CLSA-2026-1775831524 Fix of 8 CVEs

CVE-2024-56640 - net/smc: fix LGR and link use-after-free issue CVE-2024-56640 CVE-2026-23209 - macvlan: fix error recovery in macvlancommonnewlink CVE-2026-23209 CVE-2026-23193 - scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount CVE-2026-23193 CVE-2026-23204 - net/sched:...

RHEL 10 : kernel (RHSA-2026:3275)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3275 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Kernel: Double free...

kernel security update

6.12.0-124.39.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

CVE-2025-40139

CVE-2025-40139 affects the Linux kernel in the SMC (Shared Memory Communications) path. The issue is in the function smc_clc_prfx_set(), which is invoked during connect() and is not protected by RCU prior to dereferencing sk_dst_get(sk)->dev. This can lead to a use-after-free when the device i...

CVE-2022-48909 net/smc: fix connection leak

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix connection leak There's a potential leak issue under following execution sequence : smcrelease smcconnectwork if sk-skstate == SMCINIT sendclcconfirim tcpabort; ... sk.skstate = SMCACTIVE smccloseactive...

CVE-2022-48673 net/smc: Fix possible access to freed memory in link clear

In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible access to freed memory in link clear After modifying the QP to the Error state, all RX WR would be completed with WC in IBWCWRFLUSHERR status. Current implementation does not wait for it is done, but destroy...