisory: RHSA-2026:1473, RHSA-2026:1472,
Bugzilla: 2430390
Bugzilla Description: openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-1287
Affected Packages: openssl-1:3.5.1-7.el10_1,openssl-1:3.5.1-7.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-1467
Severity: moderate
Released on: 27/01/2026
Advisory:
Bugzilla: 2433174
Bugzilla Description: libsoup: libsoup: HTTP header injection via specially crafted URLs when an HTTP proxy is configured
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-93
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-1484
Severity: moderate
Released on: 27/01/2026
Advisory:
Bugzilla: 2433259
Bugzilla Description: Glib: Integer Overflow Leading to Buffer Underflow and Out-of-Bounds Write in GLib g_base64_encode()
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: (CWE-190|CWE-124|CWE-787)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-1485
Severity: low
Released on: 27/01/2026
Advisory:
Bugzilla: 2433325
Bugzilla Description: Glib: Glib: Local denial of service via buffer underflow in content type parsing
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: (CWE-124|CWE-787|CWE-125)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-1489
Severity: moderate
Released on: 27/01/2026
Advisory:
Bugzilla: 2433348
Bugzilla Description: Glib: GLib: Memory corruption via integer overflow in Unicode case conversion
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: (CWE-190|CWE-787)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-28164
Severity: moderate
Released on: 27/01/2026
Advisory:
Bugzilla: 2433398
Bugzilla Description: libpng: libpng: Denial of Service via buffer overflow in png_create_read_struct() function
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 1.8,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 25,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-28162
Severity: moderate
Released on: 27/01/2026
Advisory:
Bugzilla: 2433407
Bugzilla Description: libpng: libpng: Denial of Service via buffer overflow in pngimage utility
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 1.8,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 25,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-24400
Severity: moderate
Released on: 26/01/2026
Advisory:
Bugzilla: 2433116
Bugzilla Description: assertj: AssertJ: Information disclosure and denial of service via XML External Entity (XXE)
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-611
Affected Packages:
Package States: AMQ Clients,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 2,Red Hat build of Debezium 3,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-24131
Severity: moderate
Released on: 26/01/2026
Advisory:
Bugzilla: 2433115
Bugzilla Description: pnpm: pnpm: Arbitrary file permission modification via directory traversal
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-22|CWE-732)
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-24056
Severity: moderate
Released on: 26/01/2026
Advisory:
Bugzilla: 2433605
Bugzilla Description: pnpm: pnpm symlink traversal in file:/git dependencies
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-22|CWE-59)
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-23890
Severity: moderate
Released on: 26/01/2026
Advisory:
Bugzilla: 2433090
Bugzilla Description: pnpm: pnpm: Arbitrary code execution via path traversal in bin linking
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-23
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-23889
Severity: moderate
Released on: 26/01/2026
Advisory:
Bugzilla: 2433093
Bugzilla Description: pnpm: pnpm: Arbitrary file write via path traversal on Windows
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2025-59472
Severity: moderate
Released on: 26/01/2026
Advisory:
Bugzilla: 2433092
Bugzilla Description: next: NextJS Denial of Service in Partial Pre Rendering
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Trusted Artifact Signer,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2025-59471
Severity: moderate
Released on: 26/01/2026
Advisory:
Bugzilla: 2433094
Bugzilla Description: next: NextJS Denial of Service in Image Optimizer
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Trusted Artifact Signer,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-23888
Severity: moderate
Released on: 26/01/2026
Advisory:
Bugzilla: 2433095
Bugzilla Description: pnpm: pnpm: Arbitrary file write via path traversal in binary fetcher leading to remote code execution
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-22|CWE-23|CWE-426)
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2025-50537
Severity: moderate
Released on: 26/01/2026
Advisory:
Bugzilla: 2432846
Bugzilla Description: eslint: eslint: Denial of Service via stack overflow when serializing objects with circular references
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Cryostat 4,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Multicluster Engine for Kubernetes,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AMQ Broker 7,Red Hat build of Apicurio Registry 2,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Directory Server 11,Red Hat Directory Server 12,Red Hat Directory Server 13,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 3,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-22997
Severity: low
Released on: 25/01/2026
Advisory:
Bugzilla: 2432657
Bugzilla Description: kernel: net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23005
Severity: low
Released on: 25/01/2026
Advisory:
Bugzilla: 2432658
Bugzilla Description: kernel: x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23012
Severity:
Released on: 25/01/2026
Advisory:
Bugzilla: 2432660
Bugzilla Description: kernel: mm/damon/core: remove call_control in inactive contexts
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23004
Severity: moderate
Released on: 25/01/2026
Advisory:
Bugzilla: 2432662
Bugzilla Description: kernel: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22996
Severity: moderate
Released on: 25/01/2026
Advisory:
Bugzilla: 2432663
Bugzilla Description: kernel: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23001
Severity: moderate
Released on: 25/01/2026
Advisory:
Bugzilla: 2432664
Bugzilla Description: kernel: macvlan: fix possible UAF in macvlan_forward_source()
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71162
Severity:
Released on: 25/01/2026
Advisory:
Bugzilla: 2432665
Bugzilla Description: kernel: dmaengine: tegra-adma: Fix use-after-free
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23002
Severity: low
Released on: 25/01/2026
Advisory:
Bugzilla: 2432666
Bugzilla Description: kernel: lib/buildid: use __kernel_read() for sleepable context
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22999
Severity: moderate
Released on: 25/01/2026
Advisory:
Bugzilla: 2432667
Bugzilla Description: kernel: net/sched: sch_qfq: do not free existing class in qfq_change_class()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23013
Severity: moderate
Released on: 25/01/2026
Advisory:
Bugzilla: 2432668
Bugzilla Description: kernel: net: octeon_ep_vf: fix free_irq dev_id mismatch in IRQ rollback
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23009
Severity: low
Released on: 25/01/2026
Advisory:
Bugzilla: 2432669
Bugzilla Description: kernel: xhci: sideband: don't dereference freed ring when removing sideband endpoint
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22998
Severity: moderate
Released on: 25/01/2026
Advisory:
Bugzilla: 2432671
Bugzilla Description: kernel: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23006
Severity:
Released on: 25/01/2026
Advisory:
Bugzilla: 2432672
Bugzilla Description: kernel: ASoC: tlv320adcx140: fix null pointer
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23011
Severity: moderate
Released on: 25/01/2026
Advisory:
Bugzilla: 2432673
Bugzilla Description: kernel: ipv4: ip_gre: make ipgre_header() robust
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-124
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23007
Severity: low
Released on: 25/01/2026
Advisory:
Bugzilla: 2432674
Bugzilla Description: kernel: block: zero non-PI portion of auto integrity buffer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23008
Severity: low
Released on: 25/01/2026
Advisory:
Bugzilla: 2432675
Bugzilla Description: kernel: drm/vmwgfx: Fix KMS with 3D on HW version 10
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23010
Severity: moderate
Released on: 25/01/2026
Advisory:
Bugzilla: 2432676
Bugzilla Description: kernel: Linux kernel: Use-after-free in IPv6 address deletion may lead to a denial of service
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23000
Severity: moderate
Released on: 25/01/2026
Advisory:
Bugzilla: 2432677
Bugzilla Description: kernel: Linux kernel (mlx5e): Denial of Service due to NULL pointer dereference during network profile change
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71163
Severity:
Released on: 25/01/2026
Advisory:
Bugzilla: 2432678
Bugzilla Description: kernel: dmaengine: idxd: fix device leaks on compat bind and unbind
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23003
Severity: moderate
Released on: 25/01/2026
Advisory:
Bugzilla: 2432681
Bugzilla Description: kernel: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv()
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-457
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-24401
Severity: moderate
Released on: 24/01/2026
Advisory:
Bugzilla: 2432534
Bugzilla Description: avahi: Avahi: Denial of Service via recursive CNAME record in mDNS response
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-674
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-1386
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432490
Bugzilla Description: firecracker: Firecracker jailer: Arbitrary file overwrite via symlink attack
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-61
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-1299
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432437
Bugzilla Description: cpython: email header injection due to unquoted newlines
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-93
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,
Full Details
CVE document

CVE-2026-0994
Severity: important
Released on: 23/01/2026
Advisory:
Bugzilla: 2432398
Bugzilla Description: python: protobuf: Protobuf: Denial of Service due to recursion depth bypass
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-674
Affected Packages:
Package States: AMQ Clients,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat OpenStack Platform 16.2,
Full Details
CVE document

CVE-2026-24515
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432312
Bugzilla Description: libexpat: libexpat null pointer dereference
CVSS Score:
CVSSv3 Score: 2.9
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0775
Severity: important
Released on: 23/01/2026
Advisory:
Bugzilla: 2432280
Bugzilla Description: npmcli: npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-732
Affected Packages:
Package States: Confidential Compute Attestation,Cryostat 4,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Serverless,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat Connectivity Link 1,Red Hat Developer Hub,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Single Sign-On 7,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2025-15059
Severity: important
Released on: 23/01/2026
Advisory:
Bugzilla: 2432296
Bugzilla Description: gimp: heap-based buffer overflow via specially crafted PSP file
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-24137
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432246
Bugzilla Description: github.com/sigstore/sigstore: sigstore legacy TUF client allows for arbitrary file writes with target cache path traversal
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-22
Affected Packages:
Package States: Assisted Installer for Red Hat OpenShift Container Platform 2,Confidential Compute Attestation,Kernel Module Management Operator for Red Hat Openshift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multiarch Tuning Operator,Multiarch Tuning Operator,Multicluster Engine for Kubernetes,Network Observability Operator,Node HealthCheck Operator,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 3,Pen Drive Powered by Red Hat Lightspeed,Power monitoring for Red Hat OpenShift,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Build of Kueue,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Security Profiles Operator,Security Profiles Operator,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,
Full Details
CVE document

CVE-2025-71145
Severity:
Released on: 23/01/2026
Advisory:
Bugzilla: 2432353
Bugzilla Description: kernel: usb: phy: isp1301: fix non-OF device reference imbalance
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71156
Severity: important
Released on: 23/01/2026
Advisory:
Bugzilla: 2432357
Bugzilla Description: kernel: gve: defer interrupt enabling until NAPI registration
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71149
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432358
Bugzilla Description: kernel: io_uring/poll: correctly handle io_poll_add() return value on update
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71152
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432359
Bugzilla Description: kernel: net: dsa: properly keep track of conduit reference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71157
Severity: important
Released on: 23/01/2026
Advisory:
Bugzilla: 2432360
Bugzilla Description: kernel: RDMA/core: always drop device refcount in ib_del_sub_device_and_put()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71146
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432361
Bugzilla Description: kernel: netfilter: nf_conncount: fix leaked ct in error paths
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71151
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432362
Bugzilla Description: kernel: cifs: Fix memory and information leak in smb3_reconfigure()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71153
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432363
Bugzilla Description: kernel: ksmbd: Fix memory leak in get_file_all_info()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71150
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432364
Bugzilla Description: kernel: ksmbd: Fix refcount leak when invalid session is found on session lookup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71155
Severity:
Released on: 23/01/2026
Advisory:
Bugzilla: 2432365
Bugzilla Description: kernel: KVM: s390: Fix gmap_helper_zap_one_page() again
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71147
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432366
Bugzilla Description: kernel: Linux kernel: Denial of Service due to memory leak in tpm2_load_cmd
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71148
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432367
Bugzilla Description: kernel: net/handshake: restore destructor on submit failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71154
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432368
Bugzilla Description: kernel: net: usb: rtl8150: fix memory leak on usb_submit_urb() failure
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22989
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432374
Bugzilla Description: kernel: nfsd: check that server is running in unlock_filesystem
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22988
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432375
Bugzilla Description: kernel: arp: do not assume dev_hard_header() does not change skb->head
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22993
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432376
Bugzilla Description: kernel: idpf: Fix RSS LUT NULL ptr issue after soft reset
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22987
Severity: important
Released on: 23/01/2026
Advisory:
Bugzilla: 2432377
Bugzilla Description: kernel: net/sched: act_api: avoid dereferencing ERR_PTR in tcf_idrinfo_destroy
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71159
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432378
Bugzilla Description: kernel: btrfs: fix use-after-free warning in btrfs_get_or_create_delayed_node()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22995
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432379
Bugzilla Description: kernel: ublk: fix use-after-free in ublk_partition_scan_work
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22985
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432381
Bugzilla Description: kernel: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22978
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432383
Bugzilla Description: kernel: wifi: avoid kernel-infoleak from struct iw_point
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22991
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432384
Bugzilla Description: kernel: libceph: make free_choose_arg_map() resilient to partial allocation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22980
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432385
Bugzilla Description: kernel: nfsd: provide locking for v4_end_grace
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22981
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432386
Bugzilla Description: kernel: idpf: detach and close netdevs while handling a reset
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22992
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432387
Bugzilla Description: kernel: libceph: return the handler error from mon_handle_auth_done()
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22984
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432389
Bugzilla Description: kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22986
Severity: important
Released on: 23/01/2026
Advisory:
Bugzilla: 2432390
Bugzilla Description: kernel: gpiolib: fix race condition for gdev->srcu
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71160
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432392
Bugzilla Description: kernel: netfilter: nf_tables: avoid chain re-validation if possible
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22982
Severity:
Released on: 23/01/2026
Advisory:
Bugzilla: 2432393
Bugzilla Description: kernel: net: mscc: ocelot: Fix crash when adding interface under a lag
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71158
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432395
Bugzilla Description: kernel: gpio: mpsse: ensure worker is torn down
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22994
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432396
Bugzilla Description: kernel: bpf: Fix reference count leak in bpf_prog_test_run_xdp()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22983
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432399
Bugzilla Description: kernel: net: do not write to msg_get_inq in callee
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22990
Severity: moderate
Released on: 23/01/2026
Advisory:
Bugzilla: 2432400
Bugzilla Description: kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71161
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432401
Bugzilla Description: kernel: dm-verity: disable recursive forward error correction
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22979
Severity: low
Released on: 23/01/2026
Advisory:
Bugzilla: 2432402
Bugzilla Description: kernel: net: fix memory leak in skb_segment_list for GRO packets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-24117
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2432218
Bugzilla Description: github.com/sigstore/rekor: Rekor Server-Side Request Forgery (SSRF)
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-918
Affected Packages:
Package States: Assisted Installer for Red Hat OpenShift Container Platform 2,Confidential Compute Attestation,Kernel Module Management Operator for Red Hat Openshift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multiarch Tuning Operator,Multiarch Tuning Operator,Multicluster Engine for Kubernetes,Network Observability Operator,Node HealthCheck Operator,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 3,Pen Drive Powered by Red Hat Lightspeed,Power monitoring for Red Hat OpenShift,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Build of Kueue,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift GitOps,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Security Profiles Operator,Security Profiles Operator,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,
Full Details
CVE document

CVE-2026-20912
Severity: critical
Released on: 22/01/2026
Advisory:
Bugzilla: 2432219
Bugzilla Description: gitea: Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure
CVSS Score:
CVSSv3 Score: 9.1
Vector:
CWE: (CWE-284|CWE-639)
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2026-20897
Severity: critical
Released on: 22/01/2026
Advisory:
Bugzilla: 2432204
Bugzilla Description: gitea: Gitea Git LFS Lock Deletion Broken Access Control (Cross-Repo IDOR)
CVSS Score:
CVSSv3 Score: 9.1
Vector:
CWE: (CWE-284|CWE-639)
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2026-20888
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2432211
Bugzilla Description: gitea: Gitea Pull Requests Auto-Merge: Read-Only Users Can Cancel Scheduled Auto-Merge via Web Endpoint (Authorization Bypass)
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: (CWE-284|CWE-862)
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2026-20904
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2432217
Bugzilla Description: gitea: Gitea: Broken access control in OpenID visibility toggle enables cross-user visibility changes
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-284|CWE-639)
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2026-20883
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2432214
Bugzilla Description: gitea: Gitea Stopwatch API Missing Authorization Check Leads to Post-Revocation Information Disclosure
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-284
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2026-20736
Severity: important
Released on: 22/01/2026
Advisory:
Bugzilla: 2432205
Bugzilla Description: gitea: Gitea Web Attachment Deletion: Cross-Repository Unauthorized Deletion via Missing Repo Ownership Check
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-284
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2026-0798
Severity: low
Released on: 22/01/2026
Advisory:
Bugzilla: 2432209
Bugzilla Description: gitea: Gitea Release Email Notifications Leak Private Repository Release Details After Access Revocation
CVSS Score:
CVSSv3 Score: 3.5
Vector:
CWE: CWE-497
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2026-20750
Severity: critical
Released on: 22/01/2026
Advisory:
Bugzilla: 2432216
Bugzilla Description: gitea: Gitea Organization Projects Cross-Organization Authorization Bypass via Project ID (IDOR)
CVSS Score:
CVSSv3 Score: 9.1
Vector:
CWE: CWE-284
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2026-23831
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2432169
Bugzilla Description: github.com/sigstore/rekor: Rekor denial of service
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-476
Affected Packages:
Package States: Assisted Installer for Red Hat OpenShift Container Platform 2,Assisted Installer for Red Hat OpenShift Container Platform 2,Compliance Operator,Confidential Compute Attestation,Confidential Compute Attestation,File Integrity Operator,Kernel Module Management Operator for Red Hat Openshift,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multiarch Tuning Operator,Multiarch Tuning Operator,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Node HealthCheck Operator,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 3,Power monitoring for Red Hat OpenShift,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Build of Kueue,Red Hat Certification Program for Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift GitOps,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Web Terminal,Security Profiles Operator,Security Profiles Operator,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,
Full Details
CVE document

CVE-2025-22234
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2432173
Bugzilla Description: org.springframework.security/spring-security-core: Spring Security - BCrypt Password Encoder maximum password length breaks timing attack mitigation
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-208
Affected Packages:
Package States: OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-1260
Severity: important
Released on: 22/01/2026
Advisory:
Bugzilla: 2432079
Bugzilla Description: sentencepiece: Sentencepiece: Invalid memory access leading to potential arbitrary code execution via a crafted model file.
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-119
Affected Packages:
Package States: Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2025-15523
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2432045
Bugzilla Description: inkscape: TCC Bypass via Inherited Permissions in Bundled Interpreter in Inkscape.app
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-276
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-1225
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2431998
Bugzilla Description: ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-20
Affected Packages:
Package States: AMQ Clients,Logging Subsystem for Red Hat OpenShift,OpenShift Serverless,OpenShift Serverless,Red Hat AMQ Broker 7,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Debezium 2,Red Hat build of Debezium 3,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Web Server 6,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2025-71176
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2431969
Bugzilla Description: pytest: pytest: Denial of Service or Privilege Escalation via insecure temporary directory handling
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-379
Affected Packages:
Package States: OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,
Full Details
CVE document

CVE-2026-24049
Severity: important
Released on: 22/01/2026
Advisory: RHSA-2026:1504,
Bugzilla: 2431959
Bugzilla Description: wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: (CWE-22|CWE-732)
Affected Packages: satellite/foreman-mcp-server-rhel9:sha256:ff4edaa605127e763ada037ec63ab7cc2054b853f079e7e28a0355234b24b2a0,
Package States: Fence Agents Remediation Operator,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,Red Hat Advanced Cluster Security 4,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,
Full Details
CVE document

CVE-2026-24006
Severity: important
Released on: 22/01/2026
Advisory:
Bugzilla: 2431924
Bugzilla Description: seroval: Seroval: Denial of Service due to excessive recursion during object serialization
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-24001
Severity: important
Released on: 22/01/2026
Advisory:
Bugzilla: 2431930
Bugzilla Description: jsdiff: denial of service vulnerability in parsePatch and applyPatch
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-23992
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2431929
Bugzilla Description: github.com/theupdateframework/go-tuf/v2: go-tuf improperly validates the configured threshold for delegations
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-347
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat OpenShift Dev Spaces,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Web Terminal,Security Profiles Operator,Security Profiles Operator,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,
Full Details
CVE document

CVE-2026-23991
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2431928
Bugzilla Description: github.com/theupdateframework/go-tuf/v2: go-tuf client DoS via malformed server response
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: (CWE-617|CWE-754)
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat OpenShift Dev Spaces,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Web Terminal,Security Profiles Operator,Security Profiles Operator,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,
Full Details
CVE document

CVE-2026-23957
Severity: important
Released on: 22/01/2026
Advisory:
Bugzilla: 2431914
Bugzilla Description: seroval: Seroval: Denial of Service via large encoded array lengths
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-23956
Severity: important
Released on: 22/01/2026
Advisory:
Bugzilla: 2431917
Bugzilla Description: seroval: Seroval: Denial of Service via malicious regular expressions during deserialization
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1333
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-23952
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2431905
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via processing of MSL comment tags
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-23893
Severity: moderate
Released on: 22/01/2026
Advisory:
Bugzilla: 2431909
Bugzilla Description: openCryptoki: openCryptoki: Privilege Escalation or Data Exposure via Symlink Following
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-59
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-67221
Severity:
Released on: 22/01/2026
Advisory:
Bugzilla: 2432074
Bugzilla Description: orjson: orjson: Denial of Service due to unbounded recursion with deeply nested JSON documents
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-23737
Severity: important
Released on: 21/01/2026
Advisory:
Bugzilla: 2431896
Bugzilla Description: seroval: seroval: Arbitrary Code Execution via Improper JSON Deserialization
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-502
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-23736
Severity: important
Released on: 21/01/2026
Advisory:
Bugzilla: 2431898
Bugzilla Description: seroval: seroval: Prototype pollution via improper input validation during JSON deserialization
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-1321
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-24048
Severity: low
Released on: 21/01/2026
Advisory:
Bugzilla: 2431884
Bugzilla Description: @backstage/backend-defaults: Backstage SSRF when reading from allowed URL's in `backend.reading.allow`
CVSS Score:
CVSSv3 Score: 3.5
Vector:
CWE: CWE-918
Affected Packages:
Package States: Red Hat Developer Hub,
Full Details
CVE document

