CVE-2026-43453
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla:
Bugzilla Description:
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43309
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468037
Bugzilla Description:
kernel: md raid: fix hang when stopping arrays with metadata through dm-raid
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43342
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468039
Bugzilla Description:
kernel: usb: gadget: f_rndis: Protect RNDIS options with mutex
CVSS Score:
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43345
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468040
Bugzilla Description:
kernel: net: ipa: fix event ring index not programmed for IPA v5.0+
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43293
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468044
Bugzilla Description:
kernel: media: chips-media: wave5: Fix kthread worker destruction in polling mode
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43285
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468046
Bugzilla Description:
kernel: mm/slab: do not access current->mems_allowed_seq if !allow_spin
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43321
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468047
Bugzilla Description:
kernel: bpf: Properly mark live registers for indirect jumps
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43298
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468048
Bugzilla Description:
kernel: drm/amdgpu: Skip vcn poison irq release on VF
CVSS Score:
Vector:
CWE: CWE-832
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71297
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468053
Bugzilla Description:
kernel: wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71296
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468054
Bugzilla Description:
kernel: drm/tests: shmem: Hold reservation lock around purge
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43299
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468058
Bugzilla Description:
kernel: btrfs: do not ASSERT() when the fs flips RO inside btrfs_repair_io_failure()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43304
Severity: important
Released on: 08/05/2026
Advisory:
Bugzilla: 2468062
Bugzilla Description:
kernel: libceph: define and enforce CEPH_MAX_KEY_LEN
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43288
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468063
Bugzilla Description:
kernel: ext4: move ext4_percpu_param_init() before ext4_mb_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43343
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468064
Bugzilla Description:
kernel: usb: gadget: f_subset: Fix unbalanced refcnt in geth_free
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43347
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468065
Bugzilla Description:
kernel: arm64: dts: qcom: monaco: Reserve full Gunyah metadata region
CVSS Score:
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43319
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468066
Bugzilla Description:
kernel: spi: spidev: fix lock inversion between spi_lock and buf_lock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43349
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468067
Bugzilla Description:
kernel: f2fs: fix to avoid uninit-value access in f2fs_sanity_check_node_footer
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43291
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468069
Bugzilla Description:
kernel: net: nfc: nci: Fix parameter validation for packet data
CVSS Score:
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71302
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468072
Bugzilla Description:
kernel: drm/panthor: fix for dma-fence safe access rules
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43295
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468075
Bugzilla Description:
kernel: rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net()
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43308
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468076
Bugzilla Description:
kernel: btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71300
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468077
Bugzilla Description:
kernel: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree"
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43348
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468078
Bugzilla Description:
kernel: mshv_vtl: Fix vmemmap_shift exceeding MAX_FOLIO_ORDER
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71301
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468083
Bugzilla Description:
kernel: drm/tests: shmem: Hold reservation lock around vmap/vunmap
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43297
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468084
Bugzilla Description:
kernel: media: rockchip: rga: Fix possible ERR_PTR dereference in rga_buf_init()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43292
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468085
Bugzilla Description:
kernel: mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43314
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468086
Bugzilla Description:
kernel: dm: remove fake timeout to avoid leak request
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43305
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468088
Bugzilla Description:
kernel: drm/amd/display: Fix mismatched unlock for DMUB HW lock in HWSS fast path
CVSS Score:
Vector:
CWE: CWE-832
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43290
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468089
Bugzilla Description:
kernel: media: uvcvideo: Return queued buffers on start_streaming() failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43317
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468090
Bugzilla Description:
kernel: most: core: fix leak on early registration failure
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43303
Severity: important
Released on: 08/05/2026
Advisory:
Bugzilla: 2468091
Bugzilla Description:
kernel: mm/page_alloc: clear page->private in free_pages_prepare()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43320
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468092
Bugzilla Description:
kernel: drm/amd/display: Fix dsc eDP issue
CVSS Score:
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43344
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468093
Bugzilla Description:
kernel: perf/x86/intel/uncore: Fix die ID init and look up bugs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-253
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43341
Severity: important
Released on: 08/05/2026
Advisory:
Bugzilla: 2468097
Bugzilla Description:
kernel: net/ipv6: ioam6: prevent schema length wraparound in trace fill
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43340
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468098
Bugzilla Description:
kernel: comedi: Reinit dev->spinlock between attachments to low-level drivers
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43306
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468100
Bugzilla Description:
kernel: bpf: crypto: Use the correct destructor kfunc type
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-843
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43307
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468101
Bugzilla Description:
kernel: iio: accel: adxl380: Avoid reading more entries than present in FIFO
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43302
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468103
Bugzilla Description:
kernel: drm/v3d: Set DMA segment size to avoid debug warnings
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71299
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468104
Bugzilla Description:
kernel: spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43294
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468106
Bugzilla Description:
kernel: drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels
CVSS Score:
Vector:
CWE: CWE-841
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43287
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468108
Bugzilla Description:
kernel: drm: Account property blob allocations to memcg
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43346
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468109
Bugzilla Description:
kernel: ice: ptp: don't WARN when controlling PF is unavailable
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43350
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468110
Bugzilla Description:
kernel: smb: client: require a full NFS mode SID before reading mode bits
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43315
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468111
Bugzilla Description:
kernel: KVM: nSVM: Remove a user-triggerable WARN on nested_svm_load_cr3() succeeding
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43313
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468112
Bugzilla Description:
kernel: ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43286
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468114
Bugzilla Description:
kernel: mm/hugetlb: restore failed global reservations to subpool
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43289
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468115
Bugzilla Description:
kernel: kexec: derive purgatory entry from symbol
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43300
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468116
Bugzilla Description:
kernel: drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43316
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468120
Bugzilla Description:
kernel: media: solo6x10: Check for out of bounds chip_id
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71298
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468121
Bugzilla Description:
kernel: drm/tests: shmem: Hold reservation lock around madvise
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43312
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468123
Bugzilla Description:
kernel: media: i2c: ov5647: Initialize subdev before controls
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43296
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468125
Bugzilla Description:
kernel: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43311
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468129
Bugzilla Description:
kernel: soc/tegra: pmc: Fix unsafe generic_handle_irq() call
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43310
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468130
Bugzilla Description:
kernel: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC
CVSS Score:
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43463
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468141
Bugzilla Description:
kernel: rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43384
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468142
Bugzilla Description:
kernel: net/tcp-ao: Fix MAC comparison to be constant-time
CVSS Score:
Vector:
CWE: CWE-208
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43364
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468143
Bugzilla Description:
kernel: ublk: fix NULL pointer dereference in ublk_ctrl_set_size()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43419
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468144
Bugzilla Description:
kernel: ceph: fix memory leaks in ceph_mdsc_build_path()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43454
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468145
Bugzilla Description:
kernel: netfilter: nf_tables: Fix for duplicate device in netdev hooks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-694
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43431
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468146
Bugzilla Description:
kernel: xhci: Fix NULL pointer dereference when reading portli debugfs files
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43372
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468147
Bugzilla Description:
kernel: net: dsa: microchip: Fix error path in PTP IRQ setup
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43460
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468148
Bugzilla Description:
kernel: spi: rockchip-sfc: Fix double-free in remove() callback
CVSS Score:
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43467
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468149
Bugzilla Description:
kernel: net/mlx5: Fix crash when moving to switchdev mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43437
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468150
Bugzilla Description:
kernel: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43444
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468151
Bugzilla Description:
kernel: drm/amdkfd: Unreserve bo if queue update failed
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43429
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468152
Bugzilla Description:
kernel: USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43465
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468153
Bugzilla Description:
kernel: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43414
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468155
Bugzilla Description:
kernel: scsi: qla2xxx: Completely fix fcport double free
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43404
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468156
Bugzilla Description:
kernel: mm: Fix a hmm_range_fault() livelock / starvation problem
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43445
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468157
Bugzilla Description:
kernel: e1000/e1000e: Fix leak in DMA error cleanup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-193
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43446
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468158
Bugzilla Description:
kernel: accel/amdxdna: Fix runtime suspend deadlock when there is pending job
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43441
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468159
Bugzilla Description:
kernel: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43466
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468160
Bugzilla Description:
kernel: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43405
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468161
Bugzilla Description:
kernel: libceph: Use u32 for non-negative values in ceph_monmap_decode()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-681
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43378
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468162
Bugzilla Description:
kernel: smb: server: fix use-after-free in smb2_open()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43457
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468163
Bugzilla Description:
kernel: mctp: i2c: fix skb memory leak in receive path
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43360
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468164
Bugzilla Description:
kernel: btrfs: fix transaction abort on file creation due to name hash collision
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43416
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468165
Bugzilla Description:
kernel: powerpc, perf: Check that current->mm is alive before getting user callchain
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43359
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468167
Bugzilla Description:
kernel: btrfs: fix transaction abort on set received ioctl due to item overflow
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43358
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468168
Bugzilla Description:
kernel: btrfs: add missing RCU unlock in error path in try_release_subpage_extent_buffer()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43462
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468169
Bugzilla Description:
kernel: net: spacemit: Fix error handling in emac_tx_mem_map()
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43399
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468170
Bugzilla Description:
kernel: drm/amdgpu/userq: Fix reference leak in amdgpu_userq_wait_ioctl
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43374
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468172
Bugzilla Description:
kernel: net: nexthop: fix percpu use-after-free in remove_nh_grp_entry
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43375
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468173
Bugzilla Description:
kernel: net: mctp: fix device leak on probe failure
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43388
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468174
Bugzilla Description:
kernel: mm/damon/core: clear walk_control on inactive context in damos_walk()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43398
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468175
Bugzilla Description:
kernel: drm/amdgpu: add upper bound check on user inputs in wait ioctl
CVSS Score:
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43410
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468176
Bugzilla Description:
kernel: firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43352
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468177
Bugzilla Description:
kernel: i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43365
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468178
Bugzilla Description:
kernel: xfs: fix undersized l_iclog_roundoff values
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-166
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43401
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468179
Bugzilla Description:
kernel: cpufreq: intel_pstate: Fix NULL pointer dereference in update_cpu_qos_request()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43432
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468180
Bugzilla Description:
kernel: usb: xhci: Fix memory leak in xhci_disable_slot()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43468
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468181
Bugzilla Description:
kernel: net/mlx5: Fix deadlock between devlink lock and esw->wq
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43475
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468182
Bugzilla Description:
kernel: scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43415
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468183
Bugzilla Description:
kernel: scsi: ufs: core: Fix SError in ufshcd_rtc_work() during UFS suspend
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43391
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468185
Bugzilla Description:
kernel: nsfs: tighten permission checks for handle opening
CVSS Score:
Vector:
CWE: CWE-1220
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43386
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468186
Bugzilla Description:
kernel: staging: rtl8723bs: fix potential out-of-bounds read in rtw_restruct_wmm_ie
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43411
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468187
Bugzilla Description:
kernel: tipc: fix divide-by-zero in tipc_sk_filter_connect()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43397
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468188
Bugzilla Description:
kernel: drm/bridge: samsung-dsim: Fix memory leak in error path
CVSS Score:
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43382
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468189
Bugzilla Description:
kernel: batman-adv: Avoid double-rtnl_lock ELP metric worker
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43377
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468190
Bugzilla Description:
kernel: ksmbd: Don't log keys in SMB3 signing and encryption key generation
CVSS Score:
Vector:
CWE: CWE-215
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43385
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468191
Bugzilla Description:
kernel: net: Fix rcu_tasks stall in threaded busypoll
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43368
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468192
Bugzilla Description:
kernel: drm/i915: Fix potential overflow of shmem scatterlist length
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43474
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468193
Bugzilla Description:
kernel: fs: init flags_valid before calling vfs_fileattr_get
CVSS Score:
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43428
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468194
Bugzilla Description:
kernel: USB: core: Limit the length of unkillable synchronous timeouts
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43435
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468195
Bugzilla Description:
kernel: rust_binder: fix oneway spam detection
CVSS Score:
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43390
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468196
Bugzilla Description:
kernel: nstree: tighten permission checks for listing
CVSS Score:
Vector:
CWE: CWE-1220
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43373
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468197
Bugzilla Description:
kernel: net: ncsi: fix skb leak in error paths
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43362
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468198
Bugzilla Description:
kernel: smb: client: fix in-place encryption corruption in SMB2_write()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-649
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43379
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468199
Bugzilla Description:
kernel: ksmbd: fix use-after-free in smb_lazy_parent_lease_break_close()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43408
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468200
Bugzilla Description:
kernel: ceph: add a bunch of missing ceph_path_info initializers
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43471
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468201
Bugzilla Description:
kernel: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcd_add_command_trace()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43381
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468202
Bugzilla Description:
kernel: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43413
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468203
Bugzilla Description:
kernel: scsi: hisi_sas: Fix NULL pointer exception during user_scan()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43351
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468204
Bugzilla Description:
kernel: KVM: arm64: Eagerly init vgic dist/redist on vgic creation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43389
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468205
Bugzilla Description:
kernel: mm: memfd_luo: always dirty all folios
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43472
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468206
Bugzilla Description:
kernel: unshare: fix unshare_fs() handling
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43407
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468207
Bugzilla Description:
kernel: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43409
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468209
Bugzilla Description:
kernel: kprobes: avoid crash when rmmod/insmod after ftrace killed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-253
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43461
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468210
Bugzilla Description:
kernel: spi: amlogic: spifc-a4: Fix DMA mapping error handling
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43418
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468211
Bugzilla Description:
kernel: sched/mmcid: Prevent CID stalls due to concurrent forks
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43402
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468212
Bugzilla Description:
kernel: kthread: consolidate kthread exit paths to prevent use-after-free
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43363
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468213
Bugzilla Description:
kernel: x86/apic: Disable x2apic on resume if the kernel expects so
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43369
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468214
Bugzilla Description:
kernel: drm/amd: Fix NULL pointer dereference in device cleanup
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43452
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468215
Bugzilla Description:
kernel: netfilter: x_tables: guard option walkers against 1-byte tail reads
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-193
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43424
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468216
Bugzilla Description:
kernel: usb: gadget: f_tcm: Fix NULL pointer dereferences in nexus handling
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43393
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468217
Bugzilla Description:
kernel: btrfs: fix chunk map leak in btrfs_map_block() after btrfs_chunk_map_num_copies()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43376
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468218
Bugzilla Description:
kernel: ksmbd: fix use-after-free by using call_rcu() for oplock_info
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43396
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468219
Bugzilla Description:
kernel: drm/xe/sync: Fix user fence leak on alloc failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43392
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468221
Bugzilla Description:
kernel: sched_ext: Fix starvation of scx_enable() under fair-class saturation
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43353
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468222
Bugzilla Description:
kernel: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43436
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468223
Bugzilla Description:
kernel: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43439
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468224
Bugzilla Description:
kernel: cgroup: fix race between task migration and iteration
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43447
Severity: important
Released on: 08/05/2026
Advisory:
Bugzilla: 2468225
Bugzilla Description:
kernel: iavf: fix PTP use-after-free during reset
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43442
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468226
Bugzilla Description:
kernel: io_uring: fix physical SQE bounds check for SQE_MIXED 128-byte ops
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43459
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468227
Bugzilla Description:
kernel: ASoC: soc-core: flush delayed work before removing DAIs and widgets
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43450
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468228
Bugzilla Description:
kernel: netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1095
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43469
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468229
Bugzilla Description:
kernel: xprtrdma: Decrement re_receiving on the early exit paths
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43421
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468230
Bugzilla Description:
kernel: usb: gadget: f_ncm: Fix net_device lifecycle with device_move
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43366
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468231
Bugzilla Description:
kernel: io_uring/kbuf: check if target buffer list is still legacy on recycle
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43427
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468232
Bugzilla Description:
kernel: usb: class: cdc-wdm: fix reordering issue in read code path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43354
