kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

RLSA-2026:3963 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr CVE-2025-71085 kernel: macvlan: fix possible UAF in macvlanforwardsource CVE-2026-23001 For more details about the security...

AlmaLinux 8 : kernel-rt (ALSA-2026:3964)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3964 advisory. kernel: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr CVE-2025-71085 kernel: macvlan: fix possible UAF in macvlanforwardsource CVE-2026-2300...

AlmaLinux 8 : kernel (ALSA-2026:3963)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:3963 advisory. kernel: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr CVE-2025-71085 kernel: macvlan: fix possible UAF in macvlanforwardsource CVE-2026-2300...

Oracle Linux 10 : kernel (ELSA-2026-4012)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4012 advisory. - HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save CKI Backport Bot RHEL-142253 CVE-2025-39818 - drm/xe: Make dma-fenc...

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr CVE-2025-71085 kernel: macvlan: fix possible UAF in macvlanforwardsour...

CVE-2026-23001

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

CVE-2026-23001 macvlan: fix possible UAF in macvlan_forward_source()

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...