CVE-2026-24047
Severity: moderate
Released on: 21/01/2026
Advisory:
Bugzilla: 2431880
Bugzilla Description: @backstage/backend-plugin-api: @backstage/cli-common Symlink Chain Bypass
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: (CWE-59|CWE-61)
Affected Packages:
Package States: Red Hat Developer Hub,
Full Details
CVE document

CVE-2026-24046
Severity: important
Released on: 21/01/2026
Advisory:
Bugzilla: 2431878
Bugzilla Description: backstage/backend-defaults: backstage/plugin-scaffolder-backend: backstage/plugin-scaffolder-node: possible symlink path traversal in scaffolder actions
CVSS Score:
CVSSv3 Score: 9.1
Vector:
CWE: (CWE-22|CWE-59)
Affected Packages:
Package States: Red Hat Developer Hub,
Full Details
CVE document

CVE-2026-23960
Severity: important
Released on: 21/01/2026
Advisory:
Bugzilla: 2431881
Bugzilla Description: argo-workflows: Argo Workflows: Privilege escalation and information disclosure via stored Cross-Site Scripting (XSS)
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-22822
Severity: important
Released on: 21/01/2026
Advisory:
Bugzilla: 2431873
Bugzilla Description: external-secrets: External Secrets Operator: Cross-Namespace Secret Disclosure via `getSecretKey` Function
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-863
Affected Packages:
Package States: External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,external secrets operator for Red Hat OpenShift - Tech Preview,external secrets operator for Red Hat OpenShift - Tech Preview,external secrets operator for Red Hat OpenShift - Tech Preview,external secrets operator for Red Hat OpenShift - Tech Preview,
Full Details
CVE document

CVE-2026-22807
Severity: important
Released on: 21/01/2026
Advisory:
Bugzilla: 2431865
Bugzilla Description: vLLM: vLLM: Arbitrary code execution via untrusted model loading
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-94
Affected Packages:
Package States: Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2025-12781
Severity: moderate
Released on: 21/01/2026
Advisory:
Bugzilla: 2431736
Bugzilla Description: cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,
Full Details
CVE document

CVE-2025-13465
Severity: important
Released on: 21/01/2026
Advisory:
Bugzilla: 2431740
Bugzilla Description: lodash: prototype pollution in _.unset and _.omit functions
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-1321
Affected Packages:
Package States: Confidential Compute Attestation,Cryostat 4,Gatekeeper 3,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of OptaPlanner 8,Red Hat Ceph Storage 4,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Ceph Storage 8,Red Hat Connectivity Link 1,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Directory Server 11,Red Hat Directory Server 12,Red Hat Directory Server 13,Red Hat Discovery 2,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-22022
Severity: moderate
Released on: 21/01/2026
Advisory:
Bugzilla: 2431603
Bugzilla Description: org.apache.solr/solr-core: Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-285
Affected Packages:
Package States: Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-22444
Severity: moderate
Released on: 21/01/2026
Advisory:
Bugzilla: 2431604
Bugzilla Description: org.apache.solr/solr-core: Apache Solr: Insufficient file-access checking in standalone core-creation requests
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-22977
Severity: moderate
Released on: 21/01/2026
Advisory:
Bugzilla: 2431602
Bugzilla Description: kernel: net: sock: fix hardened usercopy panic in sock_recv_errqueue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-489
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22976
Severity: moderate
Released on: 21/01/2026
Advisory:
Bugzilla: 2431522
Bugzilla Description: kernel: Linux kernel: Denial of Service in sch_qfq due to NULL pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-14559
Severity: moderate
Released on: 21/01/2026
Advisory:
Bugzilla: 2421711
Bugzilla Description: org.keycloak/keycloak-services: Keycloak keycloak-services: Business logic flaw allows unauthorized token issuance for disabled users
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-840
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document

CVE-2026-1035
Severity: low
Released on: 21/01/2026
Advisory:
Bugzilla: 2430314
Bugzilla Description: org.keycloak.protocol.oidc: Keycloak Refresh Token Reuse Bypass via TOCTOU Race Condition
CVSS Score:
CVSSv3 Score: 3.1
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Build of Keycloak,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2025-13878
Severity: important
Released on: 21/01/2026
Advisory:
Bugzilla: 2431600
Bugzilla Description: bind: bind: Denial of Service via corrupt or malicious record
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-66960
Severity: moderate
Released on: 21/01/2026
Advisory:
Bugzilla: 2431705
Bugzilla Description: ollama: ollama: Denial of Service via untrusted GGUF metadata string length
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2025-66959
Severity: moderate
Released on: 21/01/2026
Advisory:
Bugzilla: 2431713
Bugzilla Description: ollama: ollama: Denial of Service via GGUF decoder
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-0672
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431374
Bugzilla Description: cpython: Header injection in http.cookies.Morsel in Python
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-93
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,
Full Details
CVE document

CVE-2025-15367
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431373
Bugzilla Description: cpython: POP3 command injection in user-controlled commands
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-77
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,
Full Details
CVE document

CVE-2025-15366
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431368
Bugzilla Description: cpython: IMAP command injection in user-controlled commands
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-77
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,
Full Details
CVE document

CVE-2025-15282
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431366
Bugzilla Description: cpython: Header injection via newlines in data URL mediatype in Python
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-93
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,
Full Details
CVE document

CVE-2026-0865
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431367
Bugzilla Description: cpython: wsgiref.headers.Headers allows header newline injection in Python
CVSS Score:
CVSSv3 Score: 4.5
Vector:
CWE: CWE-74
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,
Full Details
CVE document

CVE-2026-21925
Severity: moderate
Released on: 20/01/2026
Advisory: RHSA-2026:0895, RHSA-2026:0896, RHSA-2026:0899, RHSA-2026:0932, RHSA-2026:0900, RHSA-2026:0933, RHSA-2026:0897, RHSA-2026:0898, RHSA-2026:0931, RHSA-2026:0848, RHSA-2026:0849, RHSA-2026:0901, RHSA-2026:0847, RHSA-2026:0927, RHSA-2026:0928,
Bugzilla: 2429924
Bugzilla Description: openjdk: Improve JMX connections (Oracle CPU 2026-01)
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-322
Affected Packages: java-11-openjdk-1:11.0.30.0.7-1.el7_9,java-25-openjdk-1:25.0.2.0.10-1.el10,java-1.8.0-openjdk-1:1.8.0.482.b08-1.el7_9,java-21-openjdk-portable,java-21-openjdk-1:21.0.10.0.7-1.el9,java-1.8.0-openjdk-1:1.8.0.482.b08-1.el9,java-21-openjdk-windows,java-25-openjdk-1:25.0.2.0.10-1.el9,java-21-openjdk-1:21.0.10.0.7-1.el8,java-21-openjdk-1:21.0.10.0.7-1.el10,java-1.8.0-openjdk-1:1.8.0.482.b08-1.el8,java-17-openjdk-1:17.0.18.0.8-1.el9,java-17-openjdk-1:17.0.18.0.8-1.el8,java-25-openjdk-portable,java-1.8.0-openjdk-windows,java-11-openjdk-portable,java-11-openjdk-windows,java-11-openjdk-1:11.0.30.0.7-1.el9,java-17-openjdk-portable,java-11-openjdk-1:11.0.30.0.7-1.el8,java-17-openjdk-windows,java-1.8.0-openjdk-portable,
Package States: Red Hat build of OpenJDK 25,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-21932
Severity: important
Released on: 20/01/2026
Advisory: RHSA-2026:0896, RHSA-2026:0900, RHSA-2026:0898, RHSA-2026:0849,
Bugzilla: 2429925
Bugzilla Description: openjdk: Enhance Handling of URIs (Oracle CPU 2026-01)
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-1287
Affected Packages: java-1.8.0-openjdk-windows,java-11-openjdk-windows,java-17-openjdk-windows,java-21-openjdk-windows,
Package States: Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 1.8,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 25,Red Hat build of OpenJDK 25,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-21933
Severity: moderate
Released on: 20/01/2026
Advisory: RHSA-2026:0895, RHSA-2026:0896, RHSA-2026:0899, RHSA-2026:0932, RHSA-2026:0900, RHSA-2026:0933, RHSA-2026:0897, RHSA-2026:0898, RHSA-2026:0931, RHSA-2026:0848, RHSA-2026:0849, RHSA-2026:0901, RHSA-2026:0847, RHSA-2026:0927, RHSA-2026:0928,
Bugzilla: 2429926
Bugzilla Description: openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-93
Affected Packages: java-11-openjdk-1:11.0.30.0.7-1.el7_9,java-25-openjdk-1:25.0.2.0.10-1.el10,java-1.8.0-openjdk-1:1.8.0.482.b08-1.el7_9,java-21-openjdk-portable,java-21-openjdk-1:21.0.10.0.7-1.el9,java-1.8.0-openjdk-1:1.8.0.482.b08-1.el9,java-21-openjdk-windows,java-25-openjdk-1:25.0.2.0.10-1.el9,java-21-openjdk-1:21.0.10.0.7-1.el8,java-21-openjdk-1:21.0.10.0.7-1.el10,java-1.8.0-openjdk-1:1.8.0.482.b08-1.el8,java-17-openjdk-1:17.0.18.0.8-1.el9,java-17-openjdk-1:17.0.18.0.8-1.el8,java-25-openjdk-portable,java-1.8.0-openjdk-windows,java-11-openjdk-portable,java-11-openjdk-windows,java-11-openjdk-1:11.0.30.0.7-1.el9,java-17-openjdk-portable,java-11-openjdk-1:11.0.30.0.7-1.el8,java-17-openjdk-windows,java-1.8.0-openjdk-portable,
Package States: Red Hat build of OpenJDK 25,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-21945
Severity: important
Released on: 20/01/2026
Advisory: RHSA-2026:0895, RHSA-2026:0896, RHSA-2026:0899, RHSA-2026:0932, RHSA-2026:0900, RHSA-2026:0933, RHSA-2026:0897, RHSA-2026:0898, RHSA-2026:0931, RHSA-2026:0848, RHSA-2026:0849, RHSA-2026:0901, RHSA-2026:0847, RHSA-2026:0927, RHSA-2026:0928,
Bugzilla: 2429927
Bugzilla Description: openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-295
Affected Packages: java-11-openjdk-1:11.0.30.0.7-1.el7_9,java-25-openjdk-1:25.0.2.0.10-1.el10,java-1.8.0-openjdk-1:1.8.0.482.b08-1.el7_9,java-21-openjdk-portable,java-21-openjdk-1:21.0.10.0.7-1.el9,java-1.8.0-openjdk-1:1.8.0.482.b08-1.el9,java-21-openjdk-windows,java-25-openjdk-1:25.0.2.0.10-1.el9,java-21-openjdk-1:21.0.10.0.7-1.el8,java-21-openjdk-1:21.0.10.0.7-1.el10,java-1.8.0-openjdk-1:1.8.0.482.b08-1.el8,java-17-openjdk-1:17.0.18.0.8-1.el9,java-17-openjdk-1:17.0.18.0.8-1.el8,java-25-openjdk-portable,java-1.8.0-openjdk-windows,java-11-openjdk-portable,java-11-openjdk-windows,java-11-openjdk-1:11.0.30.0.7-1.el9,java-17-openjdk-portable,java-11-openjdk-1:11.0.30.0.7-1.el8,java-17-openjdk-windows,java-1.8.0-openjdk-portable,
Package States: Red Hat build of OpenJDK 25,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2025-11468
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431375
Bugzilla Description: cpython: Missing character filtering in Python
CVSS Score:
CVSSv3 Score: 4.5
Vector:
CWE: CWE-140
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,
Full Details
CVE document

CVE-2025-55132
Severity: low
Released on: 20/01/2026
Advisory:
Bugzilla: 2431338
Bugzilla Description: nodejs: Nodejs filesystem permissions bypass
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-281
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-21637
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431340
Bugzilla Description: nodejs: Nodejs denial of service
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-248
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-21636
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431342
Bugzilla Description: nodejs: Nodejs network segmentation bypass
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-281
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-59466
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431343
Bugzilla Description: nodejs: Nodejs denial of service
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-59464
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431344
Bugzilla Description: nodejs: Nodejs memory leak
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-59465
Severity: important
Released on: 20/01/2026
Advisory:
Bugzilla: 2431349
Bugzilla Description: nodejs: Nodejs denial of service
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-248
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-55131
Severity: important
Released on: 20/01/2026
Advisory:
Bugzilla: 2431350
Bugzilla Description: nodejs: Nodejs uninitialized memory exposure
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-497
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-55130
Severity: important
Released on: 20/01/2026
Advisory:
Bugzilla: 2431352
Bugzilla Description: nodejs: Nodejs file permissions bypass
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-281
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-33230
Severity: important
Released on: 20/01/2026
Advisory:
Bugzilla: 2431287
Bugzilla Description: nsight-systems: NVIDIA Nsight Systems for Linux: Privilege escalation and code execution via OS command injection in installer
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,
Full Details
CVE document

CVE-2025-33229
Severity: important
Released on: 20/01/2026
Advisory:
Bugzilla: 2431289
Bugzilla Description: nsight-systems: NVIDIA Nsight Visual Studio for Windows: Arbitrary Code Execution and Privilege Escalation in Nsight Monitor
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-427
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,
Full Details
CVE document

CVE-2025-33228
Severity: important
Released on: 20/01/2026
Advisory:
Bugzilla: 2431292
Bugzilla Description: nsight-systems: Nsight Systems: Arbitrary code execution via OS command injection
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,
Full Details
CVE document

CVE-2025-15281
Severity: low
Released on: 20/01/2026
Advisory:
Bugzilla: 2431196
Bugzilla Description: glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-14369
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431172
Bugzilla Description: dr_flac: dr_flac: Denial of Service via integer overflow in FLAC metadata
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-23876
Severity: important
Released on: 20/01/2026
Advisory:
Bugzilla: 2431038
Bugzilla Description: ImageMagick: ImageMagick: Arbitrary code execution via a crafted XBM image file
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: (CWE-122|CWE-190)
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-23874
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431034
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via infinite recursion in MSL command
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-22770
Severity: moderate
Released on: 20/01/2026
Advisory:
Bugzilla: 2431037
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service due to improper pointer initialization
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2026-23950
Severity: important
Released on: 20/01/2026
Advisory:
Bugzilla: 2431036
Bugzilla Description: node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: (CWE-176|CWE-352|CWE-367)
Affected Packages:
Package States: Confidential Compute Attestation,Cryostat 4,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Serverless,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat Connectivity Link 1,Red Hat Developer Hub,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift GitOps,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2026-23949
Severity: important
Released on: 20/01/2026
Advisory:
Bugzilla: 2431026
Bugzilla Description: jaraco.context: jaraco.context: Path traversal via malicious tar archives
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: CWE-22
Affected Packages:
Package States:
Full Details
CVE document

CVE-2024-31884
Severity: moderate
Released on: 20/01/2026
Advisory: RHSA-2026:1536,
Bugzilla: 2389907
Bugzilla Description: pybind: Improper use of Pybind
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-295
Affected Packages: ceph-2:20.1.0-144.el10cp,
Package States: Red Hat Ceph Storage 7,Red Hat Ceph Storage 8,
Full Details
CVE document

CVE-2025-56005
Severity: important
Released on: 20/01/2026
Advisory:
Bugzilla: 2431308
Bugzilla Description: ply: Unsafe pickle file handling in Ply
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-502
Affected Packages:
Package States: Fence Agents Remediation Operator,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ceph Storage 7,Red Hat Ceph Storage 8,Red Hat Certification Program for Red Hat Enterprise Linux 9,Red Hat Certification Program for Red Hat Enterprise Linux 9,Red Hat Directory Server 13,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,
Full Details
CVE document

CVE-2026-23833
Severity: low
Released on: 19/01/2026
Advisory:
Bugzilla: 2430945
Bugzilla Description: ESPHome: ESPHome: Denial of Service via integer overflow in API protobuf decoder
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-23884
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2430880
Bugzilla Description: freerdp: FreeRDP: Denial of Service and potential code execution via use-after-free vulnerability
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23883
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2430885
Bugzilla Description: freerdp: FreeRDP: Arbitrary code execution and denial of service via malicious server
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23732
Severity: moderate
Released on: 19/01/2026
Advisory:
Bugzilla: 2430881
Bugzilla Description: freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23534
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2430888
Bugzilla Description: freerdp: FreeRDP: Arbitrary code execution and denial of service via client-side heap buffer overflow
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23533
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2430886
Bugzilla Description: freerdp: FreeRDP: Heap buffer overflow leads to denial of service and potential code execution
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23532
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2430891
Bugzilla Description: freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23531
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2430887
Bugzilla Description: freerdp: FreeRDP: Heap buffer overflow via crafted RDPGFX surface updates leads to denial of service and potential code execution.
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-23530
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2430877
Bugzilla Description: freerdp: FreeRDP: Heap buffer overflow leading to denial of service and potential code execution from a malicious server.
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68616
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2430858
Bugzilla Description: WeasyPrint: WeasyPrint Server-Side Request Forgery (SSRF)
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-918
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,
Full Details
CVE document

CVE-2026-0603
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2427147
Bugzilla Description: org.hibernate/hibernate-core: Hibernate: Information disclosure and data deletion via second-order SQL injection
CVSS Score:
CVSSv3 Score: 8.3
Vector:
CWE: CWE-89
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-1190
Severity: low
Released on: 19/01/2026
Advisory:
Bugzilla: 2430835
Bugzilla Description: org.keycloak/keycloak-services: Keycloak SAML brokering: Response delay due to unchecked NotOnOrAfter in SubjectConfirmationData
CVSS Score:
CVSSv3 Score: 3.1
Vector:
CWE: CWE-112
Affected Packages:
Package States: Red Hat Build of Keycloak,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-1200
Severity: moderate
Released on: 19/01/2026
Advisory:
Bugzilla: 2430836
Bugzilla Description: live555: live555: Remote Code Execution via segmentation fault in increaseBufferTo function
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-1145
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2430790
Bugzilla Description: quickjs-ng: quickjs-ng quickjs: Heap-based buffer overflow leading to information disclosure or denial of service
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-1144
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2430785
Bugzilla Description: quickjs-ng: quickjs-ng: Use-after-free vulnerability in Atomics Ops Handler
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: (CWE-119|CWE-416)
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-1180
Severity: moderate
Released on: 19/01/2026
Advisory:
Bugzilla: 2430781
Bugzilla Description: org.keycloak.protocol.oidc: Blind Server-Side Request Forgery (SSRF) in Keycloak OIDC Dynamic Client Registration via jwks_uri
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-918
Affected Packages:
Package States: Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat Build of Keycloak,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-22797
Severity: important
Released on: 19/01/2026
Advisory:
Bugzilla: 2430879
Bugzilla Description: keystonemiddleware: From CVEorg collector
CVSS Score:
CVSSv3 Score: 9.9
Vector:
CWE: CWE-290
Affected Packages:
Package States: Red Hat OpenShift Container Platform 4,Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,
Full Details
CVE document

CVE-2025-15538
Severity: moderate
Released on: 18/01/2026
Advisory:
Bugzilla: 2430745
Bugzilla Description: assimp: Assimp: Use-after-free vulnerability in FindUVChannels allows local impact
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-119|CWE-416)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15537
Severity: moderate
Released on: 18/01/2026
Advisory:
Bugzilla: 2430673
Bugzilla Description: mapnik: Mapnik: Heap-based buffer overflow via string_value function manipulation
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-15536
Severity: moderate
Released on: 18/01/2026
Advisory:
Bugzilla: 2430670
Bugzilla Description: opencc: OpenCC: Heap-based buffer overflow in MaxMatchSegmentation function allows local attackers to impact system integrity.
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States: Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2025-15534
Severity: moderate
Released on: 18/01/2026
Advisory:
Bugzilla: 2430663
Bugzilla Description: raylib: raylib: Integer overflow vulnerability in LoadFontData
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-189|CWE-190)
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-15533
Severity: moderate
Released on: 18/01/2026
Advisory:
Bugzilla: 2430661
Bugzilla Description: raylib: raylib: Heap-based buffer overflow via GenImageFontAtlas function manipulation
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-23745
Severity: important
Released on: 16/01/2026
Advisory:
Bugzilla: 2430538
Bugzilla Description: node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-22
Affected Packages:
Package States: Confidential Compute Attestation,Cryostat 4,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Serverless,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat Connectivity Link 1,Red Hat Developer Hub,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift GitOps,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2021-47839
Severity: important
Released on: 16/01/2026
Advisory:
Bugzilla: 2430451
Bugzilla Description: marky: Marky: Remote Code Execution via persistent cross-site scripting
CVSS Score:
Vector:
CWE: CWE-79
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-23490
Severity: important
Released on: 16/01/2026
Advisory:
Bugzilla: 2430472
Bugzilla Description: pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Fence Agents Remediation Operator,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 7,Red Hat Ceph Storage 8,Red Hat Directory Server 13,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,
Full Details
CVE document