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468233
Bugzilla Description:
kernel: iio: proximity: hx9023s: Protect against division by zero in set_samp_freq
CVSS Score:
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43433
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468234
Bugzilla Description:
kernel: rust_binder: avoid reading the written value in offsets array
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43438
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468235
Bugzilla Description:
kernel: sched_ext: Remove redundant css_put() in scx_cgroup_init()
CVSS Score:
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43464
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468236
Bugzilla Description:
kernel: net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43430
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468237
Bugzilla Description:
kernel: usb: yurex: fix race in probe
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43355
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468238
Bugzilla Description:
kernel: iio: light: bh1780: fix PM runtime leak on error path
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43451
Severity: low
Released on: 08/05/2026
Advisory:
Bugzilla: 2468239
Bugzilla Description:
kernel: netfilter: nfnetlink_queue: fix entry leak in bridge verdict error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43443
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468241
Bugzilla Description:
kernel: ASoC: amd: acp-mach-common: Add missing error check for clock acquisition
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43383
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468242
Bugzilla Description:
kernel: net/tcp-md5: Fix MAC comparison to be constant-time
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-208
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43417
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468243
Bugzilla Description:
kernel: sched/mmcid: Handle vfork()/CLONE_VM correctly
CVSS Score:
Vector:
CWE: CWE-1095
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43370
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468244
Bugzilla Description:
kernel: drm/amdgpu: Fix use-after-free race in VM acquire
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43380
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468245
Bugzilla Description:
kernel: hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43395
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468246
Bugzilla Description:
kernel: drm/xe/sync: Cleanup partially initialized sync on parse failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43420
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468247
Bugzilla Description:
kernel: ceph: fix i_nlink underrun during async unlink
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43448
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468248
Bugzilla Description:
kernel: nvme-pci: Fix race bug in nvme_poll_irqdisable()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43403
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468250
Bugzilla Description:
kernel: nsfs: tighten permission checks for ns iteration ioctls
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-280
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43406
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468251
Bugzilla Description:
kernel: libceph: prevent potential out-of-bounds reads in process_message_header()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43412
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468252
Bugzilla Description:
kernel: ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43426
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468253
Bugzilla Description:
kernel: usb: renesas_usbhs: fix use-after-free in ISR during device removal
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43449
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468254
Bugzilla Description:
kernel: nvme-pci: Fix slab-out-of-bounds in nvme_dbbuf_set
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43456
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468255
Bugzilla Description:
kernel: bonding: fix type confusion in bond_setup_by_slave()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-843
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43423
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468256
Bugzilla Description:
kernel: usb: gadget: f_ncm: Fix atomic context locking issue
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-663
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43458
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468257
Bugzilla Description:
kernel: serial: caif: hold tty->link reference in ldisc_open and ser_release
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43470
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468258
Bugzilla Description:
kernel: nfs: return EISDIR on nfs3_proc_create if d_alias is a dir
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43434
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468259
Bugzilla Description:
kernel: rust_binder: check ownership before using vma
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43440
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468260
Bugzilla Description:
kernel: net/mana: Null service_wq on setup error to prevent double destroy
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43400
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468261
Bugzilla Description:
kernel: drm/amdgpu: add upper bound check on user inputs in signal ioctl
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43394
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468262
Bugzilla Description:
kernel: nfsd: Fix cred ref leak in nfsd_nl_listener_set_doit()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43361
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468264
Bugzilla Description:
kernel: btrfs: fix transaction abort when snapshotting received subvolumes
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43455
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468265
Bugzilla Description:
kernel: mctp: route: hold key->lock in mctp_flow_prepare_output()
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43367
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468266
Bugzilla Description:
kernel: drm/amd: Fix a few more NULL pointer dereference in device cleanup
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43422
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468267
Bugzilla Description:
kernel: usb: legacy: ncm: Fix NPE in gncm_bind
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43473
Severity: moderate
Released on: 08/05/2026
Advisory:
Bugzilla: 2468268
Bugzilla Description:
kernel: scsi: mpi3mr: Add NULL checks when resetting request and reply queues
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43387
Severity:
Released on: 08/05/2026
Advisory:
Bugzilla: 2468269
Bugzilla Description:
kernel: staging: rtl8723bs: properly validate the data in rtw_get_ie_ex()
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-8094
Severity: important
Released on: 07/05/2026
Advisory:
Bugzilla: 2467706
Bugzilla Description:
firefox: Other issue in the WebRTC component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-8092
Severity: important
Released on: 07/05/2026
Advisory:
Bugzilla: 2467708
Bugzilla Description:
firefox: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-8090
Severity: important
Released on: 07/05/2026
Advisory:
Bugzilla: 2467709
Bugzilla Description:
firefox: Use-after-free in the DOM: Networking component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-41139
Severity: important
Released on: 07/05/2026
Advisory:
Bugzilla: 2467648
Bugzilla Description:
mathjs: math.js: Arbitrary code execution via expression parser
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-94
Affected Packages:
Package States: Cryostat 4,Red Hat Developer Hub,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Self-service automation portal 2,
Full Details
CVE document
CVE-2026-43284
Severity: important
Released on: 07/05/2026
Advisory:
Bugzilla: 2467771
Bugzilla Description:
kernel: "Dirty Frag" is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-123
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-6420
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2458889
Bugzilla Description:
keylime: Keylime: Security bypass due to hardcoded TPM quote nonce
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-1241
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43262
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla:
Bugzilla Description:
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-764
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43075
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2466979
Bugzilla Description:
kernel: ocfs2: fix out-of-bounds write in ocfs2_write_end_inline
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43087
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466980
Bugzilla Description:
kernel: pinctrl: mcp23s08: Disable all pin interrupts during probe
CVSS Score:
Vector:
CWE: CWE-431
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43088
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466981
Bugzilla Description:
kernel: net: af_key: zero aligned sockaddr tail in PF_KEY exports
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43091
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466983
Bugzilla Description:
kernel: xfrm: Wait for RCU readers during policy netns exit
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43102
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2466984
Bugzilla Description:
kernel: net: airoha: Fix memory leak in airoha_qdma_rx_process()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43097
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2466985
Bugzilla Description:
kernel: PCI: hv: Fix double ida_free in hv_pci_probe error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43079
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466986
Bugzilla Description:
kernel: perf/x86/intel/uncore: Skip discovery table for offline dies
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43107
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466987
Bugzilla Description:
kernel: xfrm: account XFRMA_IF_ID in aevent size calculation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43106
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466988
Bugzilla Description:
kernel: cachefiles: fix incorrect dentry refcount in cachefiles_cull()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43111
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466989
Bugzilla Description:
kernel: HID: roccat: fix use-after-free in roccat_report_event
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43119
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466991
Bugzilla Description:
kernel: Bluetooth: hci_sync: annotate data-races around hdev->req_status
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43118
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466992
Bugzilla Description:
kernel: btrfs: fix zero size inode with non-zero size after log replay
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-448
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43086
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466993
Bugzilla Description:
kernel: ipvs: fix NULL deref in ip_vs_add_service error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43114
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466994
Bugzilla Description:
kernel: netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-480
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43081
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466995
Bugzilla Description:
kernel: net: ipa: fix GENERIC_CMD register field masks for IPA v5.0+
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1288
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43101
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466996
Bugzilla Description:
kernel: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43099
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466997
Bugzilla Description:
kernel: ipv4: icmp: fix null-ptr-deref in icmp_build_probe()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-253
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43113
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2466998
Bugzilla Description:
kernel: wifi: wl1251: validate packet IDs before indexing tx_frames
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43076
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2466999
Bugzilla Description:
kernel: ocfs2: validate inline data i_size during inode read
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43115
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467000
Bugzilla Description:
kernel: srcu: Use irq_work to start GP in tiny SRCU
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43108
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467001
Bugzilla Description:
kernel: soc: qcom: pd-mapper: Fix element length in servreg_loc_pfr_req_ei
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43117
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467002
Bugzilla Description:
kernel: btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file()
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43104
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467003
Bugzilla Description:
kernel: drm/vc4: Fix a memory leak in hang state error path
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43093
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467004
Bugzilla Description:
kernel: xsk: tighten UMEM headroom validation to account for tailroom and min frame
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43116
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467005
Bugzilla Description:
kernel: netfilter: ctnetlink: ensure safe access to master conntrack
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43094
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467006
Bugzilla Description:
kernel: ixgbevf: add missing negotiate_features op to Hyper-V ops table
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43105
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467007
Bugzilla Description:
kernel: drm/vc4: Fix memory leak of BO array in hang state
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43092
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467008
Bugzilla Description:
kernel: xsk: validate MTU against usable frame size on bind
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43103
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467009
Bugzilla Description:
kernel: net: lapbether: handle NETDEV_PRE_TYPE_CHANGE
CVSS Score:
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43080
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467010
Bugzilla Description:
kernel: l2tp: Drop large packets with UDP encap
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43100
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467011
Bugzilla Description:
kernel: bridge: guard local VLAN-0 FDB helpers against NULL vlan group
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43120
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467012
Bugzilla Description:
kernel: RDMA/irdma: Fix double free related to rereg_user_mr
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43083
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467013
Bugzilla Description:
kernel: net: ioam6: fix OOB and missing lock
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43110
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467014
Bugzilla Description:
kernel: wifi: brcmfmac: validate bsscfg indices in IF events
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43112
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467015
Bugzilla Description:
kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-786
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43095
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467016
Bugzilla Description:
kernel: ASoC: SDCA: Fix errors in IRQ cleanup
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43090
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467017
Bugzilla Description:
kernel: xfrm: fix refcount leak in xfrm_migrate_policy_find
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43096
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467018
Bugzilla Description:
kernel: mshv: Fix infinite fault loop on permission-denied GPA intercepts
CVSS Score:
Vector:
CWE: CWE-280
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43074
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467019
Bugzilla Description:
kernel: eventpoll: defer struct eventpoll free to RCU grace period
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43085
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467020
Bugzilla Description:
kernel: netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43084
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467021
Bugzilla Description:
kernel: netfilter: nfnetlink_queue: make hash table per queue
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43077
Severity: important
Released on: 06/05/2026
Advisory: RHSA-2026:13936, RHSA-2026:13734, RHSA-2026:13932, RHSA-2026:14339, RHSA-2026:13578, RHSA-2026:13887, RHSA-2026:14137, RHSA-2026:13566, RHSA-2026:13577, RHSA-2026:13565, RHSA-2026:14301, RHSA-2026:14230, RHSA-2026:14165, RHSA-2026:13681,
Bugzilla: 2467022
Bugzilla Description:
kernel: crypto: algif_aead - Fix minimum RX size check for decryption
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages: kernel-0:4.18.0-553.123.1.el8_10,kernel-0:4.18.0-477.139.1.el8_8,kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0,kernel-rt-0:4.18.0-553.123.1.rt7.464.el8_10,kernel-0:5.14.0-611.54.1.el9_7,kernel-0:4.18.0-372.191.1.el8_6,kernel-0:5.14.0-70.178.1.el9_0,kernel-0:4.18.0-305.190.1.el8_4,kernel-0:5.14.0-427.124.1.el9_4,kernel-rt-0:5.14.0-284.169.1.rt14.454.el9_2,kernel-0:6.12.0-55.71.1.el10_0,kernel-0:5.14.0-570.112.1.el9_6,kernel-0:6.12.0-124.55.1.el10_1,kernel-0:5.14.0-284.169.1.el9_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43078
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467023
Bugzilla Description:
kernel: crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43089
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467024
Bugzilla Description:
kernel: xfrm_user: fix info leak in build_mapping()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43098
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467025
Bugzilla Description:
kernel: nfc: s3fwrn5: allocate rx skb before consuming bytes
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43109
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467026
Bugzilla Description:
kernel: x86: shadow stacks: proper error handling for mmap lock
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-414
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43082
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467027
Bugzilla Description:
kernel: net: txgbe: leave space for null terminators on property_entry
CVSS Score:
Vector:
CWE: CWE-170
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43148
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467058
Bugzilla Description:
kernel: powerpc/smp: Add check for kcalloc() failure in parse_thread_groups()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43163
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467059
Bugzilla Description:
kernel: md/bitmap: fix GPF in write_page caused by resize race
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43175
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467060
Bugzilla Description:
kernel: clk: rs9: Reserve 8 struct clk_hw slots for for 9FGV0841
CVSS Score:
Vector:
CWE: CWE-788
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71272
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467061
Bugzilla Description:
kernel: most: core: fix resource leak in most_register_interface error paths
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43214
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467062
Bugzilla Description:
kernel: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43160
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467063
Bugzilla Description:
kernel: mfd: macsmc: Initialize mutex
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43190
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467064
Bugzilla Description:
kernel: netfilter: xt_tcpmss: check remaining length before reading optlen
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43133
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467065
Bugzilla Description:
kernel: KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43250
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467066
Bugzilla Description:
kernel: usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke()
CVSS Score:
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43123
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467067
Bugzilla Description:
kernel: fbcon: check return value of con2fb_acquire_newinfo()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43181
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467068
Bugzilla Description:
kernel: gpio: sysfs: fix chip removal with GPIOs exported over sysfs
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43202
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467069
Bugzilla Description:
kernel: fbdev: vt8500lcdfb: fix missing dma_free_coherent()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43132
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467070
Bugzilla Description:
kernel: dm-verity: correctly handle dm_bufio_client_create() failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43215
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467071
Bugzilla Description:
kernel: cifs: Fix locking usage for tcon fields
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43231
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467072
Bugzilla Description:
kernel: media: radio-keene: fix memory leak in error path
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43243
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467073
Bugzilla Description:
kernel: drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src
CVSS Score:
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43271
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467074
Bugzilla Description:
kernel: md-cluster: fix NULL pointer dereference in process_metadata_update
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43159
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467075
Bugzilla Description:
kernel: staging: rtl8723bs: fix null dereference in find_network
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43193
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467076
Bugzilla Description:
kernel: nfsd: fix nfs4_file refcount leak in nfsd_get_dir_deleg()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43269
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467077
Bugzilla Description:
kernel: drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71288
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467078
Bugzilla Description:
kernel: memory: mtk-smi: fix device leaks on common probe
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43275
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467079
Bugzilla Description:
kernel: scsi: ufs: core: Flush exception handling work when RPM level is zero
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43146
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467080
Bugzilla Description:
kernel: media: iris: Add buffer to list only after successful allocation
CVSS Score:
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43208
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467081
Bugzilla Description:
kernel: net: do not pass flow_id to set_rps_cpu()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43142
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467082
Bugzilla Description:
kernel: media: iris: gen1: Destroy internal buffers after FW releases
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43260
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467083
Bugzilla Description:
kernel: bnxt_en: Fix RSS context delete logic
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43248
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467084
Bugzilla Description:
kernel: vhost: move vdpa group bound check to vhost_vdpa
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43151
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467085
Bugzilla Description:
kernel: Revert "media: iris: Add sanity check for stop streaming"
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43281
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467086
Bugzilla Description:
kernel: mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43183
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467087
Bugzilla Description:
kernel: media: cx25821: Fix a resource leak in cx25821_dev_setup()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43220
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467088
Bugzilla Description:
kernel: iommu/amd: serialize sequence allocation under concurrent TLB invalidations
CVSS Score:
Vector:
CWE: CWE-1066
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43136
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467089
Bugzilla Description:
kernel: HID: logitech-hidpp: Check maxfield in hidpp_get_report_length()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-166
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43205
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467090
Bugzilla Description:
kernel: dpaa2-switch: validate num_ifs to prevent out-of-bounds write
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43255
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467091
Bugzilla Description:
kernel: wifi: libertas: fix WARNING in usb_tx_block
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43141
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467092
Bugzilla Description:
kernel: ntb: ntb_hw_switchtec: Fix shift-out-of-bounds for 0 mw lut
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43154
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467093
Bugzilla Description:
kernel: erofs: fix incorrect early exits in volume label handling
CVSS Score:
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43188
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467094
Bugzilla Description:
kernel: ceph: do not propagate page array emplacement errors as batch errors
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43259
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467095
Bugzilla Description:
kernel: phy: fsl-imx8mq-usb: set platform driver data
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43184
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467096
Bugzilla Description:
kernel: rnbd-srv: Zero the rsp buffer before using it
CVSS Score:
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43187
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467097
Bugzilla Description:
kernel: xfs: delete attr leaf freemap entries when empty
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43199
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467098
Bugzilla Description:
kernel: net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-368
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71291
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467099
Bugzilla Description:
kernel: misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43232
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467100
Bugzilla Description:
kernel: net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71290
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467101
Bugzilla Description:
kernel: misc: ti_fpc202: fix a potential memory leak in probe function
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43153
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467102
Bugzilla Description:
kernel: xfs: remove xfs_attr_leaf_hasname
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43170
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467103
Bugzilla Description:
kernel: usb: dwc3: gadget: Move vbus draw to workqueue context
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-663
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71274
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467104
Bugzilla Description:
kernel: rpmsg: core: fix race in driver_override_show() and use core helper
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43137
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467105
Bugzilla Description:
kernel: ASoC: SOF: Intel: hda: Fix NULL pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43149
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467106
Bugzilla Description:
kernel: net: wan/fsl_ucc_hdlc: Fix dma_free_coherent() in uhdlc_memclean()
CVSS Score:
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71295
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467107
Bugzilla Description:
kernel: fs/buffer: add alert in try_to_free_buffers() for folios without buffers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43169
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467108
Bugzilla Description:
kernel: drm/buddy: Prevent BUG_ON by validating rounded allocation
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43182
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467109
Bugzilla Description:
kernel: media: ccs: Avoid possible division by zero
CVSS Score:
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43121
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467110
Bugzilla Description:
kernel: io_uring/zcrx: fix user_ref race between scrub and refill paths
CVSS Score:
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43191
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467111
Bugzilla Description:
kernel: drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43134
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467112
Bugzilla Description:
kernel: Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43276
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467113
Bugzilla Description:
kernel: net: mana: Fix double destroy_workqueue on service rescan PCI path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43173
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467114
Bugzilla Description:
kernel: net: ethernet: xscale: Check for PTP support properly
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43230
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467115
Bugzilla Description:
kernel: net/rds: Clear reconnect pending bit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43242
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467116
Bugzilla Description:
kernel: soc: ti: k3-socinfo: Fix regmap leak on probe failure
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43196
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467117
Bugzilla Description:
kernel: soc: ti: pruss: Fix double free in pruss_clk_mux_setup()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43261
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467118
Bugzilla Description:
kernel: arm64: Add support for TSV110 Spectre-BHB mitigation
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-515
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43249
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467119
Bugzilla Description:
kernel: 9p/xen: protect xen_9pfs_front_free against concurrent calls
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43240
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467120
Bugzilla Description:
kernel: x86/kexec: add a sanity check on previous kernel's ima kexec buffer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43228
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467121
Bugzilla Description:
kernel: hfs: Replace BUG_ON with error handling for CNID count checks
CVSS Score:
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43171
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467122
Bugzilla Description:
kernel: EFI/CPER: don't dump the entire memory region
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43143
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467123
Bugzilla Description:
kernel: mfd: core: Add locking around 'mfd_of_node_list'
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43265
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467124
Bugzilla Description:
kernel: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1288
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43219
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467125
Bugzilla Description:
kernel: net: cpsw_new: Fix potential unregister of netdev that has not been registered yet
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43179
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467126
Bugzilla Description:
kernel: erofs: fix incorrect early exits for invalid metabox-enabled images
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43272
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467127
Bugzilla Description:
kernel: ring-buffer: Fix possible dereference of uninitialized pointer
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71293
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467128
Bugzilla Description:
kernel: drm/amdgpu/ras: Move ras data alloc before bad page check
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43122
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467129
Bugzilla Description:
kernel: ACPI: processor: Update cpuidle driver check in __acpi_processor_start()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43241
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467130
Bugzilla Description:
kernel: ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43174
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467131
Bugzilla Description:
kernel: io_uring/zcrx: fix post open error handling
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43270
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467132
Bugzilla Description:
kernel: media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove()
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43145
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467133
Bugzilla Description:
kernel: remoteproc: imx_rproc: Fix invalid loaded resource table detection
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43162
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467134
Bugzilla Description:
kernel: media: tegra-video: Fix memory leak in __tegra_channel_try_format()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43233
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467135
Bugzilla Description:
kernel: netfilter: nf_conntrack_h323: fix OOB read in decode_choice()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43167
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467136
Bugzilla Description:
kernel: xfrm: always flush state and policy upon NETDEV_UNREGISTER event
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43166
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467137
Bugzilla Description:
kernel: erofs: fix interlaced plain identification for encoded extents
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43266
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467139
Bugzilla Description:
kernel: EFI/CPER: don't go past the ARM processor CPER record buffer
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43192
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467140
Bugzilla Description:
kernel: dm mpath: Add missing dm_put_device when failing to get scsi dh name
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43280
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467141
Bugzilla Description:
kernel: drm/xe: Add bounds check on pat_index to prevent OOB kernel read in madvise
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43204
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467142
Bugzilla Description:
kernel: ASoC: qcom: q6asm: drop DSP responses for closed data streams
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43186
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467143
Bugzilla Description:
kernel: ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43128
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467144
Bugzilla Description:
kernel: RDMA/umem: Fix double dma_buf_unpin in failure path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71294
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467145
Bugzilla Description:
kernel: drm/amdgpu: fix NULL pointer issue buffer funcs
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43258
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467146
Bugzilla Description:
kernel: alpha: fix user-space corruption during memory compaction
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43267
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467147
Bugzilla Description:
kernel: wifi: rtw89: fix potential zero beacon interval in beacon tracking
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71287
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467148
Bugzilla Description:
kernel: memory: mtk-smi: fix device leak on larb probe
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71285
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467149
Bugzilla Description:
kernel: net: qrtr: Drop the MHI auto_queue feature for IPCR DL channels
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43176
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467150
Bugzilla Description:
kernel: wifi: rtw89: pci: validate release report content before using for RTL8922DE
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1286
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43135
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467152
Bugzilla Description:
kernel: media: cx23885: Add missing unmap in snd_cx23885_hw_params()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43212
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467153
Bugzilla Description:
kernel: LoongArch: Make cpumask_of_node() robust against NUMA_NO_NODE
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43238
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467154
Bugzilla Description:
kernel: net/sched: act_skbedit: fix divide-by-zero in tcf_skbedit_hash()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43157
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467155
Bugzilla Description:
kernel: octeontx2-af: CGX: fix bitmap leaks
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43206
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467156
Bugzilla Description:
kernel: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()
CVSS Score:
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43127
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467158
Bugzilla Description:
kernel: ntfs3: fix circular locking dependency in run_unpack_ex
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43217
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467159
Bugzilla Description:
kernel: media: iris: gen2: Add sanity check for session stop
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43195
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467160
Bugzilla Description:
kernel: drm/amdgpu: validate user queue size constraints
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43229
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467161
Bugzilla Description:
kernel: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43210
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467162
Bugzilla Description:
kernel: tracing: ring-buffer: Fix to check event length before using
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43245
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467163
Bugzilla Description:
kernel: ntfs: ->d_compare() must not block
CVSS Score:
Vector:
CWE: CWE-1322
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43139
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467164
Bugzilla Description:
kernel: xfrm6: fix uninitialized saddr in xfrm6_get_saddr()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43225
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467165
Bugzilla Description:
kernel: staging: rtl8723bs: fix memory leak on failure path
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43150
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467166
Bugzilla Description:
kernel: perf/arm-cmn: Reject unsupported hardware configurations
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43226
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467167
Bugzilla Description:
kernel: net/rds: No shortcut out of RDS_CONN_ERROR
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43227
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467168
Bugzilla Description:
kernel: clocksource/drivers/sh_tmu: Always leave device running after probe
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43207
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467169
Bugzilla Description:
kernel: media: mtk-mdp: Fix error handling in probe function
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43124
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467170
Bugzilla Description:
kernel: pstore: ram_core: fix incorrect success return when vmap() fails
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-253
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43278
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467171
Bugzilla Description:
kernel: dm: clear cloned request bio pointer when last clone bio completes
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43268
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467172
Bugzilla Description:
kernel: hfsplus: pretend special inodes as regular files
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-843
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43203
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467173
Bugzilla Description:
kernel: atm: fore200e: fix use-after-free in tasklets during device removal
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43254
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467175
Bugzilla Description:
kernel: ovpn: tcp - fix packet extraction from stream
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43164
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467176
Bugzilla Description:
kernel: udplite: Fix null-ptr-deref in __udp_enqueue_schedule_skb()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43263
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467177
Bugzilla Description:
kernel: media: chips-media: wave5: Fix Null reference while testing fluster
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43152
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467178
Bugzilla Description:
kernel: HID: hid-pl: handle probe errors
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43221
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467179
Bugzilla Description:
kernel: ipmi: ipmb: initialise event handler read bytes
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43273
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467182
Bugzilla Description:
kernel: ceph: supply snapshot context in ceph_zero_partial_object()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43218
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467183
Bugzilla Description:
kernel: media: i2c/tw9903: Fix potential memory leak in tw9903_probe()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43200
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467184
Bugzilla Description:
kernel: PCI: endpoint: Fix swapped parameters in pci_{primary/secondary}_epc_epf_unlink() functions
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-628
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71271
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467185
Bugzilla Description:
kernel: hfsplus: ensure sb->s_fs_info is always cleaned up
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43246
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467186
Bugzilla Description:
kernel: media: i2c/tw9906: Fix potential memory leak in tw9906_probe()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43211
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467187
Bugzilla Description:
kernel: PCI: Fix pci_slot_trylock() error handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-832
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43253
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467189
Bugzilla Description:
kernel: iommu/amd: move wait_on_sem() out of spinlock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43236
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467190
Bugzilla Description:
kernel: drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43138
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467191
Bugzilla Description:
kernel: reset: gpio: suppress bind attributes in sysfs
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71289
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467192
Bugzilla Description:
kernel: fs/ntfs3: handle attr_set_size() errors when truncating files
CVSS Score:
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43257
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467193
Bugzilla Description:
kernel: media: cx88: Add missing unmap in snd_cx88_hw_params()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43282
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467194
Bugzilla Description:
kernel: RDMA/ionic: Fix potential NULL pointer dereference in ionic_query_port
CVSS Score:
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43239
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467195
Bugzilla Description:
kernel: smb: client: prevent races in ->query_interfaces()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43185
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467196
Bugzilla Description:
kernel: ksmbd: fix signededness bug in smb_direct_prepare_negotiation()
CVSS Score:
Vector:
CWE: CWE-681
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43165
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467197
Bugzilla Description:
kernel: hwmon: (nct7363) Fix a resource leak in nct7363_present_pwm_fanin
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43283
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467198
Bugzilla Description:
kernel: net: ethernet: ec_bhf: Fix dma_free_coherent() dma handle
CVSS Score:
Vector:
CWE: CWE-628
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43251
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467199
Bugzilla Description:
kernel: HID: prodikeys: Check presence of pm->input_ep82
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43155
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467200
Bugzilla Description:
kernel: mux: mmio: fix regmap leak on probe failure
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43194
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467201
Bugzilla Description:
kernel: net: consume xmit errors of GSO frames
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-544
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43237
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467202
Bugzilla Description:
kernel: drm/amdgpu: Refactor amdgpu_gem_va_ioctl for Handling Last Fence Update and Timeline Management v4
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43244
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467203
Bugzilla Description:
kernel: kcm: fix zero-frag skb in frag_list on partial sendmsg error
CVSS Score:
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43264
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467204
Bugzilla Description:
kernel: fbdev: of: display_timing: fix refcount leak in of_get_display_timings()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43216
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467205
Bugzilla Description:
kernel: net: Drop the lock in skb_may_tx_timestamp()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43156
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467206
Bugzilla Description:
kernel: net: usb: pegasus: enable basic endpoint checking
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43222
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467207
Bugzilla Description:
kernel: media: verisilicon: AV1: Fix tile info buffer size
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43209
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467208
Bugzilla Description:
kernel: minix: Add required sanity checking to minix_check_superblock()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-43235
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467209
Bugzilla Description:
kernel: media: iris: Add missing platform data entries for SM8750
CVSS Score:
Vector:
CWE: CWE-166
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43158
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467210
Bugzilla Description:
kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43256
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467211
Bugzilla Description:
kernel: media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update()
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71292
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467212
Bugzilla Description:
kernel: jfs: nlink overflow in jfs_rename
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43252
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467213
Bugzilla Description:
kernel: mptcp: pm: in-kernel: always set ID as avail when rm endp
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-437
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43130
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467214
Bugzilla Description:
kernel: iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43279
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467215
Bugzilla Description:
kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43172
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467216
Bugzilla Description:
kernel: wifi: iwlwifi: fix 22000 series SMEM parsing
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43144
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467217
Bugzilla Description:
kernel: wifi: brcmfmac: Fix potential kernel oops when probe fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43180
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467218
Bugzilla Description:
kernel: net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-663
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43247
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467219
Bugzilla Description:
kernel: media: chips-media: wave5: Fix SError of kernel panic when closed
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43277
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467220
Bugzilla Description:
kernel: APEI/GHES: ensure that won't go past CPER allocated record
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43213
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467221
Bugzilla Description:
kernel: wifi: rtw89: pci: validate sequence number of TX release report
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43234
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467222
Bugzilla Description:
kernel: team: avoid NETDEV_CHANGEMTU event when unregistering slave
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71273
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467223
Bugzilla Description:
kernel: wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43131
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467224
Bugzilla Description:
kernel: drm/amd/pm: Fix null pointer dereference issue
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43126
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467225
Bugzilla Description:
kernel: ALSA: mixer: oss: Add card disconnect checkpoints
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43189
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467226
Bugzilla Description:
kernel: media: v4l2-async: Fix error handling on steps after finding a match
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43178
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467227
Bugzilla Description:
kernel: procfs: fix possible double mmput() in do_procmap_query()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43198
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467228
Bugzilla Description:
kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43224
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467229
Bugzilla Description:
kernel: io_uring/zcrx: fix sgtable leak on mapping failures
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43129
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467230
Bugzilla Description:
kernel: ima: verify the previous kernel's IMA buffer lies in addressable RAM
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43147
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467231
Bugzilla Description:
kernel: Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV"
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43168
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467232
Bugzilla Description:
kernel: ocfs2: fix reflink preserve cleanup issue
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43161
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467233
Bugzilla Description:
kernel: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43125
Severity: important
Released on: 06/05/2026
Advisory:
Bugzilla: 2467234
Bugzilla Description:
kernel: dlm: validate length in dlm_search_rsb_tree
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43140
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467235
Bugzilla Description:
kernel: HID: magicmouse: Do not crash on missing msc->input
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-71286
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467236
Bugzilla Description:
kernel: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43177
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467237
Bugzilla Description:
kernel: media: ipu6: Fix RPM reference leak in probe error paths
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43197
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467238
Bugzilla Description:
kernel: netconsole: avoid OOB reads, msg is not nul-terminated
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-170
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43201
Severity: moderate
Released on: 06/05/2026
Advisory:
Bugzilla: 2467239
Bugzilla Description:
kernel: APEI/GHES: ARM processor Error: don't go past allocated memory
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43223
Severity: low
Released on: 06/05/2026
Advisory:
Bugzilla: 2467240
Bugzilla Description:
kernel: media: pvrusb2: fix URB leak in pvr2_send_request_ex
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43274
Severity:
Released on: 06/05/2026
Advisory:
Bugzilla: 2467241
Bugzilla Description:
kernel: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq()
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-44405
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2466929
Bugzilla Description:
paramiko: Paramiko: Data integrity could be compromised due to SHA-1 algorithm use
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE: CWE-328
Affected Packages:
Package States: Migration Toolkit for Containers,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Ansible Automation Platform Ansible Core 2,Red Hat Discovery 2,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document
CVE-2026-28780
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2466913
Bugzilla Description:
Apache HTTP Server: mod_proxy_ajp: Apache HTTP Server mod_proxy_ajp: Arbitrary code execution via heap-based buffer overflow
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat JBoss Core Services,
Full Details
CVE document
CVE-2026-6907
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2466771
Bugzilla Description:
django: Django: Information Disclosure via erroneous caching of Vary header with asterisk
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-524
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Discovery 2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document
CVE-2026-34002
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2451112
Bugzilla Description:
xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-34000
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2451107
Bugzilla Description:
xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing.
