Details:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193)
kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. (CVE-2025-71238)
kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402)
kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
0:4.18.0-305.190.1.el8_40:4.18.0-305.190.1.el8_40:4.18.0-305.190.1.el8_40:4.18.0-305.190.1.el8_40:4.18.0-305.190.1.el8_40:4.18.0-305.190.1.el8_40:4.18.0-305.190.1.el8_40:4.18.0-305.190.1.el8_40:4.18.0-305.190.1.el8_40:4.18.0-305.190.1.el8_4Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:HA:H7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H