CVE-2025-29943
Severity: low
Released on: 16/01/2026
Advisory:
Bugzilla: 2430399
Bugzilla Description: AMD EPYC™ 9004 Series Processors: From CVEorg collector
CVSS Score:
CVSSv3 Score: 3.2
Vector:
CWE: CWE-123
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-0858
Severity: moderate
Released on: 16/01/2026
Advisory:
Bugzilla: 2430303
Bugzilla Description: plantuml: PlantUML: Arbitrary script execution via Stored Cross-Site Scripting in GraphViz diagrams
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE:
Affected Packages:
Package States: OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,
Full Details
CVE document

CVE-2025-24531
Severity: moderate
Released on: 16/01/2026
Advisory:
Bugzilla: 2430414
Bugzilla Description: pam_pkcs11: authentication bypass in error situations
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-393
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2025-62291
Severity: important
Released on: 16/01/2026
Advisory:
Bugzilla: 2430429
Bugzilla Description: strongswan: strongSwan: Arbitrary Code Execution and Denial of Service via crafted EAP-MSCHAPv2 message
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-191
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-22045
Severity: moderate
Released on: 15/01/2026
Advisory:
Bugzilla: 2430198
Bugzilla Description: traefik: Traefik: Denial of Service via ACME TLS-ALPN fast path resource exhaustion
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat OpenShift Dev Spaces,
Full Details
CVE document

CVE-2026-0915
Severity: moderate
Released on: 15/01/2026
Advisory: RHSA-2026:1334,
Bugzilla: 2430201
Bugzilla Description: glibc: glibc: Information disclosure via zero-valued network query
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-908
Affected Packages: glibc-0:2.39-58.el10_1.7,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-1002
Severity: moderate
Released on: 15/01/2026
Advisory:
Bugzilla: 2430180
Bugzilla Description: io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-444
Affected Packages:
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 2,Red Hat build of Debezium 3,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,streams for Apache Kafka 2,streams for Apache Kafka 3,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2025-15265
Severity: moderate
Released on: 15/01/2026
Advisory:
Bugzilla: 2430177
Bugzilla Description: Svelte: Svelte: Remote script execution via Cross-Site Scripting (XSS) in async hydration
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat Build of Podman Desktop - Tech Preview,
Full Details
CVE document

CVE-2026-23527
Severity: important
Released on: 15/01/2026
Advisory:
Bugzilla: 2430110
Bugzilla Description: h3: h3: HTTP Request Smuggling due to improper case-sensitive parsing of Transfer-Encoding header
CVSS Score:
CVSSv3 Score: 8.9
Vector:
CWE: CWE-444
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-23766
Severity: low
Released on: 15/01/2026
Advisory:
Bugzilla: 2430117
Bugzilla Description: istio: Istio: Firewall rule injection via annotation allows limited integrity impact
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-88
Affected Packages:
Package States: cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,ExternalDNS Operator,ExternalDNS Operator,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Connectivity Link 1,Red Hat Connectivity Link 1,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,
Full Details
CVE document

CVE-2026-22775
Severity: important
Released on: 15/01/2026
Advisory:
Bugzilla: 2430109
Bugzilla Description: devalue: devalue: Denial of Service due to improper input validation
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-405
Affected Packages:
Package States: Red Hat Build of Podman Desktop - Tech Preview,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2026-22774
Severity: important
Released on: 15/01/2026
Advisory:
Bugzilla: 2430095
Bugzilla Description: devalue: devalue: Denial of Service due to excessive resource consumption from untrusted input
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-405
Affected Packages:
Package States: Red Hat Build of Podman Desktop - Tech Preview,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2026-0897
Severity: important
Released on: 15/01/2026
Advisory:
Bugzilla: 2430027
Bugzilla Description: Keras: Keras: Denial of Service via crafted HDF5 weight loading file
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2026-0976
Severity: low
Released on: 15/01/2026
Advisory:
Bugzilla: 2429869
Bugzilla Description: org.keycloak/keycloak-quarkus-server: Keycloak: Proxy bypass due to improper handling of matrix parameters in URL paths
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Build of Keycloak,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-0988
Severity: low
Released on: 15/01/2026
Advisory:
Bugzilla: 2429886
Bugzilla Description: glib: GLib: Denial of Service via Integer Overflow in g_buffered_input_stream_peek()
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0989
Severity: low
Released on: 15/01/2026
Advisory:
Bugzilla: 2429933
Bugzilla Description: libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-674
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-0990
Severity: moderate
Released on: 15/01/2026
Advisory:
Bugzilla: 2429959
Bugzilla Description: libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-674
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-0992
Severity: low
Released on: 15/01/2026
Advisory:
Bugzilla: 2429975
Bugzilla Description: libxml2: libxml2: Denial of Service via crafted XML catalogs
CVSS Score:
CVSSv3 Score: 2.9
Vector:
CWE: CWE-400
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-0861
Severity: low
Released on: 14/01/2026
Advisory: RHSA-2026:1334,
Bugzilla: 2429771
Bugzilla Description: glibc: Integer overflow in memalign leads to heap corruption
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-190
Affected Packages: glibc-0:2.39-58.el10_1.7,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-0961
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429763
Bugzilla Description: Wireshark: Wireshark: Denial of Service vulnerability in BLF file parser
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0962
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429764
Bugzilla Description: Wireshark: Wireshark: Denial of Service via SOME/IP-SD protocol dissector crash
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0960
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429762
Bugzilla Description: Wireshark: Wireshark: Denial of Service via HTTP3 protocol dissector infinite loop
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0959
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429766
Bugzilla Description: Wireshark: Wireshark: Denial of service via IEEE 802.11 protocol dissector crash
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22036
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429741
Bugzilla Description: undici: Undici: Denial of Service via excessive decompression steps
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-770
Affected Packages:
Package States: Cryostat 4,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Developer Hub,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift GitOps,
Full Details
CVE document

CVE-2026-22859
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429653
Bugzilla Description: freerdp: FreeRDP heap-buffer-overflow
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: (CWE-125|CWE-129)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22858
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429649
Bugzilla Description: freerdp: FreeRDP global-buffer-overflow
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: (CWE-125|CWE-758)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22857
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429656
Bugzilla Description: freerdp: FreeRDP heap-use-after-free
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22856
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429650
Bugzilla Description: freerdp: FreeRDP heap-use-after-free
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: (CWE-362|CWE-416)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22855
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429645
Bugzilla Description: freerdp: FreeRDP heap-buffer-overflow
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22854
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429652
Bugzilla Description: freerdp: FreeRDP heap-buffer-overflow
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22853
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429647
Bugzilla Description: freerdp: FreeRDP heap-buffer-overflow
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22852
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429654
Bugzilla Description: freerdp: FreeRDP heap-buffer-overflow
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22851
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429651
Bugzilla Description: freerdp: FreeRDP RDPGFX ResetGraphics race
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: (CWE-362|CWE-416)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-66169
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429547
Bugzilla Description: camel-neo4j: Apache Camel camel-neo4j: Unauthorized data modification via Cypher Injection
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE:
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,
Full Details
CVE document

CVE-2026-0532
Severity: important
Released on: 14/01/2026
Advisory:
Bugzilla: 2429540
Bugzilla Description: Kibana: Kibana: Arbitrary file disclosure via specially crafted connector configuration
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: CWE-918
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift distributed tracing 3,Red Hat OpenStack Platform 16.2,
Full Details
CVE document

CVE-2025-14242
Severity: moderate
Released on: 14/01/2026
Advisory: RHSA-2026:0606, RHSA-2026:0605, RHSA-2026:0608,
Bugzilla: 2419826
Bugzilla Description: vsftpd: vsftpd: Denial of service via integer overflow in ls command parameter parsing
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-190
Affected Packages: vsftpd-0:3.0.5-10.el10_1.1,vsftpd-0:3.0.3-36.el8_10.3,vsftpd-0:3.0.5-6.el9_7.2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2025-56226
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429564
Bugzilla Description: libsndfile: memory leak when encoding MP3 files due to an incomplete initialization
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71111
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429573
Bugzilla Description: kernel: hwmon: (w83791d) Convert macros to functions to avoid TOCTOU
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71139
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429574
Bugzilla Description: kernel: kernel/kexec: fix IMA when allocation happens in CMA area
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71143
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429575
Bugzilla Description: kernel: clk: samsung: exynos-clkout: Assign .num before accessing .hws
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71140
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429576
Bugzilla Description: kernel: media: mediatek: vcodec: Use spinlock for context list protection lock
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71104
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429577
Bugzilla Description: kernel: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71138
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429578
Bugzilla Description: kernel: drm/msm/dpu: Add missing NULL pointer check for pingpong interface
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71114
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429579
Bugzilla Description: kernel: via_wdt: fix critical boot hang due to unnamed resource allocation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71144
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429580
Bugzilla Description: kernel: mptcp: ensure context reset on disconnect()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71135
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429581
Bugzilla Description: kernel: md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71134
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429582
Bugzilla Description: kernel: mm/page_alloc: change all pageblocks migrate type on coalescing
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71131
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429583
Bugzilla Description: kernel: crypto: seqiv - Do not use req->iv after crypto_aead_encrypt
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71112
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429584
Bugzilla Description: kernel: net: hns3: add VLAN id validation before using
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71110
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429585
Bugzilla Description: kernel: mm/slub: reset KASAN tag in defer_free() before accessing freed memory
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71127
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429587
Bugzilla Description: kernel: wifi: mac80211: Discard Beacon frames to non-broadcast address
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71117
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429589
Bugzilla Description: kernel: block: Remove queue freezing from several sysfs store callbacks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71129
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429590
Bugzilla Description: kernel: LoongArch: BPF: Sign extend kfunc call arguments
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71136
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429591
Bugzilla Description: kernel: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71133
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429592
Bugzilla Description: kernel: RDMA/irdma: avoid invalid read in irdma_net_event
CVSS Score:
CVSSv3 Score: 3.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71105
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429593
Bugzilla Description: kernel: f2fs: use global inline_xattr_slab instead of per-sb slab cache
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71106
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429594
Bugzilla Description: kernel: fs: PM: Fix reverse check in filesystems_freeze_callback()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71123
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429595
Bugzilla Description: kernel: ext4: fix string copying in parse_apply_sb_mount_options()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71125
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429596
Bugzilla Description: kernel: tracing: Do not register unsupported perf events
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71115
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429597
Bugzilla Description: kernel: um: init cpu_tasks[] earlier
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71109
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429598
Bugzilla Description: kernel: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71124
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429600
Bugzilla Description: kernel: drm/msm/a6xx: move preempt_prepare_postamble after error check
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71103
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429601
Bugzilla Description: kernel: drm/msm: adreno: fix deferencing ifpc_reglist when not declared
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71116
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429602
Bugzilla Description: kernel: libceph: make decode_pool() more resilient against corrupted osdmaps
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71132
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429603
Bugzilla Description: kernel: smc91x: fix broken irq-context in PREEMPT_RT
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71119
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429604
Bugzilla Description: kernel: powerpc/kexec: Enable SMT before waking offline CPUs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71130
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429605
Bugzilla Description: kernel: drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71118
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429606
Bugzilla Description: kernel: ACPICA: Avoid walking the Namespace if start_node is NULL
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71120
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429607
Bugzilla Description: kernel: Linux kernel: Denial of Service in SUNRPC via zero-length gss_token
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71121
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429608
Bugzilla Description: kernel: parisc: Do not reprogram affinitiy on ASP chip
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71107
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429609
Bugzilla Description: kernel: f2fs: ensure node page reads complete before f2fs_put_super() finishes
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71137
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429610
Bugzilla Description: kernel: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error"
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71113
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429611
Bugzilla Description: kernel: crypto: af_alg - zero initialize memory allocated via sock_kmalloc
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71108
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429612
Bugzilla Description: kernel: usb: typec: ucsi: Handle incorrect num_connectors capability
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71142
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429613
Bugzilla Description: kernel: cpuset: fix warning when disabling remote partition
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71126
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429614
Bugzilla Description: kernel: Linux kernel: Deadlock due to MPTCP packet reinjection during fallback
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71122
Severity: low
Released on: 14/01/2026
Advisory:
Bugzilla: 2429615
Bugzilla Description: kernel: iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71128
Severity: moderate
Released on: 14/01/2026
Advisory:
Bugzilla: 2429616
Bugzilla Description: kernel: erspan: Initialize options_len before referencing options
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71102
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429617
Bugzilla Description: kernel: scs: fix a wrong parameter in __scs_magic
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71141
Severity:
Released on: 14/01/2026
Advisory:
Bugzilla: 2429618
Bugzilla Description: kernel: drm/tilcdc: Fix removal actions in case of failed probe
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-70968
Severity: important
Released on: 14/01/2026
Advisory:
Bugzilla: 2429634
Bugzilla Description: freeimage: FreeImage: Arbitrary code execution via Use After Free in PluginTARGA.cpp;loadRLE()
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-416
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-0543
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429394
Bugzilla Description: Kibana: Kibana: Denial of Service due to improper input validation in Email Connector
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift distributed tracing 3,Red Hat OpenStack Platform 16.2,
Full Details
CVE document

CVE-2026-0531
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429392
Bugzilla Description: kibana: allocation of resources without limits or throttling via specially crafted bulk retrieval request
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,
Full Details
CVE document

CVE-2026-0530
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429391
Bugzilla Description: kibana: allocation of resources without limits or throttling via specially crafted request
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,
Full Details
CVE document

CVE-2026-22791
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429335
Bugzilla Description: openCryptoki: openCryptoki: Denial of Service and heap corruption via heap buffer overflow
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0891
Severity: important
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428963
Bugzilla Description: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-0890
Severity: low
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428971
Bugzilla Description: firefox: thunderbird: Spoofing issue in the DOM: Copy & Paste and Drag & Drop component
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-0892
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2428977
Bugzilla Description: firefox: thunderbird: Memory safety bugs fixed in Firefox 147 and Thunderbird 147
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0888
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2428962
Bugzilla Description: firefox: Information disclosure in the XML component
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0889
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2428964
Bugzilla Description: firefox: Denial-of-service in the DOM: Service Workers component
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0887
Severity: moderate
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428972
Bugzilla Description: firefox: thunderbird: Clickjacking issue, information disclosure in the PDF Viewer component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-0886
Severity: moderate
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428978
Bugzilla Description: firefox: thunderbird: Incorrect boundary conditions in the Graphics component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-0885
Severity: moderate
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428961
Bugzilla Description: firefox: thunderbird: Use-after-free in the JavaScript: GC component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-0884
Severity: moderate
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428967
Bugzilla Description: firefox: thunderbird: Use-after-free in the JavaScript Engine component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-0883
Severity: moderate
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428968
Bugzilla Description: firefox: thunderbird: Information disclosure in the Networking component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-0882
Severity: important
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428966
Bugzilla Description: firefox: thunderbird: Use-after-free in the IPC component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-0881
Severity: important
Released on: 13/01/2026
Advisory:
Bugzilla: 2428970
Bugzilla Description: firefox: Sandbox escape in the Messaging System component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0879
Severity: important
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428973
Bugzilla Description: firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-0880
Severity: important
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428975
Bugzilla Description: firefox: thunderbird: Sandbox escape due to integer overflow in the Graphics component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-0878
Severity: important
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428965
Bugzilla Description: firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2026-0877
Severity: important
Released on: 13/01/2026
Advisory: RHSA-2026:1413, RHSA-2026:1487, RHSA-2026:1415, RHSA-2026:0667, RHSA-2026:1414, RHSA-2026:1471, RHSA-2026:0924, RHSA-2026:0694, RHSA-2026:1320, RHSA-2026:1462, RHSA-2026:1461,
Bugzilla: 2428969
Bugzilla Description: firefox: thunderbird: Mitigation bypass in the DOM: Security component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages: firefox-0:140.7.0-1.el9_7,thunderbird-0:140.7.0-1.el9_0,thunderbird-0:140.7.0-1.el8_2,thunderbird-0:140.7.0-1.el9_2,thunderbird-0:140.7.0-1.el8_4,firefox-0:140.7.0-1.el8_10,thunderbird-0:140.7.0-1.el9_4,thunderbird-0:140.7.0-1.el8_6,thunderbird-0:140.7.0-2.el9_6,thunderbird-0:140.7.0-1.el8_8,thunderbird-0:140.7.0-1.el9_7,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document