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43072
Severity:
Released on: 05/05/2026
Advisory:
Bugzilla: 2466773
Bugzilla Description:
kernel: drm/vc4: platform_get_irq_byname() returns an int
CVSS Score:
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43071
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2466774
Bugzilla Description:
kernel: dcache: Limit the minimal number of bucket to two
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43061
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2466777
Bugzilla Description:
kernel: serial: 8250: Fix TX deadlock when using DMA
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43062
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2466785
Bugzilla Description:
kernel: Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-843
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43070
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2466789
Bugzilla Description:
kernel: bpf: Reset register ID for BPF_END value tracking
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43073
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2466792
Bugzilla Description:
kernel: x86-64: rename misleadingly named '__copy_user_nocache()' function
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-440
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43064
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2466793
Bugzilla Description:
kernel: dmaengine: idxd: Fix not releasing workqueue on .release()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43063
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2466794
Bugzilla Description:
kernel: xfs: don't irele after failing to iget in xfs_attri_recover_work
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43059
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2466796
Bugzilla Description:
kernel: Bluetooth: MGMT: Fix list corruption and UAF in command complete handlers
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43066
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2466797
Bugzilla Description:
kernel: ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43065
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2466801
Bugzilla Description:
kernel: ext4: always drain queued discard work in ext4_mb_release()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43060
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2466803
Bugzilla Description:
kernel: netfilter: nft_ct: drop pending enqueued packets on removal
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43068
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2466805
Bugzilla Description:
kernel: ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-237
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43069
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2466808
Bugzilla Description:
kernel: Bluetooth: hci_ll: Fix firmware leak on error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43067
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2466815
Bugzilla Description:
kernel: ext4: handle wraparound when searching for blocks for indirect mapped blocks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-8007
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467307
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Cast
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7985
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467308
Bugzilla Description:
chromium-browser: Use after free in GPU
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7907
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467309
Bugzilla Description:
chromium-browser: Use after free in DOM
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7948
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467310
Bugzilla Description:
chromium-browser: Race in Chromoting
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-367
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8015
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467311
Bugzilla Description:
chromium-browser: Inappropriate implementation in Media
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8017
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467312
Bugzilla Description:
chromium-browser: Side-channel information leakage in Media
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7955
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467313
Bugzilla Description:
chromium-browser: Uninitialized Use in GPU
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8008
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467314
Bugzilla Description:
chromium-browser: Inappropriate implementation in DevTools
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7901
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467315
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7949
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467316
Bugzilla Description:
chromium-browser: Out of bounds read in Skia
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7902
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467317
Bugzilla Description:
chromium-browser: Out of bounds memory access in V8
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7970
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467318
Bugzilla Description:
chromium-browser: Use after free in TopChrome
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7953
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467319
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Omnibox
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8022
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467320
Bugzilla Description:
chromium-browser: Inappropriate implementation in MHTML
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7979
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467321
Bugzilla Description:
chromium-browser: Inappropriate implementation in Media
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8020
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467322
Bugzilla Description:
chromium-browser: Uninitialized Use in GPU
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7911
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467323
Bugzilla Description:
chromium-browser: Use after free in Aura
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7930
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467324
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Cookies
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-565
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7941
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467325
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Mobile
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7986
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467327
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in Autofill
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7992
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467328
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in UI
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7965
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467329
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in DevTools
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7998
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467330
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Dialog
CVSS Score:
CVSSv3 Score: 3.5
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8006
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467331
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in DevTools
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8011
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467332
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in Search
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7974
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467333
Bugzilla Description:
chromium-browser: Use after free in Blink
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7977
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467334
Bugzilla Description:
chromium-browser: Inappropriate implementation in Canvas
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7910
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467335
Bugzilla Description:
chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 7.7
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7908
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467336
Bugzilla Description:
chromium-browser: Use after free in Fullscreen
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7903
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467337
Bugzilla Description:
chromium-browser: Integer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7899
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467338
Bugzilla Description:
chromium-browser: Out of bounds read and write in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8005
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467339
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Cast
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7996
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467340
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in SSL
CVSS Score:
CVSSv3 Score: 2.6
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7914
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467342
Bugzilla Description:
chromium-browser: Type Confusion in Accessibility
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7956
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467343
Bugzilla Description:
chromium-browser: Use after free in Navigation
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7921
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467344
Bugzilla Description:
chromium-browser: Use after free in Passwords
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7993
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467345
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Payments
CVSS Score:
CVSSv3 Score: 2.4
Vector:
CWE: CWE-290
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7915
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467346
Bugzilla Description:
chromium-browser: Insufficient data validation in DevTools
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7995
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467347
Bugzilla Description:
chromium-browser: Out of bounds read in AdFilter
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7968
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467348
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in CORS
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7984
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467349
Bugzilla Description:
chromium-browser: Use after free in ReadingMode
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7999
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467350
Bugzilla Description:
chromium-browser: Inappropriate implementation in V8
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7923
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467351
Bugzilla Description:
chromium-browser: Out of bounds write in Skia
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7990
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467352
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Updater
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-428
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7962
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467353
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in DirectSockets
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-1220
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7928
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467354
Bugzilla Description:
chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7959
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467355
Bugzilla Description:
chromium-browser: Inappropriate implementation in Navigation
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8012
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467356
Bugzilla Description:
chromium-browser: Inappropriate implementation in MHTML
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7918
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467357
Bugzilla Description:
chromium-browser: Use after free in GPU
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7936
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467358
Bugzilla Description:
chromium-browser: Object lifecycle issue in V8
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7937
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467359
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in DevTools
CVSS Score:
CVSSv3 Score: 4.6
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7971
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467360
Bugzilla Description:
chromium-browser: Inappropriate implementation in ORB
CVSS Score:
CVSSv3 Score: 9.3
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7896
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467361
Bugzilla Description:
chromium-browser: Integer overflow in Blink
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7900
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467362
Bugzilla Description:
chromium-browser: Heap buffer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7987
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467363
Bugzilla Description:
chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7958
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467364
Bugzilla Description:
chromium-browser: Inappropriate implementation in ServiceWorker
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7976
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467365
Bugzilla Description:
chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7991
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467366
Bugzilla Description:
chromium-browser: Use after free in UI
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7929
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467367
Bugzilla Description:
chromium-browser: Use after free in MediaRecording
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7994
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467368
Bugzilla Description:
chromium-browser: Inappropriate implementation in Chromoting
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-434
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7926
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467369
Bugzilla Description:
chromium-browser: Use after free in PresentationAPI
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8021
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467370
Bugzilla Description:
chromium-browser: Script injection in UI
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7967
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467371
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Navigation
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7975
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467372
Bugzilla Description:
chromium-browser: Use after free in DevTools
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7944
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467373
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Persistent Cache
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7905
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467374
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Media
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7972
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467375
Bugzilla Description:
chromium-browser: Uninitialized Use in GPU
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-908
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7997
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467376
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Updater
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7966
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467377
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in SiteIsolation
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8004
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467378
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in DevTools
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-1220
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7906
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467379
Bugzilla Description:
chromium-browser: Use after free in SVG
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7983
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467380
Bugzilla Description:
chromium-browser: Out of bounds read in Dawn
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8009
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467381
Bugzilla Description:
chromium-browser: Inappropriate implementation in Cast
CVSS Score:
CVSSv3 Score: 4.6
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8010
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467382
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in SiteIsolation
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7951
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467383
Bugzilla Description:
chromium-browser: Out of bounds write in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7945
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467384
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in COOP
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7920
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467385
Bugzilla Description:
chromium-browser: Use after free in Skia
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7934
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467386
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Popup Blocker
CVSS Score:
CVSSv3 Score: 4.6
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7982
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467387
Bugzilla Description:
chromium-browser: Uninitialized Use in WebCodecs
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7898
Severity: critical
Released on: 05/05/2026
Advisory:
Bugzilla: 2467388
Bugzilla Description:
chromium-browser: Use after free in Chromoting
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7913
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467389
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in DevTools
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7924
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467390
Bugzilla Description:
chromium-browser: Uninitialized Use in Dawn
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-824
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8000
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467391
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in ChromeDriver
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-1289
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7961
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467393
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Permissions
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8013
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467394
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in FedCM
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7932
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467395
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in Downloads
CVSS Score:
CVSSv3 Score: 3.9
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7916
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467396
Bugzilla Description:
chromium-browser: Insufficient data validation in InterestGroups
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7946
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467397
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in WebUI
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-653
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7963
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467398
Bugzilla Description:
chromium-browser: Inappropriate implementation in ServiceWorker
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-358
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7942
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467399
Bugzilla Description:
chromium-browser: Integer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7933
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467400
Bugzilla Description:
chromium-browser: Out of bounds read in WebCodecs
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7954
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467401
Bugzilla Description:
chromium-browser: Race in Shared Storage
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7973
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467402
Bugzilla Description:
chromium-browser: Integer overflow in Dawn
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8003
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467403
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in TabGroups
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7989
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467404
Bugzilla Description:
chromium-browser: Insufficient data validation in DataTransfer
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7969
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467405
Bugzilla Description:
chromium-browser: Integer overflow in Network
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7919
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467406
Bugzilla Description:
chromium-browser: Use after free in Aura
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7952
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467407
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in Extensions
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-280
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7909
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467408
Bugzilla Description:
chromium-browser: Inappropriate implementation in ServiceWorker
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-807
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8016
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467409
Bugzilla Description:
chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7947
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467410
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Network
CVSS Score:
CVSSv3 Score: 3.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7925
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467411
Bugzilla Description:
chromium-browser: Use after free in Chromoting
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7935
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467412
Bugzilla Description:
chromium-browser: Inappropriate implementation in Speech
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8018
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467413
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in DevTools
CVSS Score:
CVSSv3 Score: 10.0
Vector:
CWE: CWE-501
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7922
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467414
Bugzilla Description:
chromium-browser: Use after free in ServiceWorker
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7939
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467415
Bugzilla Description:
chromium-browser: Inappropriate implementation in SanitizerAPI
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8001
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467416
Bugzilla Description:
chromium-browser: Use after free in Printing
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7940
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467417
Bugzilla Description:
chromium-browser: Use after free in V8
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7904
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467418
Bugzilla Description:
chromium-browser: Out of bounds read in Fonts
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7978
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467420
Bugzilla Description:
chromium-browser: Inappropriate implementation in Companion
CVSS Score:
CVSSv3 Score: 10.0
Vector:
CWE: CWE-266
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7917
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467421
Bugzilla Description:
chromium-browser: Use after free in Fullscreen
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8014
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467422
Bugzilla Description:
chromium-browser: Inappropriate implementation in Preload
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-346
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7964
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467423
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in FileSystem
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-22
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8002
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467424
Bugzilla Description:
chromium-browser: Use after free in Audio
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-8019
Severity: low
Released on: 05/05/2026
Advisory:
Bugzilla: 2467425
Bugzilla Description:
chromium-browser: Insufficient policy enforcement in WebApp
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-1021
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7912
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467426
Bugzilla Description:
chromium-browser: Integer overflow in GPU
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7980
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467428
Bugzilla Description:
chromium-browser: Use after free in WebAudio
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7938
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467429
Bugzilla Description:
chromium-browser: Use after free in CSS
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7988
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467430
Bugzilla Description:
chromium-browser: Type Confusion in WebRTC
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7950
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467431
Bugzilla Description:
chromium-browser: Out of bounds read and write in GFX
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7943
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467432
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-822
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7981
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467433
Bugzilla Description:
chromium-browser: Out of bounds read in Codecs
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7927
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467434
Bugzilla Description:
chromium-browser: Type Confusion in Runtime
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7960
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467435
Bugzilla Description:
chromium-browser: Race in Speech
CVSS Score:
CVSSv3 Score: 2.6
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7897
Severity: important
Released on: 05/05/2026
Advisory:
Bugzilla: 2467534
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in Mobile
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7931
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467535
Bugzilla Description:
chromium-browser: chromium-browser: Insufficient validation of untrusted input in iOS
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7957
Severity: moderate
Released on: 05/05/2026
Advisory:
Bugzilla: 2467537
Bugzilla Description:
chromium-browser: chromium-browser: Out of bounds write in Media
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-6321
Severity: important
Released on: 04/05/2026
Advisory:
Bugzilla: 2466582
Bugzilla Description:
fast-uri: fast-uri: Path traversal vulnerability allows bypass of security policies
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-22
Affected Packages:
Package States: Confidential Compute Attestation,Cryostat 4,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat Build of Podman Desktop,Red Hat Build of Podman Desktop,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42027
Severity: important
Released on: 04/05/2026
Advisory:
Bugzilla: 2466527
Bugzilla Description:
Apache OpenNLP: Apache OpenNLP: Arbitrary Class Loading via Model Manifest
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-26956
Severity: important
Released on: 04/05/2026
Advisory:
Bugzilla: 2466548
Bugzilla Description:
vm2: Node.js: vm2: Arbitrary code execution via sandbox escape
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-653
Affected Packages:
Package States: Red Hat Developer Hub,Red Hat Developer Hub,Self-service automation portal 2,
Full Details
CVE document
CVE-2026-24781
Severity: important
Released on: 04/05/2026
Advisory:
Bugzilla: 2466531
Bugzilla Description:
vm2: vm2: Arbitrary code execution via sandbox breakout through inspect function
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-653
Affected Packages:
Package States: Red Hat Developer Hub,Red Hat Developer Hub,
Full Details
CVE document
CVE-2026-23918
Severity: important
Released on: 04/05/2026
Advisory: RHSA-2026:13938,
Bugzilla: 2465304
Bugzilla Description:
Apache HTTP Server: Apache HTTP Server: Remote Code Execution via Double Free in HTTP/2 Protocol
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-1341
Affected Packages: httpd-main-2.4.67-0.1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,
Full Details
CVE document
CVE-2026-6266
Severity: important
Released on: 04/05/2026
Advisory: RHSA-2026:13508, RHSA-2026:13512, RHSA-2026:13545,
Bugzilla: 2458142
Bugzilla Description:
aap-controller: aap-gateway: Account hijacking and unauthorized access via unverified email linking
CVSS Score:
CVSSv3 Score: 8.3
Vector:
CWE: CWE-305
Affected Packages: automation-gateway-0:2.6.20260422-1.el9ap,automation-controller-0:4.6.28-3.el8ap,automation-controller-0:4.6.28-3.el9ap,python3.12-django-ansible-base-0:2.5.20260422-2.el9ap,automation-gateway-0:2.5.20260422-2.el8ap,python3.12-django-ansible-base-0:2.5.20260422-2.el8ap,automation-gateway-0:2.5.20260422-2.el9ap,ansible-automation-platform-26/controller-rhel9:1777377014,ansible-automation-platform-26/gateway-rhel9:1777311120,python3.12-django-ansible-base-0:2.6.20260422-1.el9ap,automation-controller-0:4.7.11-2.el9ap,
Package States:
Full Details
CVE document
CVE-2026-24072
Severity: moderate
Released on: 04/05/2026
Advisory:
Bugzilla: 2464941
Bugzilla Description:
Apache HTTP Server: mod_rewrite: Apache HTTP Server: Privilege Escalation via .htaccess file manipulation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-73
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,
Full Details
CVE document
CVE-2026-33846
Severity: important
Released on: 04/05/2026
Advisory: RHSA-2026:13274,
Bugzilla: 2450625
Bugzilla Description:
gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-130
Affected Packages: gnutls-main-3.8.13-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-43864
Severity: moderate
Released on: 04/05/2026
Advisory:
Bugzilla: 2464862
Bugzilla Description:
mutt: Mutt: Denial of Service via null pointer dereference in show_sig_summary
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43863
Severity: low
Released on: 04/05/2026
Advisory:
Bugzilla: 2464865
Bugzilla Description:
mutt: Mutt: Remote Denial of Service via crafted input
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43862
Severity: low
Released on: 04/05/2026
Advisory:
Bugzilla: 2464861
Bugzilla Description:
mutt: Mutt: Security bypass due to mishandled IMAP authentication
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-843
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43861
Severity: low
Released on: 04/05/2026
Advisory:
Bugzilla: 2464868
Bugzilla Description:
mutt: Mutt: URL processing vulnerability due to improper null character handling
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-170
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43860
Severity: low
Released on: 04/05/2026
Advisory:
Bugzilla: 2464859
Bugzilla Description:
mutt: mutt: Authentication bypass due to IMAP CRAM-MD5 hash truncation
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-193
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43859
Severity: low
Released on: 04/05/2026
Advisory:
Bugzilla: 2464857
Bugzilla Description:
mutt: Mutt: Low integrity impact in IMAP authentication due to cryptographic digest mishandling
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-303
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-39852
Severity: important
Released on: 04/05/2026
Advisory: RHSA-2026:11720, RHSA-2026:11721, RHSA-2026:13631,
Bugzilla: 2457819
Bugzilla Description:
io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-551
Affected Packages: quarkus-vertx-http,
Package States: Cryostat 4,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 3,Red Hat Build of Keycloak,Red Hat build of OptaPlanner 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Process Automation 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2025-70072
Severity: moderate
Released on: 04/05/2026
Advisory:
Bugzilla: 2465290
Bugzilla Description:
Assimp: Assimp: Denial of Service via FBXConverter components
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-70070
Severity: moderate
Released on: 04/05/2026
Advisory:
Bugzilla: 2465295
Bugzilla Description:
Assimp: Assimp: Denial of Service via FBXMeshGeometry.cpp, MeshGeometry::MeshGeometry()
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-70069
Severity: important
Released on: 04/05/2026
Advisory:
Bugzilla: 2465306
Bugzilla Description:
Assimp: Assimp: Denial of Service via FBXConverter.cpp and ConvertMeshMultiMaterial() method
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-70067
Severity: moderate
Released on: 04/05/2026
Advisory:
Bugzilla: 2465308
Bugzilla Description:
Assimp: Assimp: Buffer overflow in FBX Importer allows arbitrary code execution via crafted file.
