{"schema_version": "1.7.0", "id": "RLSA-2026:25120", "modified": "2026-06-12T18:06:00.503847Z", "published": "2026-06-12T18:01:31.809713Z", "upstream": ["CVE-2023-53781", "CVE-2025-21858", "CVE-2025-68366", "CVE-2026-22984", "CVE-2026-22990", "CVE-2026-23392", "CVE-2026-31581", "CVE-2026-31613", "CVE-2026-43037", "CVE-2026-43038", "CVE-2026-43125", "CVE-2026-45852", "CVE-2026-46181"], "summary": "Critical: kernel-rt security update", "details": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: geneve: Fix use-after-free in geneve_find_dev(). (CVE-2025-21858)\n\n* kernel: smc: Fix use-after-free in tcp_write_timer_handler() (CVE-2023-53781)\n\n* kernel: nbd: defer config unlock in nbd_genl_connect (CVE-2025-68366)\n\n* kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done() (CVE-2026-22984)\n\n* kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (CVE-2026-22990)\n\n* kernel: netfilter: nf_tables: release flowtable after rcu grace period on error (CVE-2026-23392)\n\n* kernel: ALSA: 6fire: fix use-after-free on disconnect (CVE-2026-31581)\n\n* kernel: smb: client: fix OOB reads parsing symlink error response (CVE-2026-31613)\n\n* kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() (CVE-2026-43037)\n\n* kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() (CVE-2026-43038)\n\n* kernel: dlm: validate length in dlm_search_rsb_tree (CVE-2026-43125)\n\n* kernel: RDMA/rxe: Fix double free in rxe_srq_from_init (CVE-2026-45852)\n\n* kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (CVE-2026-46181)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}], "affected": [{"package": {"ecosystem": "Rocky Linux:8", "name": "kernel-rt", "purl": "pkg:rpm/rocky-linux/kernel-rt?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:4.18.0-553.132.1.rt7.473.el8_10"}], "database_specific": {"yum_repository": "NFV"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RLSA-2026:25120"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2351619"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420279"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2424881"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432389"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2432400"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451218"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461471"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461480"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2464351"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2464397"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467234"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482166"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482532"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}