CVE-2025-68783
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429024
Bugzilla Description: kernel: ALSA: usb-mixer: us16x08: validate meter packet indices
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68812
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429025
Bugzilla Description: kernel: media: iris: Add sanity check for stop streaming
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71085
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429026
Bugzilla Description: kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71080
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429028
Bugzilla Description: kernel: ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-368
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68780
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429029
Bugzilla Description: kernel: sched/deadline: only set free_cpus for online runqueues
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68778
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429031
Bugzilla Description: kernel: btrfs: don't log conflicting inode if it's a dir moved in the current transaction
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68795
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429032
Bugzilla Description: kernel: ethtool: Avoid overflowing userspace buffer on stats query
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68774
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429033
Bugzilla Description: kernel: hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68781
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429034
Bugzilla Description: kernel: usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71097
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429035
Bugzilla Description: kernel: Linux kernel (IPv4): Denial of Service due to reference count leak in nexthop objects
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71066
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429036
Bugzilla Description: kernel: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71084
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429037
Bugzilla Description: kernel: RDMA/cm: Fix leaking the multicast GID table reference
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71071
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429038
Bugzilla Description: kernel: iommu/mediatek: fix use-after-free on probe deferral
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68791
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429039
Bugzilla Description: kernel: fuse: missing copy_finish in fuse-over-io-uring argument copies
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68794
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429040
Bugzilla Description: kernel: iomap: adjust read range correctly for non-block-aligned positions
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68796
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429042
Bugzilla Description: kernel: f2fs: fix to avoid updating zero-sized extent in extent cache
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68810
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429043
Bugzilla Description: kernel: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71068
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429044
Bugzilla Description: kernel: svcrdma: bound check rq_pages index in inline path
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71075
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429045
Bugzilla Description: kernel: scsi: aic94xx: fix use-after-free in device removal path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68801
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429046
Bugzilla Description: kernel: mlxsw: spectrum_router: Fix neighbour use-after-free
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71100
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429047
Bugzilla Description: kernel: wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc()
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68770
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429049
Bugzilla Description: kernel: bnxt_en: Fix XDP_TX path
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-832
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71076
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429050
Bugzilla Description: kernel: drm/xe/oa: Limit num_syncs to prevent oversized allocations
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71088
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429051
Bugzilla Description: kernel: Linux kernel: Denial of Service via MPTCP race condition
CVSS Score:
CVSSv3 Score: 4.1
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71087
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429052
Bugzilla Description: kernel: iavf: fix off-by-one issues in iavf_config_rss_reg()
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68822
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429053
Bugzilla Description: kernel: Input: alps - fix use-after-free bugs caused by dev3_register_work
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71082
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429054
Bugzilla Description: kernel: Bluetooth: btusb: revert use of devm_kzalloc in btusb
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68777
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429055
Bugzilla Description: kernel: Input: ti_am335x_tsc - fix off-by-one error in wire_order validation
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68809
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429056
Bugzilla Description: kernel: ksmbd: vfs: fix race on m_flags in vfs_cache
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68821
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429057
Bugzilla Description: kernel: Linux kernel FUSE: Denial of Service via readahead reclaim deadlock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71101
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429058
Bugzilla Description: kernel: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71099
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429059
Bugzilla Description: kernel: drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71090
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429060
Bugzilla Description: kernel: nfsd: fix nfsd_file reference leak in nfsd4_add_rdaccess_to_wrdeleg()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68788
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429061
Bugzilla Description: kernel: fsnotify: do not generate ACCESS/MODIFY events on child for special files
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71074
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429062
Bugzilla Description: kernel: functionfs: fix the open/removal races
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68775
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429063
Bugzilla Description: kernel: net/handshake: duplicate handshake cancellations leak socket
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68773
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429064
Bugzilla Description: kernel: spi: fsl-cpm: Check length parity before switching to 16 bit mode
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68800
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429065
Bugzilla Description: kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68767
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429066
Bugzilla Description: kernel: hfsplus: Verify inode mode when loading from disk
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71081
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429067
Bugzilla Description: kernel: ASoC: stm32: sai: fix OF node leak on probe
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68803
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429068
Bugzilla Description: kernel: NFSD: NFSv4 file creation neglects setting ACL
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-358
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68807
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429069
Bugzilla Description: kernel: block: fix race between wbt_enable_default and IO submission
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68784
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429070
Bugzilla Description: kernel: xfs: fix a UAF problem in xattr repair
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68769
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429071
Bugzilla Description: kernel: f2fs: fix return value of f2fs_recover_fsync_data()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68818
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429072
Bugzilla Description: kernel: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71096
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429073
Bugzilla Description: kernel: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68779
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429074
Bugzilla Description: kernel: net/mlx5e: Avoid unregistering PSP twice
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68819
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429076
Bugzilla Description: kernel: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71073
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429077
Bugzilla Description: kernel: Input: lkkbd - disable pending work before freeing device
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68816
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429078
Bugzilla Description: kernel: Linux kernel: mlx5 firmware tracer vulnerable to arbitrary memory access or denial of service via malformed format strings
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-134
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68798
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429079
Bugzilla Description: kernel: perf/x86/amd: Check event before enable to avoid GPF
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71067
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429080
Bugzilla Description: kernel: ntfs: set dummy blocksize to read boot_block when mounting
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68793
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429081
Bugzilla Description: kernel: drm/amdgpu: fix a job->pasid access race in gpu recovery
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68814
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429082
Bugzilla Description: kernel: Linux kernel: Memory leak in io_uring's __io_openat_prep() leading to denial of service
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71072
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429083
Bugzilla Description: kernel: shmem: fix recovery on rename failures
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68823
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429084
Bugzilla Description: kernel: ublk: fix deadlock when reading partition table
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68782
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429085
Bugzilla Description: kernel: scsi: target: Reset t_task_cdb pointer in error case
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71070
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429086
Bugzilla Description: kernel: ublk: clean up user copy references on ublk server exit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71069
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429087
Bugzilla Description: kernel: f2fs: invalidate dentry cache on failed whiteout creation
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68792
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429088
Bugzilla Description: kernel: tpm2-sessions: Fix out of range indexing in name_size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68813
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429089
Bugzilla Description: kernel: ipvs: fix ipv4 null-ptr-deref in route error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68787
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429090
Bugzilla Description: kernel: netrom: Fix memory leak in nr_sendmsg()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68815
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429091
Bugzilla Description: kernel: net/sched: ets: Remove drr class from the active list if it changes to strict
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-672
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68768
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429092
Bugzilla Description: kernel: inet: frags: flush pending skbs in fqdir_pre_exit()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68772
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429093
Bugzilla Description: kernel: f2fs: fix to avoid updating compression context during writeback
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71086
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429094
Bugzilla Description: kernel: net: rose: fix invalid array index in rose_kill_by_device()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71098
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429095
Bugzilla Description: kernel: ip6_gre: make ip6gre_header() robust
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68820
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429096
Bugzilla Description: kernel: ext4: xattr: fix null pointer deref in ext4_raw_inode()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68817
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429097
Bugzilla Description: kernel: ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71078
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429098
Bugzilla Description: kernel: powerpc/64s/slb: Fix SLB multihit issue during SLB preload
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68776
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429099
Bugzilla Description: kernel: Linux kernel: Denial of Service via NULL pointer dereference in HSR
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68808
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429100
Bugzilla Description: kernel: media: vidtv: initialize local pointers upon transfer of memory ownership
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71077
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429101
Bugzilla Description: kernel: tpm: Cap the number of PCR banks
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68790
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429102
Bugzilla Description: kernel: net/mlx5: Fix double unregister of HCA_PORTS component
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68797
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429103
Bugzilla Description: kernel: char: applicom: fix NULL pointer dereference in ac_ioctl
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71089
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429104
Bugzilla Description: kernel: iommu: disable SVA when CONFIG_X86 is set
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68805
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429105
Bugzilla Description: kernel: fuse: fix io-uring list corruption for terminated non-committed requests
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68786
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429106
Bugzilla Description: kernel: ksmbd: skip lock-range check on equal size to avoid size==0 underflow
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71083
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429107
Bugzilla Description: kernel: Kernel: Denial of Service via NULL pointer dereference in drm/ttm
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68806
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429108
Bugzilla Description: kernel: ksmbd: fix buffer validation by including null terminator size in EA length
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71064
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429109
Bugzilla Description: kernel: net: hns3: using the num_tqps in the vf driver to apply for resources
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68799
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429110
Bugzilla Description: kernel: caif: fix integer underflow in cffrml_receive()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71092
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429111
Bugzilla Description: kernel: RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71091
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429112
Bugzilla Description: kernel: team: fix check for port enabled in team_queue_override_port_prio_changed()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71093
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429113
Bugzilla Description: kernel: e1000: fix OOB in e1000_tbi_should_accept()
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68771
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429114
Bugzilla Description: kernel: ocfs2: fix kernel BUG in ocfs2_find_victim_chain
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68789
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429115
Bugzilla Description: kernel: hwmon: (ibmpex) fix use-after-free in high/low store
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68811
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429116
Bugzilla Description: kernel: svcrdma: use rc_pageoff for memcpy byte offset
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71065
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429117
Bugzilla Description: kernel: f2fs: fix to avoid potential deadlock
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68785
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429118
Bugzilla Description: kernel: net: openvswitch: fix middle attribute validation in push_nsh() action
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71095
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429119
Bugzilla Description: kernel: net: stmmac: fix the crash issue for zero copy XDP_TX action
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68804
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429120
Bugzilla Description: kernel: platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71079
Severity:
Released on: 13/01/2026
Advisory:
Bugzilla: 2429121
Bugzilla Description: kernel: net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68802
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2429122
Bugzilla Description: kernel: drm/xe: Limit num_syncs to prevent oversized allocations
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-71094
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2429124
Bugzilla Description: kernel: net: usb: asix: validate PHY address before use
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0900
Severity: important
Released on: 13/01/2026
Advisory:
Bugzilla: 2431121
Bugzilla Description: chromium-browser: Inappropriate implementation in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-0907
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2431122
Bugzilla Description: chromium-browser: Incorrect security UI in Split View
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-0905
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2431123
Bugzilla Description: chromium-browser: Insufficient policy enforcement in Network
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-0904
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2431125
Bugzilla Description: chromium-browser: Incorrect security UI in Digital Credentials
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-0902
Severity: moderate
Released on: 13/01/2026
Advisory:
Bugzilla: 2431126
Bugzilla Description: chromium-browser: Inappropriate implementation in V8
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-0899
Severity: important
Released on: 13/01/2026
Advisory:
Bugzilla: 2431127
Bugzilla Description: chromium-browser: Out of bounds memory access in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-0908
Severity: low
Released on: 13/01/2026
Advisory:
Bugzilla: 2431128
Bugzilla Description: chromium-browser: Use after free in ANGLE
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2024-58340
Severity: moderate
Released on: 12/01/2026
Advisory:
Bugzilla: 2428827
Bugzilla Description: langchain: LangChain MRKLOutputParser ReDoS
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-1333
Affected Packages:
Package States: OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2025-15514
Severity: important
Released on: 12/01/2026
Advisory:
Bugzilla: 2428828
Bugzilla Description: Ollama: Ollama: Denial of Service via malformed image processing
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-395
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-22801
Severity: moderate
Released on: 12/01/2026
Advisory:
Bugzilla: 2428824
Bugzilla Description: libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: (CWE-125|CWE-190)
Affected Packages:
Package States: Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 1.8,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 25,Red Hat build of OpenJDK 25,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-22695
Severity: moderate
Released on: 12/01/2026
Advisory:
Bugzilla: 2428825
Bugzilla Description: libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 1.8,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 25,Red Hat build of OpenJDK 25,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-22772
Severity: moderate
Released on: 12/01/2026
Advisory:
Bugzilla: 2428808
Bugzilla Description: fulcio: Fulcio: Server-Side Request Forgery (SSRF) via unanchored regex in MetaIssuer URL validation
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-918
Affected Packages:
Package States: Assisted Installer for Red Hat OpenShift Container Platform 2,Assisted Installer for Red Hat OpenShift Container Platform 2,Compliance Operator,Confidential Compute Attestation,Confidential Compute Attestation,File Integrity Operator,Kernel Module Management Operator for Red Hat Openshift,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multiarch Tuning Operator,Multiarch Tuning Operator,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Node HealthCheck Operator,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 3,Power monitoring for Red Hat OpenShift,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Build of Kueue,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Certification Program for Red Hat Enterprise Linux 9,Red Hat Developer Hub,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift GitOps,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Web Terminal,Security Profiles Operator,Security Profiles Operator,
Full Details
CVE document

CVE-2026-22776
Severity: important
Released on: 12/01/2026
Advisory:
Bugzilla: 2428732
Bugzilla Description: cpp-httplib: cpp-httplib: Denial of Service due to excessive memory usage from compressed HTTP request bodies
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-409
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-22771
Severity: important
Released on: 12/01/2026
Advisory:
Bugzilla: 2428735
Bugzilla Description: envoyproxy/gateway: Envoy Gateway: Unauthorized access to secrets via Lua script credential leakage
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-94
Affected Packages:
Package States: Red Hat Connectivity Link 1,Red Hat Connectivity Link 1,
Full Details
CVE document

CVE-2025-68471
Severity: moderate
Released on: 12/01/2026
Advisory:
Bugzilla: 2428717
Bugzilla Description: avahi: Avahi: Denial of Service via unsolicited CNAME announcements
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-68468
Severity: moderate
Released on: 12/01/2026
Advisory:
Bugzilla: 2428714
Bugzilla Description: avahi: Avahi: Denial of Service via crafted mDNS/DNS-SD announcements
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-68276
Severity: moderate
Released on: 12/01/2026
Advisory:
Bugzilla: 2428713
Bugzilla Description: avahi: Avahi: Denial of Service via D-Bus record browsers with AVAHI_LOOKUP_USE_WIDE_AREA flag
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-68493
Severity: important
Released on: 11/01/2026
Advisory:
Bugzilla: 2428559
Bugzilla Description: org.apache.struts: Apache Struts: Information disclosure and denial of service via missing XML validation
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-112
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-0824
Severity: moderate
Released on: 10/01/2026
Advisory:
Bugzilla: 2428469
Bugzilla Description: questdb: QuestDB UI: Cross-site Scripting vulnerability via Web Console manipulation
CVSS Score:
CVSSv3 Score: 3.5
Vector:
CWE: (CWE-79|CWE-94)
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-0822
Severity: important
Released on: 10/01/2026
Advisory:
Bugzilla: 2428463
Bugzilla Description: quickjs-ng: quickjs-ng: Heap-based buffer overflow in js_typed_array_sort function
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-0821
Severity: important
Released on: 10/01/2026
Advisory:
Bugzilla: 2428462
Bugzilla Description: quickjs-ng: quickjs-ng: Heap-based buffer overflow in js_typed_array_constructor function
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-22773
Severity: moderate
Released on: 10/01/2026
Advisory:
Bugzilla: 2428443
Bugzilla Description: vllm: vLLM: Denial of Service via specially crafted image in multimodal model serving
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-22703
Severity: moderate
Released on: 10/01/2026
Advisory:
Bugzilla: 2428445
Bugzilla Description: github.com/sigstore/cosign: Cosign verification accepts any valid Rekor entry under certain conditions
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-345
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat OpenShift Dev Spaces,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Web Terminal,Security Profiles Operator,Security Profiles Operator,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,
Full Details
CVE document

CVE-2026-22702
Severity: moderate
Released on: 10/01/2026
Advisory:
Bugzilla: 2428441
Bugzilla Description: virtualenv: virtualenv: Local attacker can redirect file operations via TOCTOU race condition
CVSS Score:
CVSSv3 Score: 4.5
Vector:
CWE: (CWE-362|CWE-59)
Affected Packages:
Package States: OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2026-22701
Severity: moderate
Released on: 10/01/2026
Advisory:
Bugzilla: 2428442
Bugzilla Description: filelock: filelock Time-of-Check-Time-of-Use (TOCTOU) in SoftFileLock
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-362|CWE-367|CWE-59)
Affected Packages:
Package States: Migration Toolkit for Containers,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenStack Platform 18.0,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2026-22693
Severity: moderate
Released on: 10/01/2026
Advisory:
Bugzilla: 2428439
Bugzilla Description: harfbuzz: Null Pointer Dereference in harfbuzz
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 25,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-22691
Severity: moderate
Released on: 10/01/2026
Advisory:
Bugzilla: 2428427
Bugzilla Description: pypdf: pypdf: Denial of Service via malformed PDF startxref entries
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-1333|CWE-400)
Affected Packages:
Package States: OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-22690
Severity: moderate
Released on: 10/01/2026
Advisory:
Bugzilla: 2428428
Bugzilla Description: pypdf: pypdf: Denial of Service via crafted PDF with missing /Root object
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-22610
Severity: moderate
Released on: 10/01/2026
Advisory:
Bugzilla: 2428424
Bugzilla Description: angular: Angular: Cross-site scripting vulnerability in Template Compiler
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-79
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenStack Platform 16.2,Red Hat Quay 3,Red Hat Quay 3,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2026-22030
Severity: moderate
Released on: 10/01/2026
Advisory:
Bugzilla: 2428414
Bugzilla Description: react-router: React Router CSRF in Action/Server Action Request Processing
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-346|CWE-352)
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-22029
Severity: important
Released on: 10/01/2026
Advisory: RHSA-2026:1517,
Bugzilla: 2428412
Bugzilla Description: @remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-79
Affected Packages: advanced-cluster-security/rhacs-main-rhel8:sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406,
Package States: Cryostat 4,Gatekeeper 3,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 7,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat build of OptaPlanner 8,Red Hat Connectivity Link 1,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Trusted Artifact Signer,
Full Details
CVE document

CVE-2026-21884
Severity: important
Released on: 10/01/2026
Advisory:
Bugzilla: 2428421
Bugzilla Description: react-router: @remix-run/react: React Router SSR XSS in ScrollRestoration
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2025-61686
Severity: critical
Released on: 10/01/2026
Advisory:
Bugzilla: 2428423
Bugzilla Description: react-router: React Router has Path Traversal in File Session Storage
CVSS Score:
CVSSv3 Score: 9.1
Vector:
CWE: CWE-22
Affected Packages:
Package States: Cryostat 4,Gatekeeper 3,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 7,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat build of OptaPlanner 8,Red Hat Connectivity Link 1,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,
Full Details
CVE document

CVE-2025-59057
Severity: important
Released on: 10/01/2026
Advisory:
Bugzilla: 2428426
Bugzilla Description: react-router: @remix-run/router: React Router XSS Vulnerability
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2025-68470
Severity: moderate
Released on: 10/01/2026
Advisory:
Bugzilla: 2428417
Bugzilla Description: react-router: React Router unexpected external redirect
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-601
Affected Packages:
Package States: Cryostat 4,Gatekeeper 3,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 7,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat Build of Kueue,Red Hat build of OptaPlanner 8,Red Hat Connectivity Link 1,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,
Full Details
CVE document

CVE-2025-9222
Severity: important
Released on: 09/01/2026
Advisory:
Bugzilla: 2428222
Bugzilla Description: gitlab: GitLab: Stored Cross-Site Scripting via GitLab Flavored Markdown
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-79
Affected Packages:
Package States: OpenShift Pipelines,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-13772
Severity: important
Released on: 09/01/2026
Advisory:
Bugzilla: 2428224
Bugzilla Description: gitlab: GitLab: Unauthorized access to AI model settings via namespace identifier manipulation
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-862
Affected Packages:
Package States: OpenShift Pipelines,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-13761
Severity: important
Released on: 09/01/2026
Advisory:
Bugzilla: 2428218
Bugzilla Description: gitlab: GitLab: Cross-Site Scripting Vulnerability Leading to Arbitrary Code Execution
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-79
Affected Packages:
Package States: OpenShift Pipelines,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-70974
Severity: critical
Released on: 09/01/2026
Advisory:
Bugzilla: 2428203
Bugzilla Description: fastjson: Fastjson: Remote Code Execution via JNDI Injection due to autoType mishandling
CVSS Score:
CVSSv3 Score: 10.0
Vector:
CWE: CWE-829
Affected Packages:
Package States: OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Debezium 2,Red Hat build of Debezium 3,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2025-14525
Severity: moderate
Released on: 09/01/2026
Advisory:
Bugzilla: 2421360
Bugzilla Description: kubevirt: kubevirt: VM administration denial of service via guest agent
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat OpenShift Virtualization 4,
Full Details
CVE document

CVE-2026-0665
Severity: moderate
Released on: 09/01/2026
Advisory:
Bugzilla: 2428640
Bugzilla Description: qemu-kvm: Heap off-by-one in KVM Xen PHYSDEVOP_map_pirq
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-125|CWE-787)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-14505
Severity: moderate
Released on: 08/01/2026
Advisory:
Bugzilla: 2428154
Bugzilla Description: elliptic: Key handling flaws in Elliptic
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-1240
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat build of Apicurio Registry 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Quay 3,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2025-68158
Severity: moderate
Released on: 08/01/2026
Advisory:
Bugzilla: 2428102
Bugzilla Description: Authlib: Authlib: Cross-Site Request Forgery due to improper session management in state storage
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-352
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,
Full Details
CVE document

CVE-2025-68151
Severity: moderate
Released on: 08/01/2026
Advisory:
Bugzilla: 2428009
Bugzilla Description: github.com/coredns/coredns/core/dnsserver: CoreDNS DoS via unbounded connections and oversized messages
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-67858
Severity: important
Released on: 08/01/2026
Advisory:
Bugzilla: 2428023
Bugzilla Description: Foomuuri: Foomuuri: Integrity loss of firewall configuration via improper neutralization of argument delimiters
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-88
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-67603
Severity: moderate
Released on: 08/01/2026
Advisory:
Bugzilla: 2428017
Bugzilla Description: Foomuuri: Foomuuri: Unauthorized firewall configuration changes due to improper authorization
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-285
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-22028
Severity: moderate
Released on: 08/01/2026
Advisory:
Bugzilla: 2427941
Bugzilla Description: preact: Preact: Arbitrary script execution via JSON serialization protection bypass
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-843
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-21895
Severity: low
Released on: 08/01/2026
Advisory:
Bugzilla: 2427935
Bugzilla Description: RSA: RSA crate: Denial of Service due to malformed prime in private key generation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-703
Affected Packages:
Package States: Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Update Service,Red Hat Trusted Profile Analyzer,
Full Details
CVE document

CVE-2025-14459
Severity: important
Released on: 08/01/2026
Advisory: RHSA-2026:0950,
Bugzilla: 2420938
Bugzilla Description: virt-cdi-controller: Unauthorized PVC Cloning via DataImportCron
CVSS Score:
CVSSv3 Score: 8.5
Vector:
CWE: CWE-639
Affected Packages: container-native-virtualization/ovs-cni-plugin-rhel9:v4.19.17-5,container-native-virtualization/vm-network-latency-checkup-rhel9:v4.19.17-5,container-native-virtualization/kubesecondarydns-rhel9:v4.19.17-5,container-native-virtualization/aaq-controller-rhel9:v4.19.17-5,container-native-virtualization/kubevirt-template-validator-rhel9:v4.19.17-5,container-native-virtualization/virt-handler-rhel9:v4.19.17-9,container-native-virtualization/libguestfs-tools-rhel9:v4.19.17-9,container-native-virtualization/hco-bundle-registry-rhel9:v4.19.17.rhel9-82,container-native-virtualization/virt-cdi-uploadproxy-rhel9:v4.19.17-8,container-native-virtualization/virtio-win-rhel9:v4.19.17-4,container-native-virtualization/virt-artifacts-server-rhel9:v4.19.17-8,container-native-virtualization/hostpath-provisioner-rhel9:v4.19.17-4,container-native-virtualization/bridge-marker-rhel9:v4.19.17-5,container-native-virtualization/virt-cdi-uploadserver-rhel9:v4.19.17-8,container-native-virtualization/virt-launcher-rhel9:v4.19.17-9,container-native-virtualization/virt-operator-rhel9:v4.19.17-12,container-native-virtualization/hostpath-provisioner-operator-rhel9:v4.19.17-4,container-native-virtualization/kubevirt-dpdk-checkup-rhel9:v4.19.17-5,container-native-virtualization/cnv-containernetworking-plugins-rhel9:v4.19.17-4,container-native-virtualization/hyperconverged-cluster-webhook-rhel9:v4.19.17-7,container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9:v4.19.17-5,container-native-virtualization/passt-network-binding-plugin-sidecar-rhel9:v4.19.17-9,container-native-virtualization/pr-helper-rhel9:v4.19.17-9,container-native-virtualization/virt-controller-rhel9:v4.19.17-9,container-native-virtualization/sidecar-shim-rhel9:v4.19.17-88,container-native-virtualization/virt-api-rhel9:v4.19.17-9,container-native-virtualization/hyperconverged-cluster-operator-rhel9:v4.19.17-7,container-native-virtualization/vm-console-proxy-rhel9:v4.19.17-5,container-native-virtualization/kubevirt-ipam-controller-rhel9:v4.19.17-5,container-native-virtualization/wasp-agent-rhel9:v4.19.17-5,container-native-virtualization/virt-exportserver-rhel9:v4.19.17-9,container-native-virtualization/virt-cdi-controller-rhel9:v4.19.17-7,container-native-virtualization/kubevirt-console-plugin-rhel9:v4.19.17-85,container-native-virtualization/ocp-virt-validation-checkup-rhel9:v4.19.17-19,container-native-virtualization/aaq-operator-rhel9:v4.19.17-5,container-native-virtualization/kubemacpool-rhel9:v4.19.17-5,container-native-virtualization/virt-cdi-importer-rhel9:v4.19.17-7,container-native-virtualization/virt-cdi-operator-rhel9:v4.19.17-7,container-native-virtualization/virt-exportproxy-rhel9:v4.19.17-9,container-native-virtualization/cluster-network-addons-operator-rhel9:v4.19.17-5,container-native-virtualization/kubevirt-api-lifecycle-automation-rhel9:v4.19.17-5,container-native-virtualization/hostpath-csi-driver-rhel9:v4.19.17-4,container-native-virtualization/kubevirt-apiserver-proxy-rhel9:v4.19.17-6,container-native-virtualization/passt-network-binding-plugin-cni-rhel9:v4.19.17-9,container-native-virtualization/kubevirt-storage-checkup-rhel9:v4.19.17-5,container-native-virtualization/cnv-must-gather-rhel9:v4.19.17-3,container-native-virtualization/multus-dynamic-networks-rhel9:v4.19.17-5,container-native-virtualization/kubevirt-ssp-operator-rhel9:v4.19.17-9,container-native-virtualization/kubevirt-common-instancetypes-rhel9:v4.19.17-5,container-native-virtualization/virt-cdi-apiserver-rhel9:v4.19.17-8,container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9:v4.19.17-11,container-native-virtualization/kubevirt-realtime-checkup-rhel9:v4.19.17-5,container-native-virtualization/virt-cdi-cloner-rhel9:v4.19.17-8,container-native-virtualization/aaq-server-rhel9:v4.19.17-5,
Package States: Red Hat OpenShift Virtualization 4,
Full Details
CVE document