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-70071
Severity: important
Released on: 04/05/2026
Advisory:
Bugzilla: 2465675
Bugzilla Description:
Assimp: Assimp: Denial of Service via FBXParser.cpp ParseVectorDataArray() function
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-37458
Severity: moderate
Released on: 04/05/2026
Advisory:
Bugzilla: 2465680
Bugzilla Description:
frr: denial of service via crafted UPDATE message
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-37459
Severity: important
Released on: 04/05/2026
Advisory:
Bugzilla: 2466513
Bugzilla Description:
frr: denial of service via crafted BGP UPDATE message
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6525
Severity: moderate
Released on: 02/05/2026
Advisory:
Bugzilla: 2464650
Bugzilla Description:
wireshark: NULL Pointer Dereference in Wireshark
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43058
Severity:
Released on: 02/05/2026
Advisory:
Bugzilla: 2464629
Bugzilla Description:
kernel: media: vidtv: fix pass-by-value structs causing MSAN warnings
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-7598
Severity: important
Released on: 01/05/2026
Advisory:
Bugzilla: 2464597
Bugzilla Description:
libssh2: integer overflow via large username or password arguments
CVSS Score:
CVSSv3 Score: 9.1
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Update Service,Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2026-42404
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464324
Bugzilla Description:
Apache Neethi: Apache Neethi: Information disclosure and network access bypass via PolicyReference API
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-918
Affected Packages:
Package States: Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-43021
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla:
Bugzilla Description:
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43003
Severity: important
Released on: 01/05/2026
Advisory:
Bugzilla: 2464306
Bugzilla Description:
ironic-python-agent: OpenStack ironic-python-agent: Arbitrary code execution via malicious image
CVSS Score:
CVSSv3 Score: 8.5
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-31737
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464346
Bugzilla Description:
kernel: net: ftgmac100: fix ring allocation unwind on open failure
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31785
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464347
Bugzilla Description:
kernel: drm/xe/xe_pagefault: Disallow writes to read-only VMAs
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43028
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464348
Bugzilla Description:
kernel: netfilter: x_tables: ensure names are nul-terminated
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-170
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31726
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464349
Bugzilla Description:
kernel: usb: gadget: uvc: fix NULL pointer dereference during unbind race
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43037
Severity: important
Released on: 01/05/2026
Advisory:
Bugzilla: 2464351
Bugzilla Description:
kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43052
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464352
Bugzilla Description:
kernel: wifi: mac80211: check tdls flag in ieee80211_tdls_oper
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31753
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464353
Bugzilla Description:
kernel: auxdisplay: line-display: fix NULL dereference in linedisp_release
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43040
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464354
Bugzilla Description:
kernel: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31740
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464355
Bugzilla Description:
kernel: counter: rz-mtu3-cnt: do not use struct rz_mtu3_channel's dev member
CVSS Score:
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31778
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464356
Bugzilla Description:
kernel: ALSA: caiaq: fix stack out-of-bounds read in init_card
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-170
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43017
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464357
Bugzilla Description:
kernel: Bluetooth: MGMT: validate mesh send advertising payload length
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-130
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31700
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464358
Bugzilla Description:
kernel: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31715
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464359
Bugzilla Description:
kernel: f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43012
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464360
Bugzilla Description:
kernel: net/mlx5: Fix switchdev mode rollback in case of failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31719
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464361
Bugzilla Description:
kernel: crypto: krb5enc - fix async decrypt skipping hash verification
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-325
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43031
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464364
Bugzilla Description:
kernel: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43041
Severity: low
Released on: 01/05/2026
Advisory:
Bugzilla: 2464365
Bugzilla Description:
kernel: net: qrtr: replace qrtr_tx_flow radix_tree with xarray to fix memory leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31707
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464366
Bugzilla Description:
kernel: ksmbd: validate response sizes in ipc_validate_msg()
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43045
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464367
Bugzilla Description:
kernel: mshv: Fix error handling in mshv_region_pin
CVSS Score:
Vector:
CWE: CWE-390
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43004
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464368
Bugzilla Description:
kernel: spi: stm32-ospi: Fix resource leak in remove() callback
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43027
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464369
Bugzilla Description:
kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31699
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464372
Bugzilla Description:
kernel: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31729
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464373
Bugzilla Description:
kernel: usb: typec: ucsi: validate connector number in ucsi_notify_common()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31756
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464374
Bugzilla Description:
kernel: usb: dwc2: gadget: Fix spin_lock/unlock mismatch in dwc2_hsotg_udc_stop()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-832
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31782
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464376
Bugzilla Description:
kernel: perf/x86: Fix potential bad container_of in intel_pmu_hw_config
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43014
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464377
Bugzilla Description:
kernel: net: macb: properly unregister fixed rate clocks
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43013
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464378
Bugzilla Description:
kernel: net/mlx5: lag: Check for LAG device before creating debugfs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31739
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464379
Bugzilla Description:
kernel: crypto: tegra - Add missing CRYPTO_ALG_ASYNC
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-166
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31701
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464380
Bugzilla Description:
kernel: ALSA: caiaq: take a reference on the USB device in create_card()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31721
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464381
Bugzilla Description:
kernel: usb: gadget: f_hid: move list and spinlock inits from bind to alloc
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31716
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464382
Bugzilla Description:
kernel: fs/ntfs3: validate rec->used in journal-replay file record check
CVSS Score:
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31748
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464383
Bugzilla Description:
kernel: comedi: me_daq: Fix potential overrun of firmware buffer
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43030
Severity: low
Released on: 01/05/2026
Advisory:
Bugzilla: 2464384
Bugzilla Description:
kernel: bpf: Fix regsafe() for pointers to packet
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31703
Severity: important
Released on: 01/05/2026
Advisory:
Bugzilla: 2464385
Bugzilla Description:
kernel: writeback: Fix use after free in inode_switch_wbs_work_fn()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31714
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464386
Bugzilla Description:
kernel: f2fs: fix to avoid memory leak in f2fs_rename()
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31735
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464387
Bugzilla Description:
kernel: iommupt: Fix short gather if the unmap goes into a large mapping
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31777
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464388
Bugzilla Description:
kernel: ALSA: ctxfi: Check the error for index mapping
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31775
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464389
Bugzilla Description:
kernel: ALSA: ctxfi: Don't enumerate SPDIF1 at DAIO initialization
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-166
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43046
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464390
Bugzilla Description:
kernel: btrfs: reject root items with drop_progress and zero drop_level
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1288
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43054
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464391
Bugzilla Description:
kernel: scsi: target: tcm_loop: Drain commands in target_reset handler
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31713
Severity: low
Released on: 01/05/2026
Advisory:
Bugzilla: 2464392
Bugzilla Description:
kernel: fuse: abort on fatal signal during sync init
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43039
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464393
Bugzilla Description:
kernel: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch
CVSS Score:
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31710
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464394
Bugzilla Description:
kernel: smb: client: fix dir separator in SMB1 UNIX mounts
CVSS Score:
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43036
Severity: low
Released on: 01/05/2026
Advisory:
Bugzilla: 2464395
Bugzilla Description:
kernel: net: use skb_header_pointer() for TCPv4 GSO frag_off check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31708
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464396
Bugzilla Description:
kernel: smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43038
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464397
Bugzilla Description:
kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-843
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31722
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464398
Bugzilla Description:
kernel: usb: gadget: f_rndis: Fix net_device lifecycle with device_move
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31747
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464399
Bugzilla Description:
kernel: comedi: me4000: Fix potential overrun of firmware buffer
CVSS Score:
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31765
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464400
Bugzilla Description:
kernel: drm/amdgpu: Change AMDGPU_VA_RESERVED_TRAP_SIZE to 64KB
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31717
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464401
Bugzilla Description:
kernel: ksmbd: validate owner of durable handle on reconnect
CVSS Score:
Vector:
CWE: CWE-708
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43006
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464402
Bugzilla Description:
kernel: io_uring/rsrc: reject zero-length fixed buffer import
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43026
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464403
Bugzilla Description:
kernel: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31783
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464404
Bugzilla Description:
kernel: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove() callback
CVSS Score:
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43033
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464405
Bugzilla Description:
kernel: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-237
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31766
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464406
Bugzilla Description:
kernel: drm/amdgpu: validate doorbell_offset in user queue creation
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43007
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464407
Bugzilla Description:
kernel: accel/qaic: Handle DBC deactivation if the owner went away
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43019
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464408
Bugzilla Description:
kernel: Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31780
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464409
Bugzilla Description:
kernel: wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31732
Severity: low
Released on: 01/05/2026
Advisory:
Bugzilla: 2464410
Bugzilla Description:
kernel: gpio: Fix resource leaks on errors in gpiochip_add_data_with_key()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43035
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464411
Bugzilla Description:
kernel: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31706
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464413
Bugzilla Description:
kernel: ksmbd: validate num_aces and harden ACE walk in smb_inherit_dacl()
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31698
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464415
Bugzilla Description:
kernel: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31774
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464417
Bugzilla Description:
kernel: io_uring/net: fix slab-out-of-bounds read in io_bundle_nbufs()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-681
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43055
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464418
Bugzilla Description:
kernel: scsi: target: file: Use kzalloc_flex for aio_cmd
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31738
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464419
Bugzilla Description:
kernel: vxlan: validate ND option lengths in vxlan_na_create
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43057
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464420
Bugzilla Description:
kernel: net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-358
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43011
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464421
Bugzilla Description:
kernel: net/x25: Fix potential double free of skb
CVSS Score:
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31763
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464422
Bugzilla Description:
kernel: iio: gyro: mpu3050: Fix incorrect free_irq() variable
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31736
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464423
Bugzilla Description:
kernel: net: ethernet: mtk_ppe: avoid NULL deref when gmac0 is disabled
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43044
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464424
Bugzilla Description:
kernel: crypto: caam - fix DMA corruption on long hmac keys
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31723
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464425
Bugzilla Description:
kernel: usb: gadget: f_subset: Fix net_device lifecycle with device_move
CVSS Score:
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31745
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464426
Bugzilla Description:
kernel: reset: gpio: fix double free in reset_add_gpio_aux_device() error path
CVSS Score:
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31697
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464427
Bugzilla Description:
kernel: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31734
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464428
Bugzilla Description:
kernel: sched_ext: Fix is_bpf_migration_disabled() false negative on non-PREEMPT_RCU
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43042
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464429
Bugzilla Description:
kernel: mpls: add seqcount to protect the platform_label{,s} pair
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43009
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464430
Bugzilla Description:
kernel: bpf: Fix incorrect pruning due to atomic fetch precision tracking
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31733
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464432
Bugzilla Description:
kernel: sched_ext: Fix stale direct dispatch state in ddsp_dsq_id
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43022
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464433
Bugzilla Description:
kernel: Bluetooth: hci_sync: hci_cmd_sync_queue_once() return -EEXIST if exists
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31705
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464434
Bugzilla Description:
kernel: ksmbd: fix out-of-bounds write in smb2_get_ea() EA alignment
CVSS Score:
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31749
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464435
Bugzilla Description:
kernel: comedi: ni_atmio16d: Fix invalid clean-up after failed attach
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31731
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464436
Bugzilla Description:
kernel: thermal: core: Address thermal zone removal races with resume
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31720
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464437
Bugzilla Description:
kernel: usb: gadget: f_uac1_legacy: validate control request size
CVSS Score:
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43008
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464438
Bugzilla Description:
kernel: gpio: qixis-fpga: Fix error handling for devm_regmap_init_mmio()
CVSS Score:
Vector:
CWE: CWE-253
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31757
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464439
Bugzilla Description:
kernel: usb: misc: usbio: Fix URB memory leak on submit failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31770
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464440
Bugzilla Description:
kernel: hwmon: (occ) Fix division by zero in occ_show_power_1()
CVSS Score:
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31773
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464441
Bugzilla Description:
kernel: Bluetooth: SMP: derive legacy responder STK authentication from MITM state
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31769
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464442
Bugzilla Description:
kernel: gpib: fix use-after-free in IO ioctl handlers
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31752
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464444
Bugzilla Description:
kernel: bridge: br_nd_send: validate ND option lengths
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31743
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464445
Bugzilla Description:
kernel: nvmem: zynqmp_nvmem: Fix buffer size in DMA and memcpy
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43047
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464446
Bugzilla Description:
kernel: HID: multitouch: Check to ensure report responses match the request
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31712
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464447
Bugzilla Description:
kernel: ksmbd: require minimum ACE size in smb_check_perm_dacl()
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43015
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464448
Bugzilla Description:
kernel: net: macb: fix clk handling on PCI glue driver removal
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43056
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464449
Bugzilla Description:
kernel: net: mana: fix use-after-free in add_adev() error path
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31781
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464450
Bugzilla Description:
kernel: drm/ioc32: stop speculation on the drm_compat_ioctl path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-515
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43010
Severity: low
Released on: 01/05/2026
Advisory:
Bugzilla: 2464451
Bugzilla Description:
kernel: bpf: Reject sleepable kprobe_multi programs at attach time
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-663
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43029
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464453
Bugzilla Description:
kernel: mptcp: fix soft lockup in mptcp_recvmsg()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31742
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464454
Bugzilla Description:
kernel: vt: discard stale unicode buffer on alt screen exit after resize
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43020
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464455
Bugzilla Description:
kernel: Bluetooth: MGMT: validate LTK enc_size on load
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31784
Severity: low
Released on: 01/05/2026
Advisory:
Bugzilla: 2464456
Bugzilla Description:
kernel: drm/xe/pxp: Clear restart flag in pxp_start after jumping back
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31759
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464457
Bugzilla Description:
kernel: usb: ulpi: fix double free in ulpi_register_interface() error path
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31776
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464458
Bugzilla Description:
kernel: ALSA: ctxfi: Fix missing SPDIFI1 index handling
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31754
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464459
Bugzilla Description:
kernel: usb: cdns3: gadget: fix state inconsistency on gadget init failure
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43032
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464460
Bugzilla Description:
kernel: NFC: pn533: bound the UART receive buffer
CVSS Score:
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43024
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464461
Bugzilla Description:
kernel: netfilter: nf_tables: reject immediate NF_QUEUE verdict
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-115
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43051
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464462
Bugzilla Description:
kernel: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43016
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464463
Bugzilla Description:
kernel: bpf: sockmap: Fix use-after-free of sk->sk_socket in sk_psock_verdict_data_ready()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43018
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464464
Bugzilla Description:
kernel: Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31746
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464465
Bugzilla Description:
kernel: s390/zcrypt: Fix memory leak with CCA cards used as accelerator
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31695
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464466
Bugzilla Description:
kernel: wifi: virt_wifi: remove SET_NETDEV_DEV to avoid use-after-free
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31696
Severity: low
Released on: 01/05/2026
Advisory:
Bugzilla: 2464467
Bugzilla Description:
kernel: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31727
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464468
Bugzilla Description:
kernel: usb: gadget: u_ether: Fix NULL pointer deref in eth_get_drvinfo
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43025
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464469
Bugzilla Description:
kernel: netfilter: ctnetlink: ignore explicit helper on new expectations
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31730
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464470
Bugzilla Description:
kernel: misc: fastrpc: possible double-free of cctx->remote_heap
CVSS Score:
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31761
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464471
Bugzilla Description:
kernel: iio: gyro: mpu3050: Move iio_device_register() to correct location
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31728
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464472
Bugzilla Description:
kernel: usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43050
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464473
Bugzilla Description:
kernel: atm: lec: fix use-after-free in sock_def_readable()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31744
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464474
Bugzilla Description:
kernel: PM: EM: Fix NULL pointer dereference when perf domain ID is not found
CVSS Score:
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31711
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464475
Bugzilla Description:
kernel: smb: server: fix active_num_conn leak on transport allocation failure
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31709
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464476
Bugzilla Description:
kernel: smb: client: validate the whole DACL before rewriting it in cifsacl
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-1288
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31755
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464477
Bugzilla Description:
kernel: usb: cdns3: gadget: fix NULL pointer dereference in ep_queue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43053
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464478
Bugzilla Description:
kernel: xfs: close crash window in attr dabtree inactivation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43034
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464479
Bugzilla Description:
kernel: bnxt_en: set backing store type from query type
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31768
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464480
Bugzilla Description:
kernel: iio: adc: ti-adc161s626: use DMA-safe memory for spi_read()
CVSS Score:
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31771
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464481
Bugzilla Description:
kernel: Bluetooth: hci_event: move wake reason storage into validated event handlers
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31704
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464482
Bugzilla Description:
kernel: ksmbd: use check_add_overflow() to prevent u16 DACL size overflow
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31760
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464483
Bugzilla Description:
kernel: gpib: lpvo_usb: fix memory leak on disconnect
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31725
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464484
Bugzilla Description:
kernel: usb: gadget: f_ecm: Fix net_device lifecycle with device_move
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31762
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464485
Bugzilla Description:
kernel: iio: gyro: mpu3050: Fix irq resource leak
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43049
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464486
Bugzilla Description:
kernel: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43043
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464487
Bugzilla Description:
kernel: crypto: af-alg - fix NULL pointer dereference in scatterwalk
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31767
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464488
Bugzilla Description:
kernel: drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31750
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464489
Bugzilla Description:
kernel: comedi: runflags cannot determine whether to reclaim chanlist
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31718
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464490
Bugzilla Description:
kernel: ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31779
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464491
Bugzilla Description:
kernel: wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwl_mvm_nd_match_info_handler()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31758
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464493
Bugzilla Description:
kernel: usb: usbtmc: Flush anchored URBs in usbtmc_release
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43048
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464494
Bugzilla Description:
kernel: HID: core: Mitigate potential OOB by removing bogus memset()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31702
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464495
Bugzilla Description:
kernel: f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io()
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43023
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464496
Bugzilla Description:
kernel: Bluetooth: SCO: fix race conditions in sco_sock_connect()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31751
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464497
Bugzilla Description:
kernel: comedi: dt2815: add hardware detection to prevent crash
CVSS Score:
Vector:
CWE: CWE-166
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-43005
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464498
Bugzilla Description:
kernel: hwmon: (tps53679) Fix array access with zero-length block read
CVSS Score:
Vector:
CWE: CWE-786
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31724
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464499
Bugzilla Description:
kernel: usb: gadget: f_eem: Fix net_device lifecycle with device_move
CVSS Score:
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31764
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464500
Bugzilla Description:
kernel: iio: imu: st_lsm6dsx: Set buffer sampling frequency for accelerometer only
CVSS Score:
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31741
Severity:
Released on: 01/05/2026
Advisory:
Bugzilla: 2464501
Bugzilla Description:
kernel: counter: rz-mtu3-cnt: prevent counter from being toggled multiple times
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31772
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464502
Bugzilla Description:
kernel: Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31694
Severity: moderate
Released on: 01/05/2026
Advisory:
Bugzilla: 2464503
Bugzilla Description:
kernel: fuse: reject oversized dirents in page cache
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-37457
Severity: important
Released on: 01/05/2026
Advisory:
Bugzilla: 2464548
Bugzilla Description:
frr: denial of service via crafted FlowSpec component
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5404
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464275
Bugzilla Description:
wireshark: Wireshark: Denial of service due to K12 RF5 file parser crash
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5403
Severity: important
Released on: 30/04/2026
Advisory:
Bugzilla: 2464271
Bugzilla Description:
wireshark: Heap-based Buffer Overflow in Wireshark
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5656
Severity: important
Released on: 30/04/2026
Advisory:
Bugzilla: 2464276
Bugzilla Description:
wireshark: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Wireshark
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5405
Severity: important
Released on: 30/04/2026
Advisory:
Bugzilla: 2464273
Bugzilla Description:
wireshark: Heap-based Buffer Overflow in Wireshark
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-41263
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464238
Bugzilla Description:
github.com/traefik/traefik: Traefik: Username enumeration via timing side-channel in BasicAuth middleware
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-208
Affected Packages:
Package States: Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2026-40912
Severity: important
Released on: 30/04/2026
Advisory:
Bugzilla: 2464229
Bugzilla Description:
github.com/traefik/traefik: Traefik: Authentication bypass via crafted URL dot-segments in StripPrefixRegex middleware
CVSS Score:
CVSSv3 Score: 8.6
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2026-39858
Severity: important
Released on: 30/04/2026
Advisory:
Bugzilla: 2464234
Bugzilla Description:
traefik: Traefik: Authentication bypass via unsanitized alias headers
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-289
Affected Packages:
Package States: Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2026-35051
Severity: important
Released on: 30/04/2026
Advisory:
Bugzilla: 2464235
Bugzilla Description:
Traefik: github.com/traefik/traefik: Traefik: Authentication bypass in ForwardAuth middleware
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-501
Affected Packages:
Package States: Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2026-41174
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464226
Bugzilla Description:
Traefik: github.com/traefik/traefik: Traefik: Cross-namespace isolation bypass via nested middleware references
CVSS Score:
CVSSv3 Score: 5.2
Vector:
CWE: CWE-551
Affected Packages:
Package States: Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2026-28532
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464230
Bugzilla Description:
FRRouting: frr: FRRouting: Denial of Service due to integer overflow in OSPF TLV parser functions
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-3832
Severity: low
Released on: 30/04/2026
Advisory: RHSA-2026:13274,
Bugzilla: 2445762
Bugzilla Description:
gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-179
Affected Packages: gnutls-main-3.8.13-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-33845
Severity: important
Released on: 30/04/2026
Advisory: RHSA-2026:13274,
Bugzilla: 2450624
Bugzilla Description:
gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-191
Affected Packages: gnutls-main-3.8.13-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-3833
Severity: moderate
Released on: 30/04/2026
Advisory: RHSA-2026:13274,
Bugzilla: 2445763
Bugzilla Description:
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-178
Affected Packages: gnutls-main-3.8.13-1.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-7246
Severity: important
Released on: 30/04/2026
Advisory:
Bugzilla: 2464121
Bugzilla Description:
github.com/pallets/click: Pallets Click: Arbitrary command execution via command injection in click.edit()
CVSS Score:
CVSSv3 Score: 7.2
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,
Full Details
CVE document
CVE-2025-14576
Severity: important
Released on: 30/04/2026
Advisory: RHSA-2026:7846, RHSA-2026:7620,
Bugzilla: 2464114
Bugzilla Description:
qt: Qt SVG: Arbitrary QML/JavaScript code injection via malicious SVG file
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-94
Affected Packages: qt6-main-6.11.0-1.hum1,qt5-main-5.15.18-2.1.hum1,
Package States: Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift GitOps,
Full Details
CVE document
CVE-2026-7163
Severity: important
Released on: 30/04/2026
Advisory: RHSA-2026:12116, RHSA-2026:11511, RHSA-2026:12337, RHSA-2026:11512,
Bugzilla: 2463152
Bugzilla Description:
assisted-service: assisted-service: Authenticated users can gain administrative access to OpenShift clusters via credential disclosure
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-312
Affected Packages: multicluster-engine/assisted-service-8-rhel8:1777205801,multicluster-engine/assisted-service-9-rhel9:1776983527,multicluster-engine/assisted-service-9-rhel9:1776987609,multicluster-engine/assisted-service-9-rhel9:1777205772,
Package States:
Full Details
CVE document
CVE-2026-5409
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464021
Bugzilla Description:
wireshark: Wireshark: Denial of service via Monero protocol dissector crash
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5408
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464045
Bugzilla Description:
wireshark: Wireshark: Denial of service via BT-DHT protocol dissector crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5406
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464041
Bugzilla Description:
wireshark: Wireshark: Denial of Service via FC-SWILS protocol dissector crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5407
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464020
Bugzilla Description:
Wireshark: Wireshark: Denial of Service from malicious SMB2 protocol data
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5299
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464024
Bugzilla Description:
wireshark: Uncontrolled Recursion in Wireshark
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-674
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5402
Severity: important
Released on: 30/04/2026
Advisory:
Bugzilla: 2464038
Bugzilla Description:
wireshark: Heap-based Buffer Overflow in Wireshark
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5401
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464014
Bugzilla Description:
wireshark: Wireshark: Denial of service via AFP Spotlight protocol dissector crash
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5654
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464025
Bugzilla Description:
wireshark: Wireshark: Denial of service vulnerability in AMR-NB codec
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-237
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5655
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464031
Bugzilla Description:
wireshark: Wireshark: Denial of Service due to SDP protocol dissector crash
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-237
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5657
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464039
Bugzilla Description:
Wireshark: Wireshark: Denial of service via iLBC codec crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-5653
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464034
Bugzilla Description:
wireshark: Wireshark: Denial of Service via DCP-ETSI protocol dissector crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6538
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464044
Bugzilla Description:
Wireshark: Wireshark: Denial of Service via BEEP protocol dissector crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6537
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464028
Bugzilla Description:
Wireshark: Wireshark: Denial of Service via ZigBee protocol dissector crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6536
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464036
Bugzilla Description:
wireshark: Wireshark: Denial of Service via DLMS/COSEM protocol dissector infinite loop
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6535
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464035
Bugzilla Description:
wireshark: Wireshark: Denial of service via zlib decompression crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-409
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6534
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464017
Bugzilla Description:
wireshark: Wireshark: Denial of Service via USB HID protocol dissector infinite loop
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6533
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464042
Bugzilla Description:
Wireshark: Wireshark: Denial of service via LZ77 decompression crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-409
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6532
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464019
Bugzilla Description:
wireshark: Wireshark: Denial of service via Kismet protocol dissector crash
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6531
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464026
Bugzilla Description:
Wireshark: Wireshark: Denial of Service via SANE protocol dissector infinite loop
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6530
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464015
Bugzilla Description:
wireshark: Wireshark: Denial of Service via DCP-ETSI protocol dissector crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6529
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464040
Bugzilla Description:
wireshark: Wireshark: Denial of Service via iLBC audio codec processing
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-237
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6528
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464033
Bugzilla Description:
Wireshark: Wireshark: Denial of service via TLS protocol dissector infinite loop
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6527
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464032
Bugzilla Description:
wireshark: Wireshark: Denial of Service due to ASN.1 PER protocol dissector crash
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-193
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6526
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464047
Bugzilla Description:
wireshark: Wireshark: Denial of Service due to RTSP protocol dissector crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6524
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464016
Bugzilla Description:
wireshark: Wireshark: Denial of Service via MySQL protocol dissector crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6523
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464043
Bugzilla Description:
wireshark: Loop with Unreachable Exit Condition ('Infinite Loop') in Wireshark
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6521
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464027
Bugzilla Description:
Wireshark: Wireshark: Denial of Service via OpenFlow v5 protocol dissector infinite loop
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6520
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464022
Bugzilla Description:
Wireshark: Wireshark: Denial of Service via OpenFlow v6 protocol dissector infinite loop
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6519
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464023
Bugzilla Description:
Wireshark: Wireshark: Denial of Service via MBIM protocol dissector infinite loop
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6522
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464030
Bugzilla Description:
Wireshark: Wireshark: Denial of Service via RPKI-Router protocol dissector infinite loop
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6870
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464018
Bugzilla Description:
Wireshark: Wireshark: Denial of service via GSM RP protocol dissector crash
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-237
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6869
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464037
Bugzilla Description:
wireshark: Wireshark: Denial of Service via WebSocket protocol dissector crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-237
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6867
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464046
Bugzilla Description:
wireshark: Wireshark: Denial of service via SMB2 protocol dissector crash
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1286
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-6868
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464010
Bugzilla Description:
wireshark: Wireshark: Denial of Service via malicious network capture file
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-7378
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464005
Bugzilla Description:
Wireshark: sharkd: Wireshark sharkd: Denial of Service via crash vulnerability
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-7375
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464007
Bugzilla Description:
Wireshark: Wireshark: Denial of Service via UDS protocol dissector infinite loop
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-7376
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464008
Bugzilla Description:
Wireshark: sharkd: Wireshark sharkd: Denial of Service due to crash
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31787
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464092
Bugzilla Description:
kernel: xen/privcmd: fix double free via VMA splitting
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31692
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464093
Bugzilla Description:
kernel: rtnetlink: add missing netlink_ns_capable() check for peer netns
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-272
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31786
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464096
Bugzilla Description:
kernel: Buffer overflow in drivers/xen/sys-hypervisor.c
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-170
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31693
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464108
Bugzilla Description:
kernel: cifs: some missing initializations on replay
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-909
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-7500
Severity: moderate
Released on: 30/04/2026
Advisory:
Bugzilla: 2464126
Bugzilla Description:
org.keycloak.keycloak-services: Improper Access Control on Keycloak Server when the account Account API feature is disabled
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-425
Affected Packages:
Package States: Red Hat Build of Keycloak,
Full Details
CVE document
CVE-2026-6915
Severity: moderate
Released on: 29/04/2026
Advisory:
Bugzilla: 2463874
Bugzilla Description:
mongodb: MongoDB: Authorization flaw allows modification of other user's authentication data
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Ceph Storage 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat Satellite 6,
Full Details
CVE document
CVE-2026-42198
Severity: important
Released on: 29/04/2026
Advisory:
Bugzilla: 2463857
Bugzilla Description:
jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat build of Quarkus,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-42519
Severity: moderate
Released on: 29/04/2026
Advisory:
Bugzilla: 2463814
Bugzilla Description:
Jenkins Script Security Plugin: Jenkins Script Security Plugin: Information disclosure via missing permission check
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-425
Affected Packages:
Package States: OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,
Full Details
CVE document
CVE-2026-22745
Severity: moderate
Released on: 29/04/2026
Advisory:
Bugzilla: 2463790
Bugzilla Description:
spring-webflux: Spring MVC and Spring WebFlux: Denial of Service via slow static resource resolution on Windows
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat build of Apache Camel - HawtIO 4,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2026-22741
Severity: moderate
Released on: 29/04/2026
Advisory:
Bugzilla: 2463788
Bugzilla Description:
Spring MVC: Spring WebFlux: Spring MVC and Spring WebFlux: Denial of Service via cache poisoning
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-838
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-22740
Severity: moderate
Released on: 29/04/2026
Advisory:
Bugzilla: 2463786
Bugzilla Description:
spring-webflux: Spring WebFlux: Denial of Service via temporary file accumulation
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat build of Apache Camel - HawtIO 4,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2026-4873
Severity: moderate
Released on: 29/04/2026
Advisory: RHSA-2026:12916,
Bugzilla: 2461200
Bugzilla Description:
curl: curl: Information disclosure due to incorrect TLS connection reuse
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-319
Affected Packages: curl-main-8.20.0-0.1.hum1,
Package States: Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2026-5773
Severity: moderate
Released on: 29/04/2026
Advisory: RHSA-2026:12916,
Bugzilla: 2461201
Bugzilla Description:
curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1025
Affected Packages: curl-main-8.20.0-0.1.hum1,
Package States: Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2026-6253
Severity: moderate
Released on: 29/04/2026
Advisory: RHSA-2026:12916,
Bugzilla: 2461202
Bugzilla Description:
curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-201
Affected Packages: curl-main-8.20.0-0.1.hum1,
Package States: Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2026-6276
Severity: low
Released on: 29/04/2026
Advisory: RHSA-2026:12916,
Bugzilla: 2461203
Bugzilla Description:
curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-346
Affected Packages: curl-main-8.20.0-0.1.hum1,
Package States: Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2026-5545
Severity: moderate
Released on: 29/04/2026
Advisory: RHSA-2026:12916,
Bugzilla: 2461204
Bugzilla Description:
curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-488
Affected Packages: curl-main-8.20.0-0.1.hum1,
Package States: Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2026-6429
Severity: moderate
Released on: 29/04/2026
Advisory: RHSA-2026:12916,
Bugzilla: 2461205
Bugzilla Description:
curl: libcurl: Credential leak via reused proxy connection during HTTP redirects
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-201
Affected Packages: curl-main-8.20.0-0.1.hum1,
Package States: Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Hardened Images,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2026-38993
Severity: important
Released on: 29/04/2026
Advisory:
Bugzilla: 2463843
Bugzilla Description:
Cockpit: Cockpit: Arbitrary file write via directory traversal in Buckets component
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-37555
Severity: important
Released on: 29/04/2026
Advisory:
Bugzilla: 2463856
Bugzilla Description:
libsndfile: integer overflow in ima_reader_init()
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-42010
Severity: important
Released on: 29/04/2026
Advisory:
Bugzilla: 2467289
Bugzilla Description:
gnutls: gnutls: Authentication Bypass via NUL Character in Username
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-42011
Severity: moderate
Released on: 29/04/2026
Advisory:
Bugzilla: 2467437
Bugzilla Description:
gnutls: gnutls: Security bypass due to incorrect name constraint handling
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-295
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-6238
Severity: moderate
Released on: 28/04/2026
Advisory: RHSA-2026:12740,
Bugzilla: 2463539
Bugzilla Description:
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1284
Affected Packages: glibc-main-2.42-12.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-5435
Severity: moderate
Released on: 28/04/2026
Advisory: RHSA-2026:12740,
Bugzilla: 2463465
Bugzilla Description:
glibc: glibc: Out-of-bounds write via TSIG record processing
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-120
Affected Packages: glibc-main-2.42-12.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-41636
Severity: moderate
Released on: 28/04/2026
Advisory:
Bugzilla: 2463404
Bugzilla Description:
apache.com/apache/thrift: Apache Thrift: Node.js skip() recursion
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-776
Affected Packages:
Package States: Multicluster Global Hub,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,
Full Details
CVE document
CVE-2026-41607
Severity: important
Released on: 28/04/2026
Advisory: RHSA-2026:14885,
Bugzilla: 2463412
Bugzilla Description:
Apache Thrift: apache.com/apache/thrift: Apache Thrift: Out-of-bounds Read vulnerability
CVSS Score:
CVSSv3 Score: 9.1
Vector:
CWE: CWE-125
Affected Packages: rhosdt/tempo-rhel9:1778158374,rhosdt/tempo-query-rhel9:1778158343,rhosdt/tempo-jaeger-query-rhel9:1778158391,
Package States: Multicluster Global Hub,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,
Full Details
CVE document
CVE-2026-41606
Severity: important
Released on: 28/04/2026
Advisory: RHSA-2026:14885,
Bugzilla: 2463408
Bugzilla Description:
Apache Thrift: Apache Thrift: Denial of Service via uncontrolled recursion
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-606
Affected Packages: rhosdt/tempo-rhel9:1778158374,rhosdt/tempo-query-rhel9:1778158343,rhosdt/tempo-jaeger-query-rhel9:1778158391,
