Details:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: Bluetooth: MGMT: Fix possible UAFs (CVE-2025-39981)
kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (CVE-2025-68800)
kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration (CVE-2026-23097)
kernel: Linux kernel: Denial of Service via unsafe requeue in rxrpc_recvmsg (CVE-2026-23066)
kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check (CVE-2026-23111)
kernel: Linux kernel: Local denial of service and memory leak in DAMON sysfs via setup failure (CVE-2026-23144)
kernel: Linux kernel: Use-after-free in bonding module can cause system crash or arbitrary code execution (CVE-2026-23171)
kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193)
kernel: net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204)
kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain() (CVE-2026-23231)
kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
0:7.3.0-427.121.1.el9_40:7.3.0-427.121.1.el9_40:5.14.0-427.121.1.el9_40:5.14.0-427.121.1.el9_40:5.14.0-427.121.1.el9_40:5.14.0-427.121.1.el9_40:5.14.0-427.121.1.el9_40:5.14.0-427.121.1.el9_40:5.14.0-427.121.1.el9_40:5.14.0-427.121.1.el9_4Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:HA:H7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H