CVE-2025-14017
Severity: moderate
Released on: 08/01/2026
Advisory:
Bugzilla: 2427870
Bugzilla Description: curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-1058
Affected Packages:
Package States: Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat Trusted Profile Analyzer,
Full Details
CVE document

CVE-2026-21883
Severity: moderate
Released on: 08/01/2026
Advisory:
Bugzilla: 2427763
Bugzilla Description: Bokeh: Bokeh: Information disclosure and unauthorized actions via flawed WebSocket origin validation
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-1385
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2025-12543
Severity: important
Released on: 08/01/2026
Advisory: RHSA-2026:0386, RHSA-2026:0383, RHSA-2026:0384,
Bugzilla: 2408784
Bugzilla Description: undertow-core: Undertow HTTP Server Fails to Reject Malformed Host Headers Leading to Potential Cache Poisoning and SSRF
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-20
Affected Packages: eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el8eap,eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el9eap,eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el8eap,eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el9eap,eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el9eap,eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el8eap,eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el8eap,eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el8eap,eap8-eventstream-0:1.0.1-3.redhat_00003.1.el8eap,eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el9eap,eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el9eap,eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el9eap,eap8-undertow-0:2.3.20-2.SP4_redhat_00001.1.el8eap,eap8-wildfly-0:8.1.3-4.GA_redhat_00006.1.el9eap,eap8-bouncycastle-0:1.82.0-1.redhat_00001.1.el8eap,eap8-apache-cxf-0:4.0.10-1.redhat_00001.1.el9eap,eap8-wildfly-elytron-0:2.6.6-1.Final_redhat_00001.1.el9eap,eap8-wildfly-clustering-0:5.0.12-1.Final_redhat_00001.1.el8eap,eap8-wildfly-javadocs-0:8.1.1-4.GA_redhat_00007.1.el9eap,undertow-core,eap8-jboss-threads-0:2.5.0-1.redhat_00001.1.el8eap,eap8-jboss-el-api_5.0_spec-0:4.0.2-1.Final_redhat_00001.1.el9eap,eap8-eventstream-0:1.0.1-3.redhat_00003.1.el9eap,eap8-hibernate-0:6.6.36-1.Final_redhat_00001.1.el8eap,eap8-eap-product-conf-parent-0:801.3.0-1.GA_redhat_00001.1.el8eap,
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat Data Grid 8,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document

CVE-2025-66560
Severity: moderate
Released on: 08/01/2026
Advisory:
Bugzilla: 2418794
Bugzilla Description: io.quarkus/quarkus-rest: Quarkus REST Worker Thread Exhaustion Vulnerability
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-772
Affected Packages:
Package States: Cryostat 4,Red Hat build of Debezium 3,Red Hat build of Quarkus,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2026-0716
Severity: moderate
Released on: 08/01/2026
Advisory:
Bugzilla: 2427896
Bugzilla Description: libsoup: Out-of-Bounds Read in libsoup WebSocket Frame Processing
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-0719
Severity: important
Released on: 08/01/2026
Advisory:
Bugzilla: 2427906
Bugzilla Description: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-50334
Severity: important
Released on: 08/01/2026
Advisory:
Bugzilla: 2428058
Bugzilla Description: technitium-dns-server: Technitium DNS Server: Denial of Service via rate-limiting component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat OpenShift Dev Spaces,
Full Details
CVE document

CVE-2025-65518
Severity: important
Released on: 08/01/2026
Advisory:
Bugzilla: 2428098
Bugzilla Description: plesk: Plesk Obsidian: Denial of Service via crafted request to get_password.php
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat OpenShift Dev Spaces,
Full Details
CVE document

CVE-2026-21869
Severity: important
Released on: 07/01/2026
Advisory:
Bugzilla: 2427743
Bugzilla Description: llama.cpp: llama.cpp: Remote code execution via invalid n_discard parameter in server endpoints
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-21441
Severity: important
Released on: 07/01/2026
Advisory: RHSA-2026:1226, RHSA-2026:1038, RHSA-2026:1599, RHSA-2026:1224, RHSA-2026:0981, RHSA-2026:1168, RHSA-2026:1504, RHSA-2026:1239, RHSA-2026:1546, RHSA-2026:1609, RHSA-2026:1240, RHSA-2026:1041, RHSA-2026:1086, RHSA-2026:1042, RHSA-2026:1089, RHSA-2026:0990, RHSA-2026:1596, RHSA-2026:1254, RHSA-2026:1485, RHSA-2026:1166, RHSA-2026:1087, RHSA-2026:1176, RHSA-2026:1241, RHSA-2026:1088,
Bugzilla: 2427726
Bugzilla Description: urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)
CVSS Score:
Vector:
CWE: CWE-409
Affected Packages: satellite/foreman-mcp-server-rhel9:sha256:ff4edaa605127e763ada037ec63ab7cc2054b853f079e7e28a0355234b24b2a0,ansible-automation-platform-26/de-minimal-rhel9:sha256:c4cf08cdbba3e616e2453f124ce11ebb72653e0de6a780b4f68307c90cda342d,python3.11-urllib3-0:1.26.12-1.el9_2.2,python3.11-urllib3-0:1.26.12-5.el9_7.1,ansible-automation-platform-25/lightspeed-rhel8:sha256:ce0ab3b4e74fef73b1ce90e2194ae245b5d5d4c6a0d6703174b9e0c1e613d514,python3.12-urllib3-0:1.26.19-1.el9_7.1,cert-manager/jetstack-cert-manager-acmesolver-rhel9:sha256:3258027c0fb9426c9ee3567f6dc0d02b85cb661c23300b230f5b1400b43bac25,python3.11-urllib3-0:1.26.12-6.el8_10,cert-manager/jetstack-cert-manager-rhel9:sha256:09c857f0c20721d6b447f5f567182befc1ca6157128225849117a5c830feab23,ansible-automation-platform-26/lightspeed-rhel9:sha256:bb11c4bc75f916bd4af045b753991df2efd4832e31007e09d4decebbc7d90483,python3.12-urllib3-0:1.26.19-2.el8_10,python-urllib3-0:2.6.3-1.el8ui,ansible-automation-platform-26/gateway-rhel9:sha256:932a5db05aba507f85a7e404e8848d3a2009838222e6b1ede8c13b0f33188fab,fence-agents-0:4.10.0-98.el9_7.4,python-urllib3-0:1.26.19-2.el10_1.1,cert-manager/cert-manager-istio-csr-rhel9:sha256:41df7aabbce42599bad7fdc721cd12aa6e12d17e1c0658fb3294a1f68483d656,fence-agents-0:4.2.1-129.el8_10.20,cert-manager/cert-manager-operator-rhel9:sha256:5f88b2b0b48de5fab7551c64c5df417bb1eabe1b120d7c56fadb090a7403839c,ansible-automation-platform-24/lightspeed-rhel8:sha256:981ce2c2f4fadc57c837b8a849611a3627a98e09c080acd8d9e6a399bbb8af3b,python-urllib3-0:1.24.2-9.el8_10,cert-manager/cert-manager-operator-rhel9:sha256:57a1aea49d7cc275b37b8f52d602a3a9d1601ec6a21a3268dd4903566cb2e335,cert-manager/cert-manager-istio-csr-rhel9:sha256:a80fc30a2570bde4cd9d64b3028c2fb05dc9d4c82f75613de11bdd17b9e37031,cert-manager/jetstack-cert-manager-rhel9:sha256:77f4d70980abe59f1e69bf38bfeeeed0b84b27fe9ae3286666d01a0c8aa6b067,python-urllib3-0:1.26.5-6.el9_7.1,cert-manager/cert-manager-istio-csr-rhel9:sha256:ac74ade1f4712f7c7e17b3532ec5ecaed9aec87cc2a0c4801c7661739de4fd9b,ansible-automation-platform-25/lightspeed-chatbot-rhel8:sha256:381eae348045fdbede3c79c610d370f0d41173cb5bce2b802066e44ae09f1114,resource-agents-0:4.9.0-54.el8_10.27,ansible-automation-platform-26/eda-controller-rhel9:sha256:617d7a7e88231785deb78260a5e3f08272fa53251adcb0a691a678fcbeeb78e0,cert-manager/jetstack-cert-manager-rhel9:sha256:3ca7fb070c05efc25fe53af6fc922875ecb9d11943d3c243b2840d7ca2b1aa33,
Package States: Assisted Installer for Red Hat OpenShift Container Platform 2,Assisted Installer for Red Hat OpenShift Container Platform 2,Assisted Installer for Red Hat OpenShift Container Platform 2,Assisted Installer for Red Hat OpenShift Container Platform 2,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Dynamic Accelerator Slicer Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,external secrets operator for Red Hat OpenShift - Tech Preview,external secrets operator for Red Hat OpenShift - Tech Preview,external secrets operator for Red Hat OpenShift - Tech Preview,external secrets operator for Red Hat OpenShift - Tech Preview,Fence Agents Remediation Operator,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,mirror registry for Red Hat OpenShift 2,Multiarch Tuning Operator,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Global Hub,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat build of Quarkus Native builder,Red Hat build of Quarkus Native builder,Red Hat Ceph Storage 7,Red Hat Ceph Storage 8,Red Hat Certification Program for Red Hat Enterprise Linux 9,Red Hat Certification Program for Red Hat Enterprise Linux 9,Red Hat Connectivity Link 1,Red Hat Connectivity Link 1,Red Hat Connectivity Link 1,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Discovery 2,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Offline Knowledge Portal,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Update Service,Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 13 (Queens),Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Self Node Remediation Operator,Self Node Remediation Operator,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,Zero Trust Workload Identity Manager - Tech Preview,
Full Details
CVE document

CVE-2025-69264
Severity: important
Released on: 07/01/2026
Advisory:
Bugzilla: 2427709
Bugzilla Description: pnpm: pnpm code execution
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-693
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2025-69263
Severity: important
Released on: 07/01/2026
Advisory:
Bugzilla: 2427703
Bugzilla Description: pnpm: pnpm Lockfile Integrity Bypass
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-494
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2025-13151
Severity: low
Released on: 07/01/2026
Advisory:
Bugzilla: 2427698
Bugzilla Description: libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-22185
Severity: moderate
Released on: 07/01/2026
Advisory:
Bugzilla: 2427679
Bugzilla Description: OpenLDAP: OpenLDAP LMDB: Denial of Service and Information Disclosure via Heap Buffer Underflow
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: (CWE-125|CWE-191)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-22184
Severity: important
Released on: 07/01/2026
Advisory:
Bugzilla: 2427688
Bugzilla Description: zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: CWE-120
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 11 ELS,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 1.8,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 21,Red Hat build of OpenJDK 25,Red Hat build of OpenJDK 25,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,
Full Details
CVE document

CVE-2025-69262
Severity: moderate
Released on: 07/01/2026
Advisory:
Bugzilla: 2427662
Bugzilla Description: pnpm: pnpm: Remote code execution via command injection in tokenHelper environment variable substitution
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: (CWE-78|CWE-94)
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document

CVE-2026-0669
Severity: moderate
Released on: 07/01/2026
Advisory:
Bugzilla: 2427617
Bugzilla Description: MediaWiki: MediaWiki CSS extension: Information disclosure via path traversal
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-22
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-0668
Severity: moderate
Released on: 07/01/2026
Advisory:
Bugzilla: 2427616
Bugzilla Description: MediaWiki: MediaWiki VisualData Extension: Denial of Service via inefficient regular expression
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1333
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-25211
Severity: low
Released on: 07/01/2026
Advisory:
Bugzilla: 2427563
Bugzilla Description: llamastack/llama-stack: Sensitive Information Exposure Through Log Files in Llama Stack PGVector Integration
CVSS Score:
CVSSv3 Score: 3.8
Vector:
CWE: CWE-532
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2026-0707
Severity: moderate
Released on: 07/01/2026
Advisory:
Bugzilla: 2427768
Bugzilla Description: keycloak: Keycloak Authorization Header Parsing Leading to Potential Security Control Bypass
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-551
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document

CVE-2025-15444
Severity: moderate
Released on: 06/01/2026
Advisory:
Bugzilla: 2427278
Bugzilla Description: libsodium: libsodium: Cryptographic bypass via improper elliptic curve point validation
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-1395
Affected Packages:
Package States: Red Hat Developer Hub,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2025-69230
Severity: low
Released on: 05/01/2026
Advisory:
Bugzilla: 2427255
Bugzilla Description: aiohttp: aiohttp: Denial of Service via specially crafted invalid cookies
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-779
Affected Packages:
Package States: Migration Toolkit for Containers,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2025-69229
Severity: moderate
Released on: 05/01/2026
Advisory:
Bugzilla: 2427257
Bugzilla Description: aiohttp: AIOHTTP: Denial of Service via excessive CPU usage in chunked message handling
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-770
Affected Packages:
Package States: Migration Toolkit for Containers,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2025-69228
Severity: moderate
Released on: 05/01/2026
Advisory:
Bugzilla: 2427254
Bugzilla Description: aiohttp: aiohttp: Denial of Service via memory exhaustion from crafted POST request
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-770
Affected Packages:
Package States: Migration Toolkit for Containers,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2025-69227
Severity: moderate
Released on: 05/01/2026
Advisory:
Bugzilla: 2427256
Bugzilla Description: aiohttp: aiohttp: Denial of Service via specially crafted POST request
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-835
Affected Packages:
Package States: Migration Toolkit for Containers,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2025-69225
Severity: low
Released on: 05/01/2026
Advisory:
Bugzilla: 2427253
Bugzilla Description: aiohttp: aiohttp: Request smuggling vulnerability via non-ASCII decimals in Range header
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-444
Affected Packages:
Package States: Migration Toolkit for Containers,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2025-69226
Severity: moderate
Released on: 05/01/2026
Advisory:
Bugzilla: 2427245
Bugzilla Description: aiohttp: aiohttp: Information disclosure of path components via static file path normalization
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-200|CWE-22)
Affected Packages:
Package States: Migration Toolkit for Containers,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2025-69224
Severity: moderate
Released on: 05/01/2026
Advisory:
Bugzilla: 2427246
Bugzilla Description: aiohttp: aiohttp: Request smuggling via non-ASCII characters in HTTP parser
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-444
Affected Packages:
Package States: Migration Toolkit for Containers,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2025-69223
Severity: important
Released on: 05/01/2026
Advisory: RHSA-2026:1599, RHSA-2026:1249, RHSA-2026:1506, RHSA-2026:1497, RHSA-2026:1596, RHSA-2026:1609,
Bugzilla: 2427456
Bugzilla Description: aiohttp: AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: (CWE-409|CWE-770)
Affected Packages: ansible-automation-platform-26/de-supported-rhel9:sha256:b047748fdd4411af0807776e0765f76bc3065adc16187af5ae7e43cf980842bc,automation-controller-0:4.5.30-1.el8ap,automation-controller-0:4.5.30-1.el9ap,ansible-automation-platform-25/controller-rhel8:sha256:e627268fea858240171a3330fdaee5c952500b33e04584e31848c615b3e1826f,automation-controller-0:4.6.25-1.el9ap,automation-controller-0:4.7.8-1.el9ap,ansible-automation-platform-26/controller-rhel9:sha256:bb334abcc74bbebff0442393d370d7a4990097b275cf46761933a7fd61d94c87,ansible-automation-platform-26/de-minimal-rhel9:sha256:c4cf08cdbba3e616e2453f124ce11ebb72653e0de6a780b4f68307c90cda342d,automation-controller-0:4.6.25-1.el8ap,ansible-automation-platform-24/controller-rhel8:sha256:59ed853e148efffa6ef7b832c29dc0b58fc8d5d2915784548ce4985ed02c8de2,
Package States: Migration Toolkit for Containers,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2025-68428
Severity: important
Released on: 05/01/2026
Advisory: RHSA-2026:1517,
Bugzilla: 2427236
Bugzilla Description: jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: (CWE-35|CWE-73)
Affected Packages: advanced-cluster-security/rhacs-main-rhel8:sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406,
Package States: Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,
Full Details
CVE document

CVE-2025-66648
Severity: important
Released on: 05/01/2026
Advisory:
Bugzilla: 2427238
Bugzilla Description: vega-functions: vega-functions: Cross-Site Scripting via untrusted user input
CVSS Score:
CVSSv3 Score: 7.2
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-65110
Severity: important
Released on: 05/01/2026
Advisory:
Bugzilla: 2427235
Bugzilla Description: vega-selections: Vega: Arbitrary code execution through malicious visualization definitions
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-68760
Severity:
Released on: 05/01/2026
Advisory:
Bugzilla: 2427112
Bugzilla Description: kernel: iommu/amd: Fix potential out-of-bounds read in iommu_mmio_show
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68766
Severity: moderate
Released on: 05/01/2026
Advisory:
Bugzilla: 2427113
Bugzilla Description: kernel: irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68754
Severity:
Released on: 05/01/2026
Advisory:
Bugzilla: 2427114
Bugzilla Description: kernel: rtc: amlogic-a4: fix double free caused by devm
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68761
Severity:
Released on: 05/01/2026
Advisory:
Bugzilla: 2427115
Bugzilla Description: kernel: hfs: fix potential use after free in hfs_correct_next_unused_CNID()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68753
Severity: low
Released on: 05/01/2026
Advisory:
Bugzilla: 2427116
Bugzilla Description: kernel: ALSA: firewire-motu: add bounds check in put_user loop for DSP events
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68756
Severity: moderate
Released on: 05/01/2026
Advisory:
Bugzilla: 2427117
Bugzilla Description: kernel: block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68765
Severity:
Released on: 05/01/2026
Advisory:
Bugzilla: 2427118
Bugzilla Description: kernel: mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68755
Severity:
Released on: 05/01/2026
Advisory:
Bugzilla: 2427119
Bugzilla Description: kernel: staging: most: remove broken i2c driver
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68751
Severity: low
Released on: 05/01/2026
Advisory:
Bugzilla: 2427120
Bugzilla Description: kernel: s390/fpu: Fix false-positive kmsan report in fpu_vstl()
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68764
Severity: moderate
Released on: 05/01/2026
Advisory:
Bugzilla: 2427121
Bugzilla Description: kernel: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68759
Severity:
Released on: 05/01/2026
Advisory:
Bugzilla: 2427122
Bugzilla Description: kernel: wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68763
Severity:
Released on: 05/01/2026
Advisory:
Bugzilla: 2427123
Bugzilla Description: kernel: crypto: starfive - Correctly handle return of sg_nents_for_len
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68758
Severity: low
Released on: 05/01/2026
Advisory:
Bugzilla: 2427124
Bugzilla Description: kernel: backlight: led-bl: Add devlink to supplier LEDs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68762
Severity: low
Released on: 05/01/2026
Advisory:
Bugzilla: 2427125
Bugzilla Description: kernel: net: netpoll: initialize work queue before error checks
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68752
Severity: moderate
Released on: 05/01/2026
Advisory:
Bugzilla: 2427126
Bugzilla Description: kernel: iavf: Implement settime64 with -EOPNOTSUPP
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68757
Severity: moderate
Released on: 05/01/2026
Advisory:
Bugzilla: 2427127
Bugzilla Description: kernel: drm/vgem-fence: Fix potential deadlock on release
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-667
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2026-21444
Severity: moderate
Released on: 02/01/2026
Advisory:
Bugzilla: 2426858
Bugzilla Description: limtpms: libtpms: Remote data confidentiality compromise via incorrect Initialization Vector (IV) handling
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-327|CWE-330)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-67269
Severity: important
Released on: 02/01/2026
Advisory: RHSA-2026:0770, RHSA-2026:0771,
Bugzilla: 2426810
Bugzilla Description: gpsd: gpsd: Denial of Service due to malformed NAVCOM packet parsing
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-191
Affected Packages: gpsd-minimal-1:3.26.1-1.el9_7.1,gpsd-1:3.26.1-1.el10_1.1,
Package States:
Full Details
CVE document

CVE-2025-67268
Severity: important
Released on: 02/01/2026
Advisory: RHSA-2026:0770, RHSA-2026:0771,
Bugzilla: 2426835
Bugzilla Description: gpsd: gpsd: Arbitrary code execution via heap-based out-of-bounds write in NMEA2000 packet handling
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1285
Affected Packages: gpsd-minimal-1:3.26.1-1.el9_7.1,gpsd-1:3.26.1-1.el10_1.1,
Package States:
Full Details
CVE document

CVE-2025-15412
Severity: moderate
Released on: 01/01/2026
Advisory:
Bugzilla: 2426694
Bugzilla Description: wabt: wabt: Arbitrary code execution, information disclosure, and denial of service via out-of-bounds read
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: (CWE-119|CWE-125)
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-15411
Severity: moderate
Released on: 01/01/2026
Advisory:
Bugzilla: 2426683
Bugzilla Description: wabt: WebAssembly wabt: Memory corruption vulnerability in wasm-decompile component
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-119
Affected Packages:
Package States:
Full Details
CVE document