Package States: Multicluster Global Hub,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,
Full Details
CVE document
CVE-2026-41605
Severity: important
Released on: 28/04/2026
Advisory: RHSA-2026:14885,
Bugzilla: 2463418
Bugzilla Description:
Apache Thrift: Apache Thrift: Integer Overflow or Wraparound Vulnerability
CVSS Score:
CVSSv3 Score: 7.7
Vector:
CWE: CWE-190
Affected Packages: rhosdt/tempo-rhel9:1778158374,rhosdt/tempo-query-rhel9:1778158343,rhosdt/tempo-jaeger-query-rhel9:1778158391,
Package States: Multicluster Global Hub,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,
Full Details
CVE document
CVE-2026-41604
Severity: important
Released on: 28/04/2026
Advisory: RHSA-2026:14885,
Bugzilla: 2463416
Bugzilla Description:
Apache Thrift: apache.com/apache/thrift: Apache Thrift: Out-of-bounds Read vulnerability
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-125
Affected Packages: rhosdt/tempo-rhel9:1778158374,rhosdt/tempo-query-rhel9:1778158343,rhosdt/tempo-jaeger-query-rhel9:1778158391,
Package States: Multicluster Global Hub,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,
Full Details
CVE document
CVE-2026-41603
Severity: important
Released on: 28/04/2026
Advisory: RHSA-2026:14885,
Bugzilla: 2463411
Bugzilla Description:
Apache Thrift: apache.com/apache/thrift: Apache Thrift: Security Bypass via Improper Certificate Hostname Validation
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-295
Affected Packages: rhosdt/tempo-rhel9:1778158374,rhosdt/tempo-query-rhel9:1778158343,rhosdt/tempo-jaeger-query-rhel9:1778158391,
Package States: Multicluster Global Hub,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,
Full Details
CVE document
CVE-2026-41602
Severity: important
Released on: 28/04/2026
Advisory: RHSA-2026:14162, RHSA-2026:14885,
Bugzilla: 2463407
Bugzilla Description:
github.com/apache/thrift: Apache Thrift: Integer Overflow in TFramedTransport Go implementation
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-190
Affected Packages: rhosdt/opentelemetry-collector-rhel9:1778056267,rhosdt/tempo-rhel9:1778158374,rhosdt/tempo-query-rhel9:1778158343,rhosdt/tempo-jaeger-query-rhel9:1778158391,
Package States: Multicluster Global Hub,Multicluster Global Hub,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 6,Red Hat Ceph Storage 9,Red Hat Ceph Storage 9,Red Hat Ceph Storage 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenStack Platform 18.0,
Full Details
CVE document
CVE-2026-7233
Severity: low
Released on: 28/04/2026
Advisory:
Bugzilla: 2463367
Bugzilla Description:
mupdf: Artifex MuPDF: Information disclosure due to out-of-bounds read
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-42510
Severity: moderate
Released on: 28/04/2026
Advisory:
Bugzilla: 2463371
Bugzilla Description:
OpenStack Ironic: ipmitool: OpenStack Ironic: Arbitrary Code Execution via Remote Hardware Management
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat OpenShift Container Platform 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,
Full Details
CVE document
CVE-2026-40356
Severity: important
Released on: 28/04/2026
Advisory: RHSA-2026:12220,
Bugzilla: 2463368
Bugzilla Description:
krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-191
Affected Packages: krb5-main-1.22.2-7.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-40355
Severity: moderate
Released on: 28/04/2026
Advisory: RHSA-2026:12220,
Bugzilla: 2463370
Bugzilla Description:
krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-476
Affected Packages: krb5-main-1.22.2-7.hum1,
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-7309
Severity: moderate
Released on: 28/04/2026
Advisory:
Bugzilla: 2463451
Bugzilla Description:
openshift-controller-manager: OpenShift Container Platform: Information disclosure via environment variable injection
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-426
Affected Packages:
Package States: Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-7351
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463656
Bugzilla Description:
chromium-browser: Race in MHTML
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-368
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7353
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463657
Bugzilla Description:
chromium-browser: Heap buffer overflow in Skia
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7339
Severity: moderate
Released on: 28/04/2026
Advisory:
Bugzilla: 2463658
Bugzilla Description:
chromium-browser: Heap buffer overflow in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-787
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7341
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463659
Bugzilla Description:
chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7338
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463660
Bugzilla Description:
chromium-browser: Use after free in Cast
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7334
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463663
Bugzilla Description:
chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7340
Severity: moderate
Released on: 28/04/2026
Advisory:
Bugzilla: 2463664
Bugzilla Description:
chromium-browser: Integer overflow in ANGLE
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-190
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7358
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463665
Bugzilla Description:
chromium-browser: Use after free in Animation
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7356
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463667
Bugzilla Description:
chromium-browser: Use after free in Navigation
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7352
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463669
Bugzilla Description:
chromium-browser: Use after free in Media
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7359
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463670
Bugzilla Description:
chromium-browser: Use after free in ANGLE
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7348
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463671
Bugzilla Description:
chromium-browser: Use after free in Codecs
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7336
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463676
Bugzilla Description:
chromium-browser: Use after free in WebRTC
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7360
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463677
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Compositing
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-1173
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7347
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463679
Bugzilla Description:
chromium-browser: Use after free in Chromoting
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7363
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463680
Bugzilla Description:
chromium-browser: Use after free in Canvas
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7349
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463685
Bugzilla Description:
chromium-browser: Use after free in Cast
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7346
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463686
Bugzilla Description:
chromium-browser: Inappropriate implementation in Tint
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-131
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7345
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463687
Bugzilla Description:
chromium-browser: Insufficient validation of untrusted input in Feedback
CVSS Score:
CVSSv3 Score: 8.0
Vector:
CWE: CWE-1286
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7335
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463688
Bugzilla Description:
chromium-browser: Use after free in media
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7344
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463689
Bugzilla Description:
chromium-browser: Use after free in Accessibility
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7350
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463690
Bugzilla Description:
chromium-browser: Use after free in WebMIDI
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7354
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463691
Bugzilla Description:
chromium-browser: Out of bounds read and write in Angle
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7342
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463692
Bugzilla Description:
chromium-browser: Use after free in WebView
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7357
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463693
Bugzilla Description:
chromium-browser: Use after free in GPU
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7333
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463694
Bugzilla Description:
chromium-browser: Use after free in GPU
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7355
Severity: moderate
Released on: 28/04/2026
Advisory:
Bugzilla: 2463695
Bugzilla Description:
chromium-browser: Use after free in Media
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7343
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463697
Bugzilla Description:
chromium-browser: Use after free in Views
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-825
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7337
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463698
Bugzilla Description:
chromium-browser: Type Confusion in V8
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-7361
Severity: important
Released on: 28/04/2026
Advisory:
Bugzilla: 2463706
Bugzilla Description:
chromium-browser: chromium-browser: Use after free in iOS
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE:
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-42208
Severity: critical
Released on: 28/04/2026
Advisory:
Bugzilla: 2463965
Bugzilla Description:
LiteLLM: LiteLLM: Unauthorized data access and modification via SQL injection
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-89
Affected Packages:
Package States: Lightspeed Core,Red Hat Ansible Automation Platform 2,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-40977
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463329
Bugzilla Description:
Spring Boot: Spring Boot: Local file corruption via PID file manipulation
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-59
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-40974
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463335
Bugzilla Description:
Spring Boot: Cassandra: Spring Boot: Security bypass in Cassandra SSL connections
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-295
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-40973
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463330
Bugzilla Description:
Spring Boot: Spring Boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-341
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-40972
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463332
Bugzilla Description:
Spring Boot: Spring Boot: Remote code execution via timing attack in DevTools remote secret comparison
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-208
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-40971
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463313
Bugzilla Description:
Spring Boot: Spring Boot: Information disclosure and data tampering via missing hostname verification
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-295
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-40970
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463297
Bugzilla Description:
Spring Boot: Spring Boot: Missing hostname verification in Elasticsearch auto-configuration allows information disclosure
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: CWE-295
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat AMQ Clients,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-7141
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463365
Bugzilla Description:
vllm: vllm: Uninitialized resource in KV Block Handler via has_mamba_layers function
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-6357
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463234
Bugzilla Description:
pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-94
Affected Packages:
Package States: Exploit Intelligence,Migration Toolkit for Applications 8,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,OpenShift Lightspeed,OpenShift Service Mesh 3,Pen Drive Powered by Red Hat Lightspeed,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,Service Telemetry Framework 1.5,
Full Details
CVE document
CVE-2026-33453
Severity: important
Released on: 27/04/2026
Advisory:
Bugzilla: 2463184
Bugzilla Description:
Apache Camel: camel-coap: Apache Camel camel-coap: Remote code execution via CoAP URI query parameter injection
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-915
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2026-33454
Severity: critical
Released on: 27/04/2026
Advisory:
Bugzilla: 2463181
Bugzilla Description:
Apache Camel: Camel-Mail: Camel-Mail: Altered application behavior via header injection
CVSS Score:
CVSSv3 Score: 9.4
Vector:
CWE: CWE-1173
Affected Packages:
Package States: Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,
Full Details
CVE document
CVE-2026-40022
Severity: important
Released on: 27/04/2026
Advisory:
Bugzilla: 2463178
Bugzilla Description:
camel-http: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-551
Affected Packages:
Package States: OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-40858
Severity: important
Released on: 27/04/2026
Advisory:
Bugzilla: 2463179
Bugzilla Description:
org.apache.camel/camel-infinispan: Apache Camel camel-infinispan: Arbitrary code execution via deserialization of untrusted data
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2026-41409
Severity: critical
Released on: 27/04/2026
Advisory:
Bugzilla: 2463175
Bugzilla Description:
Apache MINA: Apache MINA: Arbitrary code execution via incomplete deserialization fix
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-502
Affected Packages:
Package States: OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,Red Hat AMQ Broker 7,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-41635
Severity: critical
Released on: 27/04/2026
Advisory:
Bugzilla: 2463177
Bugzilla Description:
Apache MINA: Apache MINA: Arbitrary code execution via classname allowlist bypass
CVSS Score:
CVSSv3 Score: 9.8
Vector:
CWE: CWE-502
Affected Packages:
Package States: OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,Red Hat AMQ Broker 7,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Single Sign-On 7,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-40453
Severity: critical
Released on: 27/04/2026
Advisory:
Bugzilla: 2463173
Bugzilla Description:
Apache Camel: org.apache.camel: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection
CVSS Score:
CVSSv3 Score: 9.9
Vector:
CWE: CWE-178
Affected Packages:
Package States: OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2026-40860
Severity: important
Released on: 27/04/2026
Advisory:
Bugzilla: 2463172
Bugzilla Description:
Apache Camel: camel-jms: camel-sjms: camel-sjms2: camel-amqp: camel-activemq: camel-activemq6: Apache Camel: Remote Code Execution via deserialization of JMS ObjectMessage
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2026-40048
Severity: important
Released on: 27/04/2026
Advisory:
Bugzilla: 2463176
Bugzilla Description:
Apache Camel: Apache Camel: Arbitrary code execution via insecure deserialization of crafted key files
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,
Full Details
CVE document
CVE-2026-42371
Severity: moderate
Released on: 27/04/2026
Advisory: RHSA-2026:12430,
Bugzilla: 2463159
Bugzilla Description:
uriparser: uriparser: Denial of Service via numeric truncation with oversized URIs
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-190
Affected Packages: uriparser-main-1.0.1-1.hum1,
Package States: Red Hat Enterprise Linux 7,Red Hat Enterprise Linux AI (RHEL AI) 3,
Full Details
CVE document
CVE-2026-3006
Severity: important
Released on: 27/04/2026
Advisory:
Bugzilla: 2463150
Bugzilla Description:
winfsp: winfsp: Local privilege escalation via race condition and kernel heap overflow
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-368
Affected Packages:
Package States: Red Hat Advanced Cluster Management for Kubernetes 2,
Full Details
CVE document
CVE-2026-31690
Severity:
Released on: 27/04/2026
Advisory:
Bugzilla: 2463258
Bugzilla Description:
kernel: firmware: thead: Fix buffer overflow and use standard endian macros
CVSS Score:
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31688
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463259
Bugzilla Description:
kernel: driver core: enforce device_lock for driver_match_device()
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31687
Severity:
Released on: 27/04/2026
Advisory:
Bugzilla: 2463260
Bugzilla Description:
kernel: gpio: omap: do not register driver in probe()
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31686
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463262
Bugzilla Description:
kernel: mm/kasan: fix double free for kasan pXds
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31689
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463265
Bugzilla Description:
kernel: EDAC/mc: Fix error path ordering in edac_mc_alloc()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31691
Severity: moderate
Released on: 27/04/2026
Advisory:
Bugzilla: 2463267
Bugzilla Description:
kernel: igb: remove napi_synchronize() in igb_down()
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2018-25282
Severity: moderate
Released on: 26/04/2026
Advisory:
Bugzilla: 2461936
Bugzilla Description:
nmap: zenmap: Nmap/ZenMap: Denial of Service via XML entity expansion
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-776
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-7020
Severity: low
Released on: 26/04/2026
Advisory:
Bugzilla: 2461894
Bugzilla Description:
Ollama: Ollama: Path traversal vulnerability in Tensor Model Transfer Handler
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-22
Affected Packages:
Package States: Migration Toolkit for Applications 8,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,
Full Details
CVE document
CVE-2026-6994
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461846
Bugzilla Description:
envoy: Envoy: Injection vulnerability in Query Parameter Handler
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-915
Affected Packages:
Package States: OpenShift Service Mesh 2,OpenShift Service Mesh 3,
Full Details
CVE document
CVE-2026-6993
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461841
Bugzilla Description:
net/http: golang: github.com/go-kratos/kratos: go-kratos kratos: Information disclosure via unintended HTTP server intermediary
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-444
Affected Packages:
Package States: Assisted Installer for Red Hat OpenShift Container Platform 2,Builds for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,Compliance Operator,Confidential Compute Attestation,Confidential Compute Attestation,Confidential Compute Attestation,Cryostat 4,Custom Metric Autoscaler operator for Red Hat Openshift,Deployment Validation Operator,ExternalDNS Operator,ExternalDNS Operator,External Secrets Operator for Red Hat OpenShift,Fence Agents Remediation Operator,File Integrity Operator,Gatekeeper 3,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Logical Volume Manager Storage,Logical Volume Manager Storage,Machine Deletion Remediation Operator,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multiarch Tuning Operator,Multicluster Engine for Kubernetes,Multicluster Global Hub,Multicluster Global Hub,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Source-to-Image (S2I),Power monitoring for Red Hat OpenShift,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat AMQ Broker 7,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 9,Red Hat Certification Program for Red Hat Enterprise Linux 9,Red Hat Developer Hub,Red Hat Edge Manager 1,Red Hat Edge Manager 1,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat JBoss Web Server 6,Red Hat Lightspeed for Runtimes Operator,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Cluster Manager CLI,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift for Windows Containers,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift on AWS,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Service Interconnect 1,Red Hat Service Interconnect 2,Red Hat Trusted Artifact Signer,Red Hat Web Terminal,Security Profiles Operator,Service Telemetry Framework 1.5,streams for Apache Kafka 3,Zero Trust Workload Identity Manager,Zero Trust Workload Identity Manager - Tech Preview,
Full Details
CVE document
CVE-2026-6951
Severity: important
Released on: 25/04/2026
Advisory:
Bugzilla: 2461750
Bugzilla Description:
simple-git: simple-git: Remote Code Execution due to incomplete fix bypass
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-88
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,
Full Details
CVE document
CVE-2026-31673
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461752
Bugzilla Description:
kernel: af_unix: read UNIX_DIAG_VFS data under unix_state_lock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31681
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461753
Bugzilla Description:
kernel: netfilter: xt_multiport: validate range encoding in checkentry
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31682
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461754
Bugzilla Description:
kernel: bridge: br_nd_send: linearize skb before parsing ND options
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31676
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461755
Bugzilla Description:
kernel: rxrpc: only handle RESPONSE during service challenge
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31683
Severity:
Released on: 25/04/2026
Advisory:
Bugzilla: 2461756
Bugzilla Description:
kernel: batman-adv: avoid OGM aggregation when skb tailroom is insufficient
CVSS Score:
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31684
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461757
Bugzilla Description:
kernel: net: sched: act_csum: validate nested VLAN headers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31674
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461758
Bugzilla Description:
kernel: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31685
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461759
Bugzilla Description:
kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-1287
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31675
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461760
Bugzilla Description:
kernel: net/sched: sch_netem: fix out-of-bounds access in packet corruption
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31678
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461761
Bugzilla Description:
kernel: openvswitch: defer tunnel netdev_put to RCU release
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31679
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461762
Bugzilla Description:
kernel: openvswitch: validate MPLS set/set_masked payload length
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31677
Severity: low
Released on: 25/04/2026
Advisory:
Bugzilla: 2461763
Bugzilla Description:
kernel: crypto: af_alg - limit RX SG extraction by receive buffer budget
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31680
Severity: moderate
Released on: 25/04/2026
Advisory:
Bugzilla: 2461764
Bugzilla Description:
kernel: net: ipv6: flowlabel: defer exclusive option free until RCU teardown
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-41488
Severity: low
Released on: 24/04/2026
Advisory:
Bugzilla: 2461734
Bugzilla Description:
langchain-openai: Langchain-openai: Server-Side Request Forgery (SSRF) protection bypass via DNS rebinding
CVSS Score:
CVSSv3 Score: 3.4
Vector:
CWE: CWE-367
Affected Packages:
Package States: Migration Toolkit for Applications 8,OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-41481
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461733
Bugzilla Description:
langchain-text-splitters: LangChain: Information Disclosure via Server-Side Request Forgery (SSRF) Redirect Bypass
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-918
Affected Packages:
Package States: Migration Toolkit for Applications 8,OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2026-41425
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461690
Bugzilla Description:
authlib: Authlib: Cross-Site Request Forgery (CSRF) vulnerability in OAuth cache feature
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-807
Affected Packages:
Package States: Migration Toolkit for Applications 8,Red Hat Ansible Automation Platform 2,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,
Full Details
CVE document
CVE-2026-41415
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461641
Bugzilla Description:
pjproject: PJSIP: Denial of service via malformed Content-ID URI in SIP multipart message
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-125
Affected Packages:
Package States:
Full Details
CVE document
CVE-2026-41907
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461639
Bugzilla Description:
uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-787
Affected Packages:
Package States: Confidential Compute Attestation,Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop,Red Hat Ceph Storage 9,Red Hat Connectivity Link 1,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Developer Hub,Red Hat Directory Server 12,Red Hat Directory Server 13,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42042
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461637
Bugzilla Description:
axios: Axios: XSRF token bypass leading to information disclosure
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-1025
Affected Packages:
Package States: Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42039
Severity: important
Released on: 24/04/2026
Advisory: RHSA-2026:14937,
Bugzilla: 2461630
Bugzilla Description:
axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages: discovery/discovery-ui-rhel9:1778156756,
Package States: Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42036
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461633
Bugzilla Description:
axios: Axios: Denial of Service via unbounded stream consumption when 'responseType: 'stream'' is used
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-770
Affected Packages:
Package States: Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42034
