Issued:: 2026-04-22
Updated:: 2026-04-22

RHSA-2026:9512 - Moderate: kernel-rt security update

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory Moderate

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init (CVE-2025-38248)
kernel: Bluetooth: MGMT: Fix possible UAFs (CVE-2025-39981)
kernel: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (CVE-2025-68800)
kernel: Linux kernel: Denial of Service via unsafe requeue in rxrpc_recvmsg (CVE-2026-23066)
kernel: Linux kernel: Local denial of service and memory leak in DAMON sysfs via setup failure (CVE-2026-23144)
kernel: Linux kernel: Use-after-free in bonding module can cause system crash or arbitrary code execution (CVE-2026-23171)
kernel: macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209)
kernel: net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204)
kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain() (CVE-2026-23231)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Product	Version	Arch
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions	9.2	x86_64
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle	9.2	x86_64

Updated Packages

kernel-rt-5.14.0-284.166.1.rt14.451.el9_2.src.rpm
kernel-rt-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-debug-core-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-modules-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-modules-core-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-core-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-debug-modules-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-debug-devel-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-kvm-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-debug-debuginfo-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-debug-kvm-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-debug-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-debug-modules-extra-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-debuginfo-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-debug-modules-core-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-devel-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm
kernel-rt-modules-extra-5.14.0-284.166.1.rt14.451.el9_2.x86_64.rpm

Fixes

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at Security Contacts and Procedures.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.