CVE-2026-21428
Severity: important
Released on: 01/01/2026
Advisory:
Bugzilla: 2426666
Bugzilla Description: cpp-httplib: cpp-httplib: Server-Side Request Forgery via header injection
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-93
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-11157
Severity: important
Released on: 01/01/2026
Advisory:
Bugzilla: 2426574
Bugzilla Description: feast: Feast: Remote Code Execution via insecure YAML deserialization
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2025-69413
Severity: moderate
Released on: 01/01/2026
Advisory:
Bugzilla: 2426570
Bugzilla Description: Gitea: Gitea: Information disclosure via differing authentication responses
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-204
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2025-15279
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426421
Bugzilla Description: fontforge: FontForge: Remote Code Execution via heap-based buffer overflow in BMP file parsing
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15278
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426433
Bugzilla Description: fontforge: FontForge: Arbitrary Code Execution via XBM file parsing integer overflow
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15277
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426425
Bugzilla Description: fontforge: FontForge: Remote Code Execution via malicious SGI file parsing
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15276
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426424
Bugzilla Description: fontforge: FontForge: Remote Code Execution via SFD File Parsing Deserialization of Untrusted Data
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15280
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426430
Bugzilla Description: fontforge: FontForge: Remote Code Execution via SFD File Parsing Use-After-Free Vulnerability
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15275
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426429
Bugzilla Description: fontforge: FontForge: Arbitrary code execution via SFD file parsing buffer overflow
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15274
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426435
Bugzilla Description: fontforge: FontForge: Remote Code Execution via SFD File Parsing Heap-based Buffer Overflow
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15273
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426428
Bugzilla Description: fontforge: FontForge: Remote Code Execution via PFB File Parsing Stack-based Buffer Overflow
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15272
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426427
Bugzilla Description: fontforge: FontForge: Remote Code Execution via SFD File Parsing
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15271
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426422
Bugzilla Description: fontforge: FontForge: Remote Code Execution via SFD file parsing vulnerability
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-129
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15270
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426434
Bugzilla Description: fontforge: FontForge: Remote Code Execution via malicious SFD file parsing
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-129
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-15269
Severity: important
Released on: 31/12/2026
Advisory:
Bugzilla: 2426423
Bugzilla Description: fontforge: FontForge: Remote Code Execution via Use-After-Free in SFD file parsing
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-69277
Severity: moderate
Released on: 31/12/2026
Advisory:
Bugzilla: 2426416
Bugzilla Description: libsodium: pynacl: libsodium: Improper validation of elliptic curve points could lead to data integrity or information disclosure.
CVSS Score:
CVSSv3 Score: 4.5
Vector:
CWE: CWE-184
Affected Packages:
Package States: Migration Toolkit for Containers,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document

CVE-2025-68131
Severity: moderate
Released on: 31/12/2026
Advisory:
Bugzilla: 2426395
Bugzilla Description: cbor2: cbor2: Information Disclosure via shared memory in CBORDecoder reuse
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-212
Affected Packages:
Package States: Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document

CVE-2025-11964
Severity: low
Released on: 31/12/2026
Advisory:
Bugzilla: 2426394
Bugzilla Description: libpcap: libpcap: Data corruption via out-of-bounds write on Windows
CVSS Score:
CVSSv3 Score: 1.9
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-11961
Severity: low
Released on: 31/12/2026
Advisory:
Bugzilla: 2426396
Bugzilla Description: libpcap: libpcap: Memory corruption via malformed MAC-48 address input
CVSS Score:
CVSSv3 Score: 1.9
Vector:
CWE: (CWE-122|CWE-126)
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-61594
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2025:23141, RHSA-2025:23063, RHSA-2025:23062,
Bugzilla: 2426336
Bugzilla Description: uri: URI module: Credential exposure via URI + operator
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-212
Affected Packages: ruby:3.3,ruby,
Package States: Logging Subsystem for Red Hat OpenShift,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-69261
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426308
Bugzilla Description: wasmedge: WasmEdge: Denial of Service via incorrect memory access
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-69204
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426294
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via integer overflow in SVG image processing
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2025-68950
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426284
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via circular references in MVG files
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-674
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2025-68618
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426285
Bugzilla Description: ImageMagick: ImageMagick: Denial of Service via malicious SVG file
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-674
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2025-67746
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426283
Bugzilla Description: composer: Composer: Terminal output manipulation leading to Denial of Service
CVSS Score:
CVSSv3 Score: 3.5
Vector:
CWE: CWE-74
Affected Packages:
Package States:
Full Details
CVE document

CVE-2023-54192
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426009
Bugzilla Description: kernel: f2fs: fix null pointer panic in tracepoint in __replace_atomic_write_block
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50857
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426010
Bugzilla Description: kernel: rapidio: rio: fix possible name leak in rio_register_mport()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54254
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426011
Bugzilla Description: kernel: drm/ttm: Don't leak a resource on eviction error
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54209
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426012
Bugzilla Description: kernel: block: fix blktrace debugfs entries leakage
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54269
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:7000, RHBA-2024:7198, RHSA-2023:6583,
Bugzilla: 2426013
Bugzilla Description: kernel: SUNRPC: double free xprt_ctxt while still in use
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-415
Affected Packages: kernel-0:4.18.0-553.22.1.el8_10,ubi8/go-toolset:1.21.13-1.1727172995,rhel8/go-toolset:1.21.13-1.1727172995,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54284
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426014
Bugzilla Description: kernel: media: av7110: prevent underflow in write_ts_to_decoder()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50886
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426015
Bugzilla Description: kernel: mmc: toshsd: fix return value check of mmc_add_host()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54218
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426016
Bugzilla Description: kernel: net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54317
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426017
Bugzilla Description: kernel: dm flakey: don't corrupt the zero page
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54264
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426018
Bugzilla Description: kernel: fs/sysv: Null check to prevent null-ptr-deref bug
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50878
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426019
Bugzilla Description: kernel: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54251
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:2394, RHSA-2024:8157,
Bugzilla: 2426020
Bugzilla Description: kernel: net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-190
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,kernel-0:5.14.0-284.88.1.el9_2,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54257
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426021
Bugzilla Description: kernel: net: macb: fix a memory corruption in extended buffer descriptor mode
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54224
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426023
Bugzilla Description: kernel: btrfs: fix lockdep splat and potential deadlock after failure running delayed items
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50845
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426024
Bugzilla Description: kernel: ext4: fix inode leak in ext4_xattr_inode_create() on an error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50832
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:6583,
Bugzilla: 2426025
Bugzilla Description: kernel: Linux kernel: Memory leak in wilc1000 Wi-Fi driver causes Denial of Service
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54274
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:2394, RHSA-2024:3138,
Bugzilla: 2426026
Bugzilla Description: kernel: RDMA/srpt: Add a check for valid 'mad_agent' pointer
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-366
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,kernel-0:4.18.0-553.el8_10,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54240
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426027
Bugzilla Description: kernel: net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50809
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426028
Bugzilla Description: kernel: xhci: dbc: Fix memory leak in xhci_alloc_dbc()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50815
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426029
Bugzilla Description: kernel: ext2: Add sanity checks for group and filesystem size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54190
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426030
Bugzilla Description: kernel: leds: led-core: Fix refcount leak in of_led_get()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54221
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426031
Bugzilla Description: kernel: clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54265
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426032
Bugzilla Description: kernel: ipv6: Fix an uninit variable access bug in __ip6_make_skb()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-457
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54263
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426033
Bugzilla Description: kernel: drm/nouveau/kms/nv50-: init hpd_irq_lock for PIOR DP
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50861
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:2458, RHSA-2023:7077,
Bugzilla: 2426034
Bugzilla Description: kernel: NFSD: Finish converting the NFSv2 GETACL result encoder
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-200
Affected Packages: kernel-0:5.14.0-284.11.1.el9_2,kernel-0:4.18.0-513.5.1.el8_9,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50826
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426035
Bugzilla Description: kernel: ipu3-imgu: Fix NULL pointer dereference in imgu_subdev_set_selection()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50849
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426036
Bugzilla Description: kernel: pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-119
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54262
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426037
Bugzilla Description: kernel: net/mlx5e: Don't clone flow post action attributes second time
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-416
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54170
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426038
Bugzilla Description: kernel: keys: Fix linking a duplicate key to a keyring's assoc_array
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50785
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426040
Bugzilla Description: kernel: fsi: occ: Prevent use after free
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54277
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426041
Bugzilla Description: kernel: fbdev: udlfb: Fix endpoint check
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50868
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426042
Bugzilla Description: kernel: hwrng: amd - Fix PCI device refcount leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50862
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426043
Bugzilla Description: kernel: bpf: prevent decl_tag from being referenced in func_proto
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50821
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426044
Bugzilla Description: kernel: SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50848
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426045
Bugzilla Description: kernel: drivers: dio: fix possible memory leak in dio_init()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54199
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426046
Bugzilla Description: kernel: drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50872
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426047
Bugzilla Description: kernel: ARM: OMAP2+: Fix memory leak in realtime_counter_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54208
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426048
Bugzilla Description: kernel: media: ov5675: Fix memleak in ov5675_init_controls()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54201
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:2394, RHSA-2024:3138,
Bugzilla: 2426049
Bugzilla Description: kernel: RDMA/efa: Fix wrong resources deallocation order
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-911
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,kernel-0:4.18.0-553.el8_10,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54183
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426050
Bugzilla Description: kernel: media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54166
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:2394, RHSA-2024:3138,
Bugzilla: 2426051
Bugzilla Description: kernel: igc: Fix Kernel Panic during ndo_tx_timeout callback
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-362
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,kernel-0:4.18.0-553.el8_10,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50814
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426052
Bugzilla Description: kernel: crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54189
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426053
Bugzilla Description: kernel: pstore/ram: Add check for kstrdup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54204
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426054
Bugzilla Description: kernel: mmc: sunplus: fix return value check of mmc_add_host()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50887
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426055
Bugzilla Description: kernel: regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50859
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426056
Bugzilla Description: kernel: cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54178
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426057
Bugzilla Description: kernel: of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54223
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426058
Bugzilla Description: kernel: net/mlx5e: xsk: Fix invalid buffer access for legacy rq
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54288
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426059
Bugzilla Description: kernel: wifi: mac80211: fortify the spinlock against deadlock by interrupt
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54232
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426060
Bugzilla Description: kernel: m68k: Only force 030 bus error if PC not in exception table
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54325
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426061
Bugzilla Description: kernel: crypto: qat - fix out-of-bounds read
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54239
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:6583,
Bugzilla: 2426062
Bugzilla Description: kernel: iommufd: Check for uptr overflow
CVSS Score:
CVSSv3 Score: 4.5
Vector:
CWE: CWE-119
Affected Packages: kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54245
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426063
Bugzilla Description: kernel: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54180
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426064
Bugzilla Description: kernel: btrfs: handle case when repair happens with dev-replace
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50823
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426066
Bugzilla Description: kernel: clk: tegra: Fix refcount leak in tegra114_clock_init
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50840
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426067
Bugzilla Description: kernel: scsi: snic: Fix possible UAF in snic_tgt_create()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54213
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426068
Bugzilla Description: kernel: USB: sisusbvga: Add endpoint checks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54214
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:2394,
Bugzilla: 2426069
Bugzilla Description: kernel: Bluetooth: L2CAP: Fix potential user-after-free
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-416
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54297
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426070
Bugzilla Description: kernel: btrfs: zoned: fix memory leak after finding block group with super blocks
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50864
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426071
Bugzilla Description: kernel: nilfs2: fix shift-out-of-bounds due to too large exponent of block size
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54278
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2025:6966,
Bugzilla: 2426072
Bugzilla Description: kernel: s390/vmem: split pages when debug pagealloc is enabled
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-416
Affected Packages: kernel-0:5.14.0-570.12.1.el9_6,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54228
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426073
Bugzilla Description: kernel: regulator: raa215300: Fix resource leak in case of error
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54291
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426074
Bugzilla Description: kernel: vduse: fix NULL pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54187
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426075
Bugzilla Description: kernel: f2fs: fix potential corruption when moving a directory
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50879
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426076
Bugzilla Description: kernel: objtool: Fix SEGFAULT
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50835
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426077
Bugzilla Description: kernel: jbd2: add miss release buffer head in fc_do_one_pass()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54220
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426078
Bugzilla Description: kernel: serial: 8250: Fix oops for port->pm on uart_change_pm()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54305
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426079
Bugzilla Description: kernel: ext4: refuse to create ea block when umounted
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50885
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:6583,
Bugzilla: 2426080
Bugzilla Description: kernel: Linux kernel: Denial of Service in RDMA/rxe due to null-pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages: kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50858
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426081
Bugzilla Description: kernel: mmc: alcor: fix return value check of mmc_add_host()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54181
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426082
Bugzilla Description: kernel: bpf: Fix issue in verifying allow_ptr_leaks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54296
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426083
Bugzilla Description: kernel: KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54310
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426084
Bugzilla Description: kernel: scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54313
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426085
Bugzilla Description: kernel: ovl: fix null pointer dereference in ovl_get_acl_rcu()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50870
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426086
Bugzilla Description: kernel: powerpc/rtas: avoid device tree lookups in rtas_os_term()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54272
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426087
Bugzilla Description: kernel: fs/ntfs3: Fix a possible null-pointer dereference in ni_clear()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54280
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426088
Bugzilla Description: kernel: cifs: fix potential race when tree connecting ipc
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50786
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426089
Bugzilla Description: kernel: media: s5p-mfc: Clear workbit to handle error condition
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54184
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426090
Bugzilla Description: kernel: scsi: target: iscsit: Free cmds before session free
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54268
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426091
Bugzilla Description: kernel: debugobjects: Don't wake up kswapd from fill_pool()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50851
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426092
Bugzilla Description: kernel: vhost_vdpa: fix the crash in unmap a large memory
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54293
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426093
Bugzilla Description: kernel: bcache: fixup btree_cache_wait list damage
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50834
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426094
Bugzilla Description: kernel: nfc: Fix potential resource leaks
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54243
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426095
Bugzilla Description: kernel: netfilter: ebtables: fix table blob use-after-free
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54244
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426096
Bugzilla Description: kernel: ACPI: EC: Fix oops when removing custom query handlers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54226
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426097
Bugzilla Description: kernel: af_unix: Fix data races around sk->sk_shutdown
CVSS Score:
CVSSv3 Score: 5.1
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54231
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426098
Bugzilla Description: kernel: net: libwx: fix memory leak in wx_setup_rx_resources
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54252
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426099
Bugzilla Description: kernel: platform/x86: think-lmi: Fix memory leaks when parsing ThinkStation WMI strings
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50863
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:2951, RHSA-2023:2458,
Bugzilla: 2426100
Bugzilla Description: kernel: Kernel: Denial of Service via memory leak in wifi power saving mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:4.18.0-477.10.1.el8_8,kernel-0:5.14.0-284.11.1.el9_2,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50871
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426101
Bugzilla Description: kernel: wifi: ath11k: Fix qmi_msg_handler data structure initialization
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50836
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426102
Bugzilla Description: kernel: remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50873
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426103
Bugzilla Description: kernel: vdpa/vp_vdpa: fix kfree a wrong pointer in vp_vdpa_remove
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54222
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426104
Bugzilla Description: kernel: hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54227
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426105
Bugzilla Description: kernel: blk-mq: fix tags leak when shrink nr_hw_queues
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50876
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426106
Bugzilla Description: kernel: usb: musb: Fix musb_gadget.c rxstate overflow bug
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54311
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426107
Bugzilla Description: kernel: ext4: fix deadlock when converting an inline directory in nojournal mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54253
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426108
Bugzilla Description: kernel: btrfs: set page extent mapped after read_folio in relocate_one_page
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50880
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426109
Bugzilla Description: kernel: wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54164
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426110
Bugzilla Description: kernel: Bluetooth: ISO: fix iso_conn related locking and validity issues
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54247
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426111
Bugzilla Description: kernel: bpf: Silence a warning in btf_type_id_size()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54270
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426112
Bugzilla Description: kernel: media: usb: siano: Fix use after free bugs caused by do_submit_urb
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54303
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426113
Bugzilla Description: kernel: bpf: Disable preemption in bpf_perf_event_output
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54308
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426114
Bugzilla Description: kernel: ALSA: ymfpci: Create card with device-managed snd_devm_card_new()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50827
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426115
Bugzilla Description: kernel: scsi: lpfc: Fix memory leak in lpfc_create_port()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54258
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426116
Bugzilla Description: kernel: cifs: fix potential oops in cifs_oplock_break
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54276
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:6583,
Bugzilla: 2426117
Bugzilla Description: kernel: nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-665
Affected Packages: kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50889
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426118
Bugzilla Description: kernel: dm integrity: Fix UAF in dm_integrity_dtr()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54287
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426119
Bugzilla Description: kernel: tty: serial: imx: disable Ageing Timer interrupt request irq
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50818
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426120
Bugzilla Description: kernel: scsi: pm8001: Fix running_req for internal abort commands
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54298
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426121
Bugzilla Description: kernel: thermal: intel: quark_dts: fix error pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54300
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426122
Bugzilla Description: kernel: wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-824
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50829
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426123
Bugzilla Description: kernel: wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-416
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54233
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426124
Bugzilla Description: kernel: ASoC: SOF: avoid a NULL dereference with unsupported widgets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54238
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426125
Bugzilla Description: kernel: Linux kernel: Denial of Service in mlx5 driver due to memory leaks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54248
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426126
Bugzilla Description: kernel: fs/ntfs3: Add check for kmemdup
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54162
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426127
Bugzilla Description: kernel: ksmbd: fix possible memory leak in smb2_lock()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54173
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426128
Bugzilla Description: kernel: bpf: Disable preemption in bpf_event_output
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54191
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426129
Bugzilla Description: kernel: Linux kernel: Memory leak in mt76 Wi-Fi driver leads to Denial of Service
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50811
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426130
Bugzilla Description: kernel: erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54182
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426131
Bugzilla Description: kernel: f2fs: fix to check readonly condition correctly
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54202
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426132
Bugzilla Description: kernel: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54237
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426133
Bugzilla Description: kernel: net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54176
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:6583,
Bugzilla: 2426134
Bugzilla Description: kernel: mptcp: stricter state check in mptcp_worker
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-269
Affected Packages: kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54316
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426135
Bugzilla Description: kernel: refscale: Fix uninitalized use of wait_queue_head_t
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54266
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426136
Bugzilla Description: kernel: media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50846
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426137
Bugzilla Description: kernel: mmc: via-sdmmc: fix return value check of mmc_add_host()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54321
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426138
Bugzilla Description: kernel: driver core: fix potential null-ptr-deref in device_add()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54197
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426140
Bugzilla Description: kernel: Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54283
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426141
Bugzilla Description: kernel: bpf: Address KCSAN report on bpf_lru_list
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50828
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426142
Bugzilla Description: kernel: clk: zynqmp: Fix stack-out-of-bounds in strncpy`
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50819
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426143
Bugzilla Description: kernel: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-476
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54295
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426144
Bugzilla Description: kernel: mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type
CVSS Score:
CVSSv3 Score: 4.1
Vector:
CWE: CWE-758
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50850
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426145
Bugzilla Description: kernel: scsi: ipr: Fix WARNING in ipr_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54193
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426146
Bugzilla Description: kernel: net/sched: cls_api: remove block_cb from driver_list before freeing
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50874
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426147
Bugzilla Description: kernel: RDMA/erdma: Fix refcount leak in erdma_mmap
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54230
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426148
Bugzilla Description: kernel: amba: bus: fix refcount leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54294
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426149
Bugzilla Description: kernel: md/raid10: fix memleak of md thread
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54207
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426150
Bugzilla Description: kernel: HID: uclogic: Correct devm device reference for hidinput input_dev name
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50842
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426151
Bugzilla Description: kernel: drm/virtio: Check whether transferred 2D BO is shmem
CVSS Score:
CVSSv3 Score: 4.5
Vector:
CWE: CWE-476
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54246
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426152
Bugzilla Description: kernel: rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50875
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426153
Bugzilla Description: kernel: of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry() and find_dup_cset_prop()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54261
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426154
Bugzilla Description: kernel: drm/amdkfd: Add missing gfx11 MQD manager callbacks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54282
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426155
Bugzilla Description: kernel: media: tuners: qt1010: replace BUG_ON with a regular error
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50839
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426156
Bugzilla Description: kernel: jbd2: fix potential buffer head reference count leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54323
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426157
Bugzilla Description: kernel: cxl/pmem: Fix nvdimm registration races
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54168
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426158
Bugzilla Description: kernel: RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54185
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426159
Bugzilla Description: kernel: btrfs: remove BUG_ON()'s in add_new_free_space()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54225
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426160
Bugzilla Description: kernel: net: ipa: only reset hashed tables when supported
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50854
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426161
Bugzilla Description: kernel: nfc: virtual_ncidev: Fix memory leak in virtual_nci_send()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54273
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:6583,
Bugzilla: 2426162
Bugzilla Description: kernel: Linux kernel: Denial of Service due to xfrm resource leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-430
Affected Packages: kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54322
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426163
Bugzilla Description: kernel: arm64: set __exception_irq_entry with __irq_entry as a default
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50841
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426164
Bugzilla Description: kernel: fs/ntfs3: Add overflow check for attribute size
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50856
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426165
Bugzilla Description: kernel: cifs: Fix xid leak in cifs_ses_add_channel()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54172
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426166
Bugzilla Description: kernel: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54289
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426167
Bugzilla Description: kernel: scsi: qedf: Fix NULL dereference in error handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54215
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426168
Bugzilla Description: kernel: virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_find_vqs()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54200
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426169
Bugzilla Description: kernel: netfilter: nf_tables: always release netdev hooks from notifier
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50847
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426170
Bugzilla Description: kernel: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54219
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426171
Bugzilla Description: kernel: Revert "IB/isert: Fix incorrect release of isert connection"
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50844
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426172
Bugzilla Description: kernel: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54315
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426173
Bugzilla Description: kernel: powerpc/powernv/sriov: perform null check on iov before dereferencing iov
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54267
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426174
Bugzilla Description: kernel: powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50820
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426176
Bugzilla Description: kernel: perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54198
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426177
Bugzilla Description: kernel: tty: fix out-of-bounds access in tty_driver_lookup_tty()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54236
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426178
Bugzilla Description: kernel: net/net_failover: fix txq exceeding warning
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54285
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426179
Bugzilla Description: kernel: iomap: Fix possible overflow condition in iomap_write_delalloc_scan
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54186
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426180
Bugzilla Description: kernel: usb: typec: altmodes/displayport: fix pin_assignment_show
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50838
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426181
Bugzilla Description: kernel: net: stream: purge sk_error_queue in sk_stream_kill_queues()
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54249
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426182
Bugzilla Description: kernel: bus: mhi: ep: Only send -ENOTCONN status if client driver is available
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54203
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426183
Bugzilla Description: kernel: ksmbd: fix slab-out-of-bounds in init_smb2_rsp_hdr
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50882
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426184
Bugzilla Description: kernel: media: uvcvideo: Fix memory leak in uvc_gpio_parse
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54241
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426185
Bugzilla Description: kernel: MIPS: KVM: Fix NULL pointer dereference
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54318
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426186
Bugzilla Description: kernel: net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54302
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:2394,
Bugzilla: 2426187
Bugzilla Description: kernel: RDMA/irdma: Fix data race on CQP completion stats
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-667
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50855
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426188
Bugzilla Description: kernel: bpf: prevent leak of lsm program after failed attach
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54167
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426189
Bugzilla Description: kernel: m68k: mm: Move initrd phys_to_virt handling after paging_init()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54312
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426190
Bugzilla Description: kernel: samples/bpf: Fix buffer overflow in tcp_basertt
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54314
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426191
Bugzilla Description: kernel: media: af9005: Fix null-ptr-deref in af9005_i2c_xfer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54174
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426192
Bugzilla Description: kernel: vfio: Fix NULL pointer dereference caused by uninitialized group->iommufd
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54206
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426193
Bugzilla Description: kernel: net/sched: flower: fix filter idr initialization
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-368
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50817
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:6583,
Bugzilla: 2426194
Bugzilla Description: kernel: net: hsr: avoid possible NULL deref in skb_clone()
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-476
Affected Packages: kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54320
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426195
Bugzilla Description: kernel: platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54194
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426196
Bugzilla Description: kernel: exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54255
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426197
Bugzilla Description: kernel: sh: dma: Fix DMA channel offset calculation
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54309
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426198
Bugzilla Description: kernel: tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54304
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426199
Bugzilla Description: kernel: firmware: meson_sm: fix to avoid potential NULL pointer dereference
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50867
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426200
Bugzilla Description: kernel: drm/msm/a6xx: Replace kcalloc() with kvzalloc()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54319
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426201
Bugzilla Description: kernel: pinctrl: at91-pio4: check return value of devm_kasprintf()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54234
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426202
Bugzilla Description: kernel: scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50881
Severity: important
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426203
Bugzilla Description: kernel: wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-416
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50883
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426204
Bugzilla Description: kernel: bpf: Prevent decl_tag from being referenced in func_proto arg
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54279
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426205
Bugzilla Description: kernel: MIPS: fw: Allow firmware to pass a empty env
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50837
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426207
Bugzilla Description: kernel: net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54292
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:2394,
Bugzilla: 2426208
Bugzilla Description: kernel: RDMA/irdma: Fix data race on CQP request done
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-366
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54165
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:9315,
Bugzilla: 2426209
Bugzilla Description: kernel: zsmalloc: move LRU update from zs_map_object() to zs_malloc()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-362
Affected Packages: kernel-0:5.14.0-503.11.1.el9_5,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54242
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426210
Bugzilla Description: kernel: block, bfq: Fix division by zero error on zero wsum
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54307
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426211
Bugzilla Description: kernel: ptp_qoriq: fix memory leak in probe()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50866
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:2951, RHSA-2023:2458,
Bugzilla: 2426212
Bugzilla Description: kernel: ASoC: pxa: fix null-pointer dereference in filter()
CVSS Score:
CVSSv3 Score: 4.5
Vector:
CWE: CWE-476
Affected Packages: kernel-0:4.18.0-477.10.1.el8_8,kernel-0:5.14.0-284.11.1.el9_2,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50843
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426213
Bugzilla Description: kernel: dm clone: Fix UAF in clone_dtr()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50825
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426214
Bugzilla Description: kernel: usb: typec: wusb3801: fix fwnode refcount leak in wusb3801_probe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50888
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426215
Bugzilla Description: kernel: remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50853
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426216
Bugzilla Description: kernel: NFSv4: Fix a credential leak in _nfs4_discover_trunking()
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50869
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426217
Bugzilla Description: kernel: fs/ntfs3: Fix slab-out-of-bounds in r_page
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54195
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426218
Bugzilla Description: kernel: rxrpc: Fix timeout of a call that hasn't yet been granted a channel
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54196
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426220
Bugzilla Description: kernel: fs/ntfs3: Fix NULL pointer dereference in 'ni_write_inode'
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50824
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426221
Bugzilla Description: kernel: tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50884
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426222
Bugzilla Description: kernel: drm: Prevent drm_copy_field() to attempt copying a NULL pointer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54175
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426223
Bugzilla Description: kernel: i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50822
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7539, RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426224
Bugzilla Description: kernel: Linux kernel: Memory leak in RDMA restrack leads to Denial of Service
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,kernel-0:4.18.0-477.36.1.el8_8,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50816
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:2458, RHSA-2023:7077,
Bugzilla: 2426225
Bugzilla Description: kernel: ipv6: ensure sane device mtu in tunnels
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-20
Affected Packages: kernel-0:5.14.0-284.11.1.el9_2,kernel-0:4.18.0-513.5.1.el8_9,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50865
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:6583,
Bugzilla: 2426226
Bugzilla Description: kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-190
Affected Packages: kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54169
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:2394, RHSA-2024:3138,
Bugzilla: 2426227
Bugzilla Description: kernel: net/mlx5e: fix memory leak in mlx5e_ptp_open
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-401
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,kernel-0:4.18.0-553.el8_10,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54326
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426228
Bugzilla Description: kernel: misc: pci_endpoint_test: Free IRQs before removing the device
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54210
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426229
Bugzilla Description: kernel: Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_remove_adv_monitor()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50812
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426230
Bugzilla Description: kernel: security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54301
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426231
Bugzilla Description: kernel: serial: 8250_bcm7271: fix leak in `brcmuart_probe`
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54217
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426232
Bugzilla Description: kernel: Revert "drm/msm: Add missing check and destroy for alloc_ordered_workqueue"
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54235
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426233
Bugzilla Description: kernel: PCI/DOE: Fix destroy_work_on_stack() race
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54260
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426234
Bugzilla Description: kernel: cifs: Fix lost destroy smbd connection when MR allocate failed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54286
Severity: important
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426235
Bugzilla Description: kernel: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-121
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54324
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426236
Bugzilla Description: kernel: dm: fix a race condition in retrieve_deps
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54171
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426237
Bugzilla Description: kernel: tracing: Fix memory leak of iter->temp when reading trace_pipe
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54250
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426238
Bugzilla Description: kernel: ksmbd: avoid out of bounds access in decode_preauth_ctxt()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50830
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426239
Bugzilla Description: kernel: auxdisplay: hd44780: Fix potential memory leak in hd44780_remove()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54271
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:9315,
Bugzilla: 2426240
Bugzilla Description: kernel: Linux kernel: Denial of Service via NULL pointer dereference in blk-cgroup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages: kernel-0:5.14.0-503.11.1.el9_5,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54216
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426241
Bugzilla Description: kernel: net/mlx5e: TC, Fix using eswitch mapping in nic mode
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-676
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50852
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426242
Bugzilla Description: kernel: wifi: mt76: mt7921: fix use after free in mt7921_acpi_read()
CVSS Score:
CVSSv3 Score: 5.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54275
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426243
Bugzilla Description: kernel: Linux kernel: Memory leak in ath11k Wi-Fi driver leads to Denial of Service
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-772
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54179
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:2394, RHSA-2024:3138,
Bugzilla: 2426244
Bugzilla Description: kernel: scsi: qla2xxx: Array index may go out of bound
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-119
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,kernel-0:4.18.0-553.el8_10,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50860
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426245
Bugzilla Description: kernel: apparmor: Fix memleak in alloc_ns()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54211
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426246
Bugzilla Description: kernel: tracing: Fix warning in trace_buffered_event_disable()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50877
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426247
Bugzilla Description: kernel: net: broadcom: bcm4908_enet: update TX stats after actual transmission
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54306
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426248
Bugzilla Description: kernel: net: tls: avoid hanging tasks on the tx_lock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54299
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426249
Bugzilla Description: kernel: usb: typec: bus: verify partner exists in typec_altmode_attention
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54259
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426250
Bugzilla Description: kernel: soundwire: bus: Fix unbalanced pm_runtime_put() causing usage count underflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50810
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426251
Bugzilla Description: kernel: rapidio: devices: fix missing put_device in mport_cdev_open
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54177
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426252
Bugzilla Description: kernel: quota: fix warning in dqgrab()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54188
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426253
Bugzilla Description: kernel: dmaengine: apple-admac: Fix 'current_tx' not getting freed
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54205
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426254
Bugzilla Description: kernel: pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54281
Severity: low
Released on: 30/12/2026
Advisory:
Bugzilla: 2426255
Bugzilla Description: kernel: btrfs: release path before inode lookup during the ino lookup ioctl
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54229
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2024:2394,
Bugzilla: 2426256
Bugzilla Description: kernel: wifi: fix registration of 6Ghz-only phy without the full channel range
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-823
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50813
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426257
Bugzilla Description: kernel: drivers: mcb: fix resource leak in mcb_probe()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50833
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:2458,
Bugzilla: 2426258
Bugzilla Description: kernel: Bluetooth: use hdev->workqueue when queuing hdev->{cmd,ncmd}_timer works
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-362
Affected Packages: kernel-0:5.14.0-284.11.1.el9_2,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50784
Severity: moderate
Released on: 30/12/2026
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2426259
Bugzilla Description: kernel: wifi: fix potential NULL-ptr deref after clone
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-476
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-65409
Severity: moderate
Released on: 30/12/2026
Advisory:
Bugzilla: 2426292
Bugzilla Description: Recutils: Recutils: Denial of Service due to divide-by-zero with empty password input
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-50343
Severity:
Released on: 30/12/2026
Advisory:
Bugzilla: 2426306
Bugzilla Description: matio: matio: Memory corruption allows arbitrary code execution or denial of service
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-805
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-15284
Severity: important
Released on: 29/12/2026
Advisory: RHSA-2026:0761, RHSA-2026:0531, RHSA-2026:0414, RHSA-2026:0261, RHSA-2026:1517, RHSA-2026:1596, RHSA-2026:1000,
Bugzilla: 2425946
Bugzilla Description: qs: qs: Denial of Service via improper input validation in array parsing
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages: ansible-automation-platform-26/gateway-rhel9:sha256:9abe4b317c69871447dd2f4a74b95a6391cf6ed88d4125ab318d5e2310e8abc0,cryostat/cryostat-openshift-console-plugin-rhel9:4.1.0-16,rhdh/rhdh-hub-rhel9:sha256:29ada5e84c6b204cf518191a21bbd22de5cb53a61bc1812b1072ce5c28a235b2,rhdh/rhdh-hub-rhel9:sha256:7185a8f744022307c7a178d35e7ae32d7797eed4f9379b2dba8954e2856f2ed1,openshift4/ose-monitoring-plugin-rhel9:sha256:4c35e5d75482b58c8ef656f864a37a5426533737cc155869ae8f8f4812c0daaa,advanced-cluster-security/rhacs-main-rhel8:sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8,discovery/discovery-ui-rhel9:sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e,
Package States: Cryostat 4,Gatekeeper 3,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 7,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Global Hub,Network Observability Operator,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of OptaPlanner 8,Red Hat Ceph Storage 8,Red Hat Connectivity Link 1,Red Hat Data Grid 8,Red Hat Edge Manager preview,Red Hat Edge Manager preview,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document