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461623
Bugzilla Description:
axios: Axios: Denial of Service via oversized streamed uploads bypassing body limits
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-770
Affected Packages:
Package States: Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42037
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461636
Bugzilla Description:
axios: Node.js: Axios: Information disclosure via CRLF injection in multipart Content-Type header
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-93
Affected Packages:
Package States: Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42038
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461634
Bugzilla Description:
axios: Axios: Information disclosure due to `no_proxy` bypass
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-1220
Affected Packages:
Package States: Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42041
Severity: important
Released on: 24/04/2026
Advisory: RHSA-2026:14937,
Bugzilla: 2461629
Bugzilla Description:
axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-915
Affected Packages: discovery/discovery-ui-rhel9:1778156756,
Package States: Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42043
Severity: important
Released on: 24/04/2026
Advisory: RHSA-2026:14937,
Bugzilla: 2461626
Bugzilla Description:
axios: Axios: NO_PROXY bypass via crafted URL
CVSS Score:
CVSSv3 Score: 7.2
Vector:
CWE: CWE-918
Affected Packages: discovery/discovery-ui-rhel9:1778156756,
Package States: Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42035
Severity: moderate
Released on: 24/04/2026
Advisory: RHSA-2026:14937,
Bugzilla: 2461606
Bugzilla Description:
axios: Axios: Arbitrary HTTP header injection via prototype pollution
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-915
Affected Packages: discovery/discovery-ui-rhel9:1778156756,
Package States: Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Developer Hub,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-42033
Severity: important
Released on: 24/04/2026
Advisory: RHSA-2026:14937,
Bugzilla: 2461607
Bugzilla Description:
axios: Axios: HTTP Transport Hijacking via Prototype Pollution
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-915
Affected Packages: discovery/discovery-ui-rhel9:1778156756,
Package States: Cryostat 4,Gatekeeper 3,Migration Toolkit for Applications 8,Migration Toolkit for Applications 8,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Network Observability Operator,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Developer Hub,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-41680
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461603
Bugzilla Description:
marked: Marked: Denial of Service via specific input sequence
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Ceph Storage 9,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat Satellite 6,Red Hat Satellite 6,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-41140
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461604
Bugzilla Description:
poetry: Poetry: Path traversal vulnerability allows arbitrary file write via malicious package extraction
CVSS Score:
CVSSv3 Score: 8.7
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat Satellite 6,
Full Details
CVE document
CVE-2026-41079
Severity: low
Released on: 24/04/2026
Advisory:
Bugzilla: 2461611
Bugzilla Description:
cups: CUPS: Information disclosure via crafted SNMP response
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-41411
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461614
Bugzilla Description:
vim: Vim: Command injection allows arbitrary code execution via malicious tag files
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-40897
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461612
Bugzilla Description:
mathjs: Math.js: Arbitrary code execution via expression parser
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-917
Affected Packages:
Package States: Red Hat Developer Hub,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Self-service automation portal 2,
Full Details
CVE document
CVE-2026-41066
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461613
Bugzilla Description:
lxml: python: lxml: Information disclosure via untrusted XML input leading to local file read
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-611
Affected Packages:
Package States: Migration Toolkit for Applications 8,Pen Drive Powered by Red Hat Lightspeed,Red Hat AI Inference Server,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document
CVE-2026-41044
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461409
Bugzilla Description:
org.apache.activemq/activemq-broker: org.apache.activemq/activemq-all: Apache ActiveMQ: Arbitrary code execution via improper input validation in admin console
CVSS Score:
CVSSv3 Score: 7.2
Vector:
CWE: CWE-94
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2026-41043
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461407
Bugzilla Description:
Apache ActiveMQ: Apache ActiveMQ Web: Apache ActiveMQ: Information disclosure via Cross-Site Scripting in web console
CVSS Score:
CVSSv3 Score: 4.6
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2026-40466
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461410
Bugzilla Description:
org.apache.activemq/activemq-all: org.apache.activemq/activemq-broker: Apache ActiveMQ: Arbitrary code execution via improper input validation in HTTP Discovery transport
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-94
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2026-21728
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461395
Bugzilla Description:
grafana/tempo: Tempo: Denial of Service via large queries
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Multicluster Global Hub,Multicluster Global Hub,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 9,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,
Full Details
CVE document
CVE-2026-41324
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461380
Bugzilla Description:
basic-ftp: basic-ftp: Denial of Service via unbounded memory growth from malicious directory listings
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Developer Hub,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Self-service automation portal 2,
Full Details
CVE document
CVE-2026-41316
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461369
Bugzilla Description:
erb: ERB: Arbitrary code execution via deserialization bypass
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2026-41305
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461366
Bugzilla Description:
postcss: PostCSS: Cross-Site Scripting (XSS) via improper escaping of style closing tags
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-79
Affected Packages:
Package States: Cryostat 4,Cryostat 4,Gatekeeper 3,Migration Toolkit for Containers,Multicluster Engine for Kubernetes,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node HealthCheck Operator,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,OpenShift Service Mesh 3,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Apicurio Registry 3,Red Hat Build of Podman Desktop,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Build of Podman Desktop - Tech Preview,Red Hat Connectivity Link 1,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Developer Hub,Red Hat Discovery 2,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Enterprise Linux AI (RHEL AI) 3,Red Hat Fuse 7,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat Hardened Images,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Single Sign-On 7,Red Hat Trusted Artifact Signer,Self-service automation portal 2,streams for Apache Kafka 2,streams for Apache Kafka 3,
Full Details
CVE document
CVE-2026-40254
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461368
Bugzilla Description:
FreeRDP: FreeRDP: Information disclosure and arbitrary file modification via path traversal
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-193
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-32952
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461375
Bugzilla Description:
go-ntlmssp: go-ntlmssp: Denial of Service via malicious NTLM challenge
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-190
Affected Packages:
Package States: Assisted Installer for Red Hat OpenShift Container Platform 2,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,Confidential Compute Attestation,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,External Secrets Operator for Red Hat OpenShift,Kernel Module Management Operator for Red Hat Openshift,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Migration Toolkit for Containers,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Global Hub,Multicluster Global Hub,Node HealthCheck Operator,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 3,Pen Drive Powered by Red Hat Lightspeed,Power monitoring for Red Hat OpenShift,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Build of Kueue,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 9,Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,Red Hat Quay 3,
Full Details
CVE document
CVE-2026-31584
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461436
Bugzilla Description:
kernel: media: mediatek: vcodec: fix use-after-free in encoder release path
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31650
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461437
Bugzilla Description:
kernel: mmc: vub300: fix use-after-free on disconnect
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31572
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461438
Bugzilla Description:
kernel: i2c: designware: amdisp: Fix resume-probe race condition issue
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31627
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461439
Bugzilla Description:
kernel: i2c: s3c24xx: check the size of the SMBUS message before using it
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31598
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461441
Bugzilla Description:
kernel: ocfs2: fix possible deadlock between unlink and dio_end_io_write
CVSS Score:
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31609
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461442
Bugzilla Description:
kernel: smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31610
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461443
Bugzilla Description:
kernel: ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31569
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461444
Bugzilla Description:
kernel: LoongArch: KVM: Handle the case that EIOINTC's coremap is empty
CVSS Score:
Vector:
CWE: CWE-823
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31576
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461445
Bugzilla Description:
kernel: media: hackrf: fix to not free memory after the device is registered in hackrf_probe()
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31604
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461446
Bugzilla Description:
kernel: wifi: rtw88: fix device leak on probe failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31639
Severity: low
Released on: 24/04/2026
Advisory:
Bugzilla: 2461447
Bugzilla Description:
kernel: rxrpc: Fix key reference count leak from call->key
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31617
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461448
Bugzilla Description:
kernel: usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31632
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461449
Bugzilla Description:
kernel: rxrpc: Fix leak of rxgk context in rxgk_verify_response()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31603
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461450
Bugzilla Description:
kernel: staging: sm750fb: fix division by zero in ps_to_hz()
CVSS Score:
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31566
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461451
Bugzilla Description:
kernel: drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31608
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461452
Bugzilla Description:
kernel: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list()
CVSS Score:
Vector:
CWE: CWE-1341
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31541
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461453
Bugzilla Description:
kernel: tracing: Fix trace_marker copy link list updates
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31551
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461454
Bugzilla Description:
kernel: wifi: mac80211: Fix static_branch_dec() underflow for aql_disable
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31595
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461455
Bugzilla Description:
kernel: PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup
CVSS Score:
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31534
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461456
Bugzilla Description:
kernel: smb: client: let send_done handle a completion without IB_SEND_SIGNALED
CVSS Score:
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31537
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461457
Bugzilla Description:
kernel: smb: server: make use of smbdirect_socket.send_io.bcredits
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31588
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461458
Bugzilla Description:
kernel: KVM: x86: Use scratch field in MMIO fragment to hold small write values
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31622
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461459
Bugzilla Description:
kernel: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler
CVSS Score:
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31599
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461461
Bugzilla Description:
kernel: media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31663
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461462
Bugzilla Description:
kernel: xfrm: hold dev ref until after transport_finish NF_HOOK
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-826
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31557
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461463
Bugzilla Description:
kernel: nvmet: move async event work off nvmet-wq
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31580
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461464
Bugzilla Description:
kernel: bcache: fix cached_dev.sb_bio use-after-free and crash
CVSS Score:
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31586
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461465
Bugzilla Description:
kernel: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-366
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31626
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461466
Bugzilla Description:
kernel: staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify()
CVSS Score:
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31558
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461467
Bugzilla Description:
kernel: LoongArch: KVM: Make kvm_get_vcpu_by_cpuid() more robust
CVSS Score:
Vector:
CWE: CWE-839
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31535
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461468
Bugzilla Description:
kernel: smb: client: make use of smbdirect_socket.recv_io.credits.available
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31620
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461469
Bugzilla Description:
kernel: ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31625
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461470
Bugzilla Description:
kernel: HID: alps: fix NULL pointer dereference in alps_raw_event()
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31581
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461471
Bugzilla Description:
kernel: ALSA: 6fire: fix use-after-free on disconnect
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31545
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461472
Bugzilla Description:
kernel: NFC: nxp-nci: allow GPIOs to sleep
CVSS Score:
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31555
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461473
Bugzilla Description:
kernel: futex: Clear stale exiting pointer in futex_lock_pi() retry path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31562
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461474
Bugzilla Description:
kernel: drm/mediatek: dsi: Store driver data before invoking mipi_dsi_host_register
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31615
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461475
Bugzilla Description:
kernel: usb: gadget: renesas_usb3: validate endpoint index in standard request handlers
CVSS Score:
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31659
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461476
Bugzilla Description:
kernel: batman-adv: reject oversized global TT response buffers
CVSS Score:
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31624
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461477
Bugzilla Description:
kernel: HID: core: clamp report_size in s32ton() to avoid undefined shift
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1335
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31623
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461478
Bugzilla Description:
kernel: net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31563
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461479
Bugzilla Description:
kernel: net: macb: Use dev_consume_skb_any() to free TX SKBs
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31613
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461480
Bugzilla Description:
kernel: smb: client: fix OOB reads parsing symlink error response
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31538
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461481
Bugzilla Description:
kernel: smb: server: make use of smbdirect_socket.recv_io.credits.available
CVSS Score:
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31664
Severity: low
Released on: 24/04/2026
Advisory:
Bugzilla: 2461482
Bugzilla Description:
kernel: xfrm: clear trailing padding in build_polexpire()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31634
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461483
Bugzilla Description:
kernel: rxrpc: fix reference count leak in rxrpc_server_keyring()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31597
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461484
Bugzilla Description:
kernel: ocfs2: fix use-after-free in ocfs2_fault() when VM_FAULT_RETRY
CVSS Score:
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31666
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461485
Bugzilla Description:
kernel: btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-393
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31660
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461486
Bugzilla Description:
kernel: nfc: pn533: allocate rx skb before consuming bytes
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31583
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461487
Bugzilla Description:
kernel: media: em28xx: fix use-after-free in em28xx_v4l2_open()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-367
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31661
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461488
Bugzilla Description:
kernel: wifi: brcmsmac: Fix dma_free_coherent() size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31591
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461489
Bugzilla Description:
kernel: KVM: SEV: Lock all vCPUs when synchronzing VMSAs for SNP launch finish
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-820
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31552
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461490
Bugzilla Description:
kernel: wifi: wlcore: Return -ENOMEM instead of -EAGAIN if there is not enough headroom
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31662
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461491
Bugzilla Description:
kernel: tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-191
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31652
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461492
Bugzilla Description:
kernel: mm/damon/stat: deallocate damon_call() failure leaking damon_ctx
CVSS Score:
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31573
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461493
Bugzilla Description:
kernel: media: verisilicon: Fix kernel panic due to __initconst misuse
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31614
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461494
Bugzilla Description:
kernel: smb: client: fix off-by-8 bounds check in check_wsl_eas()
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31619
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461495
Bugzilla Description:
kernel: ALSA: fireworks: bound device-supplied status before string array lookup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-1285
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31579
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461496
Bugzilla Description:
kernel: wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in pre_exit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31544
Severity: low
Released on: 24/04/2026
Advisory:
Bugzilla: 2461497
Bugzilla Description:
kernel: firmware: arm_scmi: Fix NULL dereference on notify error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31565
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461498
Bugzilla Description:
kernel: RDMA/irdma: Fix deadlock during netdev reset with active connections
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31560
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461499
Bugzilla Description:
kernel: spi: spi-dw-dma: fix print error log when wait finish transaction
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31561
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461500
Bugzilla Description:
kernel: x86/cpu: Remove X86_CR4_FRED from the CR4 pinned bits mask
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-15
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31592
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461501
Bugzilla Description:
kernel: KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31669
Severity: important
Released on: 24/04/2026
Advisory:
Bugzilla: 2461503
Bugzilla Description:
kernel: mptcp: fix slab-use-after-free in __inet_lookup_established
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-763
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31550
Severity: low
Released on: 24/04/2026
Advisory:
Bugzilla: 2461504
Bugzilla Description:
kernel: pmdomain: bcm: bcm2835-power: Increase ASB control timeout
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31587
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461505
Bugzilla Description:
kernel: ASoC: qcom: q6apm: move component registration to unmanaged version
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31637
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461506
Bugzilla Description:
kernel: rxrpc: reject undecryptable rxkad response tickets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-252
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31602
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461507
Bugzilla Description:
kernel: ALSA: ctxfi: Limit PTP to a single page
CVSS Score:
Vector:
CWE: CWE-788
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31574
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461508
Bugzilla Description:
kernel: clockevents: Add missing resets of the next_event_forced flag
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-821
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31540
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461509
Bugzilla Description:
kernel: drm/i915/gt: Check set_default_submission() before deferencing
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31636
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461510
Bugzilla Description:
kernel: rxrpc: fix RESPONSE authenticator parser OOB read
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-805
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31605
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461511
Bugzilla Description:
kernel: fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO
CVSS Score:
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31547
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461512
Bugzilla Description:
kernel: drm/xe: Fix missing runtime PM reference in ccs_mode_store
CVSS Score:
Vector:
CWE: CWE-911
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31601
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461513
Bugzilla Description:
kernel: vfio/xe: Reorganize the init to decouple migration from reset
CVSS Score:
Vector:
CWE: CWE-824
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31600
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461514
Bugzilla Description:
kernel: arm64: mm: Handle invalid large leaf mappings correctly
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-372
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31589
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461515
Bugzilla Description:
kernel: mm: call ->free_folio() directly in folio_unmap_invalidate()
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31556
Severity: low
Released on: 24/04/2026
Advisory:
Bugzilla: 2461516
Bugzilla Description:
kernel: xfs: scrub: unlock dquot before early return in quota scrub
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31559
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461517
Bugzilla Description:
kernel: LoongArch: Fix missing NULL checks for kstrdup()
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31549
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461518
Bugzilla Description:
kernel: i2c: cp2615: fix serial string NULL-deref at probe
CVSS Score:
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31657
Severity:
Released on: 24/04/2026
Advisory:
Bugzilla: 2461519
Bugzilla Description:
kernel: batman-adv: hold claim backbone gateways by reference
CVSS Score:
Vector:
CWE: CWE-825
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2026-31633
Severity: moderate
Released on: 24/04/2026
Advisory:
Bugzilla: 2461520
Bugzilla Description:
kernel: rxrpc: Fix integer overflow in rxgk_verify_response()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 10,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document