{"id":"ALSA-2026:21706","summary":"Important: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.  \n\nSecurity Fix(es):  \n\n  * kernel: Bluetooth: MGMT: Fix possible UAFs (CVE-2025-39981)\n  * kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (CVE-2025-68183)\n  * kernel: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events (CVE-2025-68347)\n  * kernel: libceph: make decode_pool() more resilient against corrupted osdmaps (CVE-2025-71116)\n  * kernel: Linux kernel: Denial of service and memory corruption in RDMA umad (CVE-2026-23243)\n  * kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation (CVE-2026-23270)\n  * kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (CVE-2026-23455)\n  * kernel: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (CVE-2026-31408)\n  * kernel: can: raw: fix ro-\u003euniq use-after-free in raw_rcv() (CVE-2026-31532)\n  * kernel: net: sched: act_csum: validate nested VLAN headers (CVE-2026-31684)\n  * kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets (CVE-2026-31685)\n  * kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup (CVE-2026-43027)\n  * kernel: Bluetooth: MGMT: validate LTK enc_size on load (CVE-2026-43020)\n  * kernel: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (CVE-2026-43051)\n  * kernel: smb: client: validate the whole DACL before rewriting it in cifsacl (CVE-2026-31709)\n  * kernel: md/bitmap: fix GPF in write_page caused by resize race (CVE-2026-43163)\n  * kernel: netfilter: xt_tcpmss: check remaining length before reading optlen (CVE-2026-43190)\n  * kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks (CVE-2026-43158)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n","modified":"2026-05-28T14:29:19.605105218Z","published":"2026-05-28T00:00:00Z","related":["CVE-2025-39981","CVE-2025-68183","CVE-2025-68347","CVE-2025-71116","CVE-2026-23243","CVE-2026-23270","CVE-2026-23455","CVE-2026-31408","CVE-2026-31532","CVE-2026-31684","CVE-2026-31685","CVE-2026-31709","CVE-2026-43020","CVE-2026-43027","CVE-2026-43051","CVE-2026-43158","CVE-2026-43163","CVE-2026-43190"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:21706"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-39981"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-68183"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-68347"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-71116"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-23243"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-23270"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-23455"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-31408"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-31532"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-31684"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-31685"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-31709"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-43020"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-43027"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-43051"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-43158"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-43163"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-43190"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2404105"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2422699"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2424879"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2429602"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2448594"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2448745"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2454810"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2455334"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2461107"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2461757"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2461759"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2464369"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2464455"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2464462"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2464476"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2467059"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2467064"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2467210"},{"type":"ADVISORY","url":"https://errata.almalinux.org/8/ALSA-2026-21706.html"}],"affected":[{"package":{"name":"bpftool","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/bpftool"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-abi-stablelists","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-abi-stablelists"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-core","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-cross-headers","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-cross-headers"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-debug","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-debug"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-debug-core","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-debug-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-debug-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-debug-modules","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-debug-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-debug-modules-extra","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-debug-modules-extra"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-doc","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-headers","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-headers"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-modules","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-modules-extra","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-modules-extra"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-tools","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-tools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-tools-libs","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-tools-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-tools-libs-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-tools-libs-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-zfcpdump","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-zfcpdump"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-zfcpdump-core","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-zfcpdump-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-zfcpdump-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-zfcpdump-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-zfcpdump-modules","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-zfcpdump-modules"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"kernel-zfcpdump-modules-extra","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-zfcpdump-modules-extra"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"perf","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/perf"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}},{"package":{"name":"python3-perf","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python3-perf"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.126.1.el8_10"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:21706.json"}}],"schema_version":"1.7.5"}