CVE-2025-69211
Severity: important
Released on: 29/12/2026
Advisory:
Bugzilla: 2425826
Bugzilla Description: nestjs: NestJS framework: Security bypass allows unauthorized access to protected routes
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2026-0810
Severity: moderate
Released on: 29/12/2026
Advisory:
Bugzilla: 2427057
Bugzilla Description: gix-date: gix-date: Undefined behavior due to invalid string generation
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-135
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-69195
Severity: important
Released on: 29/12/2026
Advisory:
Bugzilla: 2425770
Bugzilla Description: wget2: GNU Wget2: Memory corruption and crash via filename sanitization logic with attacker-controlled URLs
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-121
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-69194
Severity: important
Released on: 29/12/2026
Advisory:
Bugzilla: 2425773
Bugzilla Description: wget2: Arbitrary File Write via Metalink Path Traversal in GNU Wget2
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-22
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-66865
Severity: low
Released on: 29/12/2026
Advisory:
Bugzilla: 2425822
Bugzilla Description: binutils: stack overflow in d_print_comp_inner() in cp-demangle.c
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-121
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-66861
Severity: low
Released on: 29/12/2026
Advisory:
Bugzilla: 2425823
Bugzilla Description: binutils: out-of-bounds read in d_unqualified_name() in cp-demangle.c
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-66863
Severity: low
Released on: 29/12/2026
Advisory:
Bugzilla: 2425824
Bugzilla Description: binutils: BinUtils: Denial of Service via crafted PE file
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-66862
Severity: low
Released on: 29/12/2026
Advisory:
Bugzilla: 2425825
Bugzilla Description: binutils: heap-based buffer over-read in gnu_special() in cplus-dem.c
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-66864
Severity: low
Released on: 29/12/2026
Advisory:
Bugzilla: 2425827
Bugzilla Description: binutils: NULL pointer dereference in d_print_comp_inner() in cp-demangle.c
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-66866
Severity: low
Released on: 29/12/2026
Advisory:
Bugzilla: 2425830
Bugzilla Description: binutils: BinUtils: Denial of Service via crafted PE file
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document

CVE-2025-68973
Severity: important
Released on: 28/12/2026
Advisory: RHSA-2026:0697, RHSA-2026:1468, RHSA-2026:1014, RHSA-2026:1229, RHSA-2026:0974, RHSA-2026:0728, RHSA-2026:0935, RHSA-2026:1517, RHSA-2026:0719, RHSA-2026:1230,
Bugzilla: 2425966
Bugzilla Description: GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-675
Affected Packages: advanced-cluster-security/rhacs-main-rhel8:sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044,advanced-cluster-security/rhacs-rhel8-operator:sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f,gnupg2-0:2.3.3-5.el9_7,advanced-cluster-security/rhacs-scanner-v4-rhel8:sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3,advanced-cluster-security/rhacs-central-db-rhel8:sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d,gnupg2-0:2.2.20-4.el8_10,advanced-cluster-security/rhacs-scanner-v4-db-rhel8:sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471,gnupg2-0:2.2.20-2.el8_4.1,advanced-cluster-security/rhacs-scanner-rhel8:sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818,gnupg2-0:2.4.5-3.el10_1,gnupg2-0:2.2.20-3.el8_8.1,advanced-cluster-security/rhacs-collector-rhel8:sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89,gnupg2-0:2.2.9-1.el8_2.1,gnupg2-0:2.2.20-3.el8_6.1,gnupg2-0:2.3.3-4.el9_4.1,advanced-cluster-security/rhacs-roxctl-rhel8:sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2,advanced-cluster-security/rhacs-scanner-db-rhel8:sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3,gnupg2-0:2.3.3-4.el9_6.1,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document

CVE-2025-68972
Severity: moderate
Released on: 27/12/2025
Advisory:
Bugzilla: 2425646
Bugzilla Description: gnupg: GnuPG: Signature bypass via form feed character in signed messages
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-347
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-14177
Severity: low
Released on: 27/12/2025
Advisory: RHSA-2026:1412, RHSA-2026:1409, RHSA-2026:1429,
Bugzilla: 2425626
Bugzilla Description: php: PHP: Information disclosure via getimagesize() function when reading multi-chunk images
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-125
Affected Packages: php:8.2-8100020260106091451.f7998665,php:8.2-9070020260107073439.9,php:8.3-9070020260108073701.9,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,
Full Details
CVE document

CVE-2025-14178
Severity: moderate
Released on: 27/12/2025
Advisory: RHSA-2026:1412, RHSA-2026:1169, RHSA-2026:1190, RHSA-2026:1185, RHSA-2026:1409, RHSA-2026:1429, RHSA-2026:1187,
Bugzilla: 2425625
Bugzilla Description: php: heap-based buffer overflow in array_merge()
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-190|CWE-787)
Affected Packages: php-0:8.3.19-1.el10_0.1,php:8.2-9040020260116191026.9,php:8.2-8100020260106091451.f7998665,php:8.2-9060020260116185805.9,php:8.3-9060020260116180534.9,php:8.2-9070020260107073439.9,php:8.3-9070020260108073701.9,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,
Full Details
CVE document

CVE-2025-14180
Severity: important
Released on: 27/12/2025
Advisory: RHSA-2026:1412, RHSA-2026:1169, RHSA-2026:1190, RHSA-2026:1185, RHSA-2026:1409, RHSA-2026:1429, RHSA-2026:1187,
Bugzilla: 2425627
Bugzilla Description: php: PHP: Denial of Service via invalid character sequence in PDO PostgreSQL prepared statement
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-476
Affected Packages: php-0:8.3.19-1.el10_0.1,php:8.2-9040020260116191026.9,php:8.2-8100020260106091451.f7998665,php:8.2-9060020260116185805.9,php:8.3-9060020260116180534.9,php:8.2-9070020260107073439.9,php:8.3-9070020260108073701.9,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,
Full Details
CVE document

CVE-2025-68946
Severity: moderate
Released on: 26/12/2025
Advisory:
Bugzilla: 2425468
Bugzilla Description: gitea: Gitea: Cross-Site Scripting (XSS) via forbidden URL scheme in links
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-79
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2025-68945
Severity: moderate
Released on: 26/12/2025
Advisory:
Bugzilla: 2425474
Bugzilla Description: gitea: Gitea: Information disclosure via anonymous access to private user projects
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-359
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2025-68944
Severity: moderate
Released on: 26/12/2025
Advisory:
Bugzilla: 2425466
Bugzilla Description: gitea: Gitea: Access control bypass in package registries
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-441
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2025-68943
Severity: moderate
Released on: 26/12/2025
Advisory:
Bugzilla: 2425465
Bugzilla Description: gitea: Gitea: Information disclosure of user login times via sort order
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-497
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2025-68942
Severity: moderate
Released on: 26/12/2025
Advisory:
Bugzilla: 2425464
Bugzilla Description: gitea: Gitea: Cross-Site Scripting (XSS) vulnerability via search input
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-79
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2025-68941
Severity: moderate
Released on: 26/12/2025
Advisory:
Bugzilla: 2425457
Bugzilla Description: gitea: Gitea: Unauthorized access to private resources via public-scoped API tokens
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-863
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2025-68940
Severity: low
Released on: 26/12/2025
Advisory:
Bugzilla: 2425461
Bugzilla Description: gitea: Gitea: Unauthorized branch deletion due to inadequate permission enforcement
CVSS Score:
CVSSv3 Score: 3.1
Vector:
CWE: CWE-863
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2025-68939
Severity: important
Released on: 26/12/2025
Advisory:
Bugzilla: 2425460
Bugzilla Description: gitea: attachments can be renamed to forbidden file extensions via the attachment API
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-424
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2025-68938
Severity: moderate
Released on: 26/12/2025
Advisory:
Bugzilla: 2425454
Bugzilla Description: gitea: incorrect authorization for deletion of releases
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-863
Affected Packages:
Package States: OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,
Full Details
CVE document

CVE-2025-68937
Severity: moderate
Released on: 25/12/2025
Advisory:
Bugzilla: 2425446
Bugzilla Description: forgejo: Forgejo: Server shell access via symlink mishandling in template repositories
CVSS Score:
CVSSv3 Score: 9.9
Vector:
CWE: CWE-59
Affected Packages:
Package States:
Full Details
CVE document

