RLSA-2026:19569

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: net: afcan: do not leave a dangling sk pointer in cancreate() (CVE-2024-56603)

• kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit (CVE-2025-39766)

• kernel: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid (CVE-2025-68724)

• kernel: scsi: qla2xxx: Fix improper freeing of purex item (CVE-2025-68741)

• kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation (CVE-2026-23270)

• kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401)

• kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402)

• kernel: Bluetooth: SCO: Fix use-after-free in scorecvframe() due to missing sock_hold (CVE-2026-31408)

• kernel: usbip: validate numberofpackets in usbippackret_submit() (CVE-2026-31607)

• kernel: RDMA/umem: Fix double dmabufunpin in failure path (CVE-2026-43128)

• kernel: "Dirty Frag" is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-43284)

• kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)

• kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.