CVE-2025-68726
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424855
Bugzilla Description: kernel: crypto: aead - Fix reqsize handling
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68728
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424856
Bugzilla Description: kernel: ntfs3: fix uninit memory after failed mi_read in mi_format_new
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68351
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424857
Bugzilla Description: kernel: exfat: fix refcount leak in exfat_find
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68362
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424858
Bugzilla Description: kernel: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb()
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68733
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424859
Bugzilla Description: kernel: smack: fix bug: unprivileged task can create labels
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68353
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424860
Bugzilla Description: kernel: Kernel: Denial of Service via NULL pointer dereference in VXLAN module
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68725
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424861
Bugzilla Description: kernel: bpf: Do not let BPF test infra emit invalid GSO types to stack
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68727
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424862
Bugzilla Description: kernel: ntfs3: Fix uninit buffer allocated by __getname()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68359
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424863
Bugzilla Description: kernel: btrfs: fix double free of qgroup record after failure to add delayed ref head
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68371
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424864
Bugzilla Description: kernel: scsi: smartpqi: Fix device resources accessed after device removal
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68375
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424865
Bugzilla Description: kernel: perf/x86: Fix NULL event access and potential PEBS record loss
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68729
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424866
Bugzilla Description: kernel: wifi: ath12k: Fix MSDU buffer types handling in RX error path
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68345
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424867
Bugzilla Description: kernel: Linux kernel ALSA: Denial of Service due to NULL pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68369
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424868
Bugzilla Description: kernel: ntfs3: init run lock for extend inode
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68348
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424869
Bugzilla Description: kernel: block: fix memory leak in __blkdev_issue_zero_pages
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68376
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424870
Bugzilla Description: kernel: coresight: ETR: Fix ETR buffer use-after-free issue
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68378
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424871
Bugzilla Description: kernel: bpf: Fix stackmap overflow check in __bpf_get_stackid()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68365
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424872
Bugzilla Description: kernel: fs/ntfs3: Initialize allocated memory before use
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68367
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424873
Bugzilla Description: kernel: Linux kernel (macintosh/mac_hid): Denial of Service via race condition in mac_hid_toggle_emumouse
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68379
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424874
Bugzilla Description: kernel: Linux kernel: Denial of Service in RDMA subsystem via repeated SRQ modification
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68358
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424875
Bugzilla Description: kernel: btrfs: fix racy bitfield write in btrfs_clear_space_info_full()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68356
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424876
Bugzilla Description: kernel: gfs2: Prevent recursive memory reclaim
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68344
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424877
Bugzilla Description: kernel: ALSA: wavefront: Fix integer overflow in sample size validation
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68354
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424878
Bugzilla Description: kernel: regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68347
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424879
Bugzilla Description: kernel: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68349
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424880
Bugzilla Description: kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68366
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424881
Bugzilla Description: kernel: nbd: defer config unlock in nbd_genl_connect
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68368
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424882
Bugzilla Description: kernel: md: init bioset in mddev_init
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68372
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424883
Bugzilla Description: kernel: nbd: defer config put in recv_work
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68380
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424884
Bugzilla Description: kernel: wifi: ath11k: fix peer HE MCS assignment
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-681
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68361
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424885
Bugzilla Description: kernel: Linux kernel (erofs): Kernel stack overflow due to excessive file system stacking
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68724
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424886
Bugzilla Description: kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68363
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424887
Bugzilla Description: kernel: bpf: Check skb->transport_header is set in bpf_skb_check_mtu
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68352
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424888
Bugzilla Description: kernel: spi: ch341: fix out-of-bounds memory access in ch341_transfer_one
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68346
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424889
Bugzilla Description: kernel: ALSA: dice: fix buffer overflow in detect_stream_formats()
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68370
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424890
Bugzilla Description: kernel: coresight: tmc: add the handle of the event to the path
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68355
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424891
Bugzilla Description: kernel: bpf: Fix exclusive map memory leak
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68357
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424892
Bugzilla Description: kernel: iomap: allocate s_dio_done_wq for async reads as well
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68350
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424893
Bugzilla Description: kernel: exfat: fix divide-by-zero in exfat_allocate_bitmap
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68730
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424894
Bugzilla Description: kernel: accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68732
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424895
Bugzilla Description: kernel: gpu: host1x: Fix race in syncpt alloc/free
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68373
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424896
Bugzilla Description: kernel: md: avoid repeated calls to del_gendisk
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68731
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424897
Bugzilla Description: kernel: accel/amdxdna: Fix an integer overflow in aie2_query_ctx_status_array()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68374
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424898
Bugzilla Description: kernel: md: fix rcu protection in md_wakeup_thread
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68377
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424899
Bugzilla Description: kernel: ns: initialize ns_list_node for initial namespaces
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68360
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424900
Bugzilla Description: kernel: wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks
CVSS Score:
CVSSv3 Score: 4.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68364
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424901
Bugzilla Description: kernel: ocfs2: relax BUG() to ocfs2_error() in __ocfs2_move_extent()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54008
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424928
Bugzilla Description: kernel: virtio_vdpa: build affinity masks conditionally
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54034
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424929
Bugzilla Description: kernel: iommufd: Make sure to zero vfio_iommu_type1_info before copying to user
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53991
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424930
Bugzilla Description: kernel: drm/msm/dpu: Disallow unallocated resources to be returned
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54038
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2024:2394,
Bugzilla: 2424931
Bugzilla Description: kernel: Linux kernel: Denial of Service in Bluetooth HCI connection handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54026
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424932
Bugzilla Description: kernel: opp: Fix use-after-free in lazy_opp_tables after probe deferral
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53989
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424933
Bugzilla Description: kernel: arm64: mm: fix VA-range sanity check
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54011
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424934
Bugzilla Description: kernel: scsi: mpi3mr: Fix an issue found by KASAN
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54012
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424935
Bugzilla Description: kernel: net: fix stack overflow when LRO is disabled for virtual interfaces
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-674
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54015
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2424936
Bugzilla Description: kernel: net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-364
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54022
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424937
Bugzilla Description: kernel: ALSA: usb-audio: Fix potential memory leaks at error path for UMP open
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53994
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424938
Bugzilla Description: kernel: ionic: remove WARN_ON to prevent panic_on_warn
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-703
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53997
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424939
Bugzilla Description: kernel: thermal: of: fix double-free on unregistration
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53988
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424940
Bugzilla Description: kernel: fs/ntfs3: Fix slab-out-of-bounds read in hdr_delete_de()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50711
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424941
Bugzilla Description: kernel: net: ethernet: mtk_eth_soc: fix possible memory leak in mtk_probe()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54000
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424942
Bugzilla Description: kernel: net: hns3: fix deadlock issue when externel_lb and reset are executed together
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54013
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424943
Bugzilla Description: kernel: interconnect: Fix locking for runpm vs reclaim
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53996
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:7749, RHSA-2024:3138, RHSA-2024:0575,
Bugzilla: 2424944
Bugzilla Description: kernel: x86/sev: Make enc_dec_hypercall() accept a size instead of npages
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-805
Affected Packages: kernel-0:4.18.0-477.43.1.el8_8,kernel-0:4.18.0-553.el8_10,kernel-0:5.14.0-362.13.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50697
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424945
Bugzilla Description: kernel: mrp: introduce active flags to prevent UAF when applicant uninit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53998
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424946
Bugzilla Description: kernel: hwrng: virtio - Fix race on data_avail and actual data
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68734
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424947
Bugzilla Description: kernel: isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54010
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424948
Bugzilla Description: kernel: ACPICA: ACPICA: check null return of ACPI_ALLOCATE_ZEROED in acpi_db_display_objects
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50703
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424949
Bugzilla Description: kernel: soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54014
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424950
Bugzilla Description: kernel: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53999
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2024:2394, RHSA-2024:3138,
Bugzilla: 2424951
Bugzilla Description: kernel: Linux kernel: Denial of Service due to memory leak in mlx5e driver
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,kernel-0:4.18.0-553.el8_10,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50709
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424952
Bugzilla Description: kernel: wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-457
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53987
Severity: important
Released on: 24/12/2025
Advisory:
Bugzilla: 2424953
Bugzilla Description: kernel: Linux kernel: Denial of Service via NULL dereference in ping socket handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53990
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424954
Bugzilla Description: kernel: SMB3: Add missing locks to protect deferred close file list
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53992
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424955
Bugzilla Description: kernel: wifi: cfg80211: ocb: don't leave if not joined
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54025
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424956
Bugzilla Description: kernel: wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54027
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424957
Bugzilla Description: kernel: iio: core: Prevent invalid memory access when there is no parent
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54032
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424958
Bugzilla Description: kernel: btrfs: fix race when deleting quota root from the dirty cow roots list
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54037
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2424959
Bugzilla Description: kernel: Linux kernel: Denial of Service in ice driver via ethtool reload
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54007
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424960
Bugzilla Description: kernel: vmci_host: fix a race condition in vmci_host_poll() causing GPF
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54024
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424961
Bugzilla Description: kernel: KVM: Destroy target device if coalesced MMIO unregistration fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54039
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424962
Bugzilla Description: kernel: can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54029
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424963
Bugzilla Description: kernel: wifi: iwlwifi: fix iwl_mvm_max_amsdu_size() for MLO
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54004
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2024:3138, RHSA-2023:6583,
Bugzilla: 2424964
Bugzilla Description: kernel: Linux kernel UDPLITE: Denial of Service via null pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages: kernel-0:4.18.0-553.el8_10,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53993
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424965
Bugzilla Description: kernel: PCI/DOE: Fix memory leak with CONFIG_DEBUG_OBJECTS=y
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54002
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424966
Bugzilla Description: kernel: btrfs: fix assertion of exclop condition when starting balance
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53995
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2024:2394, RHSA-2024:3138,
Bugzilla: 2424967
Bugzilla Description: kernel: Linux kernel: Denial of Service due to memory leak in IP address deletion
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,kernel-0:4.18.0-553.el8_10,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54030
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424968
Bugzilla Description: kernel: io_uring/net: don't overflow multishot recv
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50699
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424969
Bugzilla Description: kernel: selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54035
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424970
Bugzilla Description: kernel: netfilter: nf_tables: fix underflow in chain reference counter
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54016
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2024:2394,
Bugzilla: 2424971
Bugzilla Description: kernel: Linux kernel: Memory leak in ath12k Wi-Fi driver can lead to denial of service
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54005
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424972
Bugzilla Description: kernel: binder: fix memory leak in binder_init()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50706
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424973
Bugzilla Description: kernel: net/ieee802154: don't warn zero-sized raw_sendmsg()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54001
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424974
Bugzilla Description: kernel: staging: r8712: Fix memory leak in _r8712_init_xmit_priv()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54042
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424975
Bugzilla Description: kernel: powerpc/64s: Fix VAS mm use after free
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54023
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424976
Bugzilla Description: kernel: btrfs: fix race between balance and cancel/pause
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54036
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2424977
Bugzilla Description: kernel: Linux kernel: Denial of Service due to memory leak in rtl8xxxu Wi-Fi driver
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54009
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424978
Bugzilla Description: kernel: i2c: cadence: cdns_i2c_master_xfer(): Fix runtime PM leak on error path
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50698
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424979
Bugzilla Description: kernel: ASoC: da7219: Fix an error handling path in da7219_register_dai_clks()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50707
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424980
Bugzilla Description: kernel: virtio-crypto: fix memory leak in virtio_crypto_alg_skcipher_close_session()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53986
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424981
Bugzilla Description: kernel: mips: bmips: BCM6358: disable RAC flush for TP1
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50701
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2424982
Bugzilla Description: kernel: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-131
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54028
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2424983
Bugzilla Description: kernel: RDMA/rxe: Fix the error "trying to register non-static key in rxe_cleanup_task"
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-53867
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424984
Bugzilla Description: kernel: ceph: fix potential use-after-free bug when trimming caps
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50702
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424985
Bugzilla Description: kernel: vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54033
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424986
Bugzilla Description: kernel: bpf: fix a memory leak in the LRU and LRU_PERCPU hash maps
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54019
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424987
Bugzilla Description: kernel: sched/psi: use kernfs polling functions for PSI trigger polling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54020
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424988
Bugzilla Description: kernel: dmaengine: sf-pdma: pdma_desc memory leak fix
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54021
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424989
Bugzilla Description: kernel: ext4: set goal start correctly in ext4_mb_normalize_request
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54017
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424990
Bugzilla Description: kernel: powerpc/pseries: fix possible memory leak in ibmebus_bus_init()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54031
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424991
Bugzilla Description: kernel: vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54040
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2424992
Bugzilla Description: kernel: Linux kernel: Denial of Service due to incorrect FDIR filter fallback logic
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50705
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424993
Bugzilla Description: kernel: io_uring/rw: defer fsnotify calls to task context
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50700
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2424994
Bugzilla Description: kernel: wifi: ath10k: Delay the unmapping of the buffer
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-364
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50704
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424995
Bugzilla Description: kernel: USB: gadget: Fix use-after-free during usb config switch
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54003
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2024:2394, RHSA-2024:3138,
Bugzilla: 2424996
Bugzilla Description: kernel: Linux kernel: RDMA/core GID entry leak causes Denial of Service
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,kernel-0:4.18.0-553.el8_10,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54041
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2424997
Bugzilla Description: kernel: io_uring: fix memory leak when removing provided buffers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50708
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424998
Bugzilla Description: kernel: HSI: ssi_protocol: fix potential resource leak in ssip_pn_open()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54018
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2424999
Bugzilla Description: kernel: drm/msm/hdmi: Add missing check for alloc_ordered_workqueue
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54006
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425000
Bugzilla Description: kernel: af_unix: Fix data-race around unix_tot_inflight
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50710
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2425001
Bugzilla Description: kernel: Linux kernel: Denial of Service in ice driver via uninitialized transmit rings
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-476
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50714
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:2951, RHSA-2023:2458,
Bugzilla: 2425004
Bugzilla Description: kernel: Linux kernel: Denial of Service in mt7921e driver during module unload
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-457
Affected Packages: kernel-0:4.18.0-477.10.1.el8_8,kernel-0:5.14.0-284.11.1.el9_2,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50718
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425005
Bugzilla Description: kernel: drm/amdgpu: fix pci device refcount leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54047
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425006
Bugzilla Description: kernel: drm/rockchip: dw_hdmi: cleanup drm encoder during unbind
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68737
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425007
Bugzilla Description: kernel: arm64/pageattr: Propagate return value from __change_memory_common
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54056
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425008
Bugzilla Description: kernel: kheaders: Use array declaration instead of char
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50723
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:2951, RHSA-2023:2458,
Bugzilla: 2425009
Bugzilla Description: kernel: Kernel: Denial of Service via memory leak in bnxt_nvm_test()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:4.18.0-477.10.1.el8_8,kernel-0:5.14.0-284.11.1.el9_2,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54061
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425010
Bugzilla Description: kernel: x86: fix clear_user_rep_good() exception handling annotation
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54053
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2425011
Bugzilla Description: kernel: Linux kernel: Denial of Service in iwlwifi due to NULL pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68739
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425012
Bugzilla Description: kernel: PM / devfreq: hisi: Fix potential UAF in OPP handling
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54048
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2024:2394,
Bugzilla: 2425013
Bugzilla Description: kernel: Linux kernel: Denial of Service in RDMA/bnxt_re driver due to race condition during QP destruction
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-366
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54072
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2024:2394, RHSA-2024:3138,
Bugzilla: 2425014
Bugzilla Description: kernel: Linux kernel: Denial of service or memory corruption due to a data race in ALSA PCM memory allocation
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-367
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,kernel-0:4.18.0-553.el8_10,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54057
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425015
Bugzilla Description: kernel: iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54062
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425016
Bugzilla Description: kernel: ext4: fix invalid free tracking in ext4_xattr_move_to_block()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68743
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425017
Bugzilla Description: kernel: mshv: Fix create memory region overlap check
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54064
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425018
Bugzilla Description: kernel: ipmi:ssif: Fix a memory leak when scanning for an adapter
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54074
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2425019
Bugzilla Description: kernel: Linux kernel: Denial of Service in mlx5e due to incorrect encap attribute handling
CVSS Score:
CVSSv3 Score: 3.6
Vector:
CWE: CWE-704
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50736
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2024:2394,
Bugzilla: 2425020
Bugzilla Description: kernel: Linux kernel: Privilege escalation via out-of-bounds write in RDMA/siw
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-125
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54046
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425021
Bugzilla Description: kernel: crypto: essiv - Handle EBUSY correctly
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50722
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425022
Bugzilla Description: kernel: media: ipu3-imgu: Fix NULL pointer dereference in active selection access
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54066
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425023
Bugzilla Description: kernel: media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68748
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425024
Bugzilla Description: kernel: drm/panthor: Fix UAF race between device unplug and FW event processing
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54044
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425025
Bugzilla Description: kernel: spmi: Add a check for remove callback when removing a SPMI driver
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54054
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2425026
Bugzilla Description: kernel: scsi: qla2xxx: Fix buffer overrun
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54051
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425027
Bugzilla Description: kernel: net: do not allow gso_size to be set to GSO_BY_FRAGS
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50731
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2425028
Bugzilla Description: kernel: crypto: akcipher - default implementation for setting a private key
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50719
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425029
Bugzilla Description: kernel: ALSA: line6: fix stack overflow in line6_midi_transmit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54058
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425030
Bugzilla Description: kernel: firmware: arm_ffa: Check if ffa_driver remove is present before executing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68747
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425031
Bugzilla Description: kernel: drm/panthor: Fix UAF on kernel BO VA nodes
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50733
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425032
Bugzilla Description: kernel: usb: idmouse: fix an uninit-value in idmouse_open
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54055
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:7077, RHSA-2023:6583,
Bugzilla: 2425033
Bugzilla Description: kernel: Linux kernel: Memory leak in RDMA/irdma subsystem leads to Denial of Service
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:4.18.0-513.5.1.el8_9,kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54059
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2425034
Bugzilla Description: kernel: soc: mediatek: mtk-svs: Enable the IRQ later
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68749
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425035
Bugzilla Description: kernel: accel/ivpu: Fix race condition when unbinding BOs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50712
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425036
Bugzilla Description: kernel: devlink: hold region lock when flushing snapshots
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68744
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425037
Bugzilla Description: kernel: bpf: Free special fields when update [lru_,]percpu_hash maps
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50716
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425038
Bugzilla Description: kernel: wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68745
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2425039
Bugzilla Description: kernel: Linux kernel: Denial of Service in qla2xxx SCSI driver due to improper command handling after chip reset
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54049
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425040
Bugzilla Description: kernel: rpmsg: glink: Add check for kstrdup
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50713
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2425041
Bugzilla Description: kernel: clk: visconti: Fix memory leak in visconti_register_pll()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54075
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425042
Bugzilla Description: kernel: ASoC: mediatek: common: Fix refcount leak in parse_dai_link_info
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50730
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425043
Bugzilla Description: kernel: ext4: silence the warning when evicting inode with dioread_nolock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68740
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425044
Bugzilla Description: kernel: ima: Handle error code returned by ima_filter_rule_match()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54060
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425045
Bugzilla Description: kernel: iommufd: Set end correctly when doing batch carry
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68741
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425046
Bugzilla Description: kernel: scsi: qla2xxx: Fix improper freeing of purex item
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50720
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425047
Bugzilla Description: kernel: x86/apic: Don't disable x2APIC if locked
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50725
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2425048
Bugzilla Description: kernel: media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68738
Severity: moderate
Released on: 24/12/2025
Advisory:
Bugzilla: 2425049
Bugzilla Description: kernel: wifi: mt76: mt7996: fix null pointer deref in mt7996_conf_tx()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54070
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2024:2394, RHSA-2024:3138,
Bugzilla: 2425050
Bugzilla Description: kernel: Linux kernel igb driver: Denial of Service due to improper SR-IOV cleanup
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-703
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,kernel-0:4.18.0-553.el8_10,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54065
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425051
Bugzilla Description: kernel: net: dsa: realtek: fix out-of-bounds access
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54052
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2024:2394,
Bugzilla: 2425052
Bugzilla Description: kernel: Linux kernel Wi-Fi driver: Denial of Service due to missing transmit status
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages: kernel-0:5.14.0-427.13.1.el9_4,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50724
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425053
Bugzilla Description: kernel: regulator: core: fix resource leak in regulator_register()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50726
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:2951, RHSA-2023:2458,
Bugzilla: 2425054
Bugzilla Description: kernel: net/mlx5: Fix possible use-after-free in async command interface
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-416
Affected Packages: kernel-0:4.18.0-477.10.1.el8_8,kernel-0:5.14.0-284.11.1.el9_2,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50715
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425055
Bugzilla Description: kernel: md/raid1: stop mdx_raid1 thread when raid1 array run failed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54073
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425056
Bugzilla Description: kernel: tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50727
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425057
Bugzilla Description: kernel: scsi: efct: Fix possible memleak in efct_device_init()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50721
Severity: moderate
Released on: 24/12/2025
Advisory: RHSA-2023:6583,
Bugzilla: 2425058
Bugzilla Description: kernel: dmaengine: qcom-adm: fix wrong calling convention for prep_slave_sg
CVSS Score:
CVSSv3 Score: 5.1
Vector:
CWE: CWE-209
Affected Packages: kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2025-68746
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425059
Bugzilla Description: kernel: spi: tegra210-quad: Fix timeout handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50732
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425060
Bugzilla Description: kernel: staging: rtl8192u: Fix use after free in ieee80211_rx()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54050
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425061
Bugzilla Description: kernel: ubifs: Fix memleak when insert_old_idx() failed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2022-50729
Severity:
Released on: 24/12/2025
Advisory:
Bugzilla: 2425062
Bugzilla Description: kernel: ksmbd: Fix resource leak in ksmbd_session_rpc_open()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document

CVE-2023-54069
Severity: low
Released on: 24/12/2025
Advisory:
Bugzilla: 2425063
Bugzilla Description: kernel: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document