RHSA-2026:18587

Description

Red Hat Security Advisory: kernel security update

CVSS Metrics

• v3.1•HIGH•Score: 7.6CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected Systems

• redhat•kernel

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-core

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-debug

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-debug-core

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-debug-debuginfo

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-debug-devel

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-debug-devel-matched

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-debug-modules

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-debug-modules-core

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-debug-modules-extra

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-debuginfo

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-devel

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-devel-matched

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-modules

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-modules-core

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-64k-modules-extra

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-abi-stablelists

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-core

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debug

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debug-core

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debug-debuginfo

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debug-devel

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debug-devel-matched

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debug-modules

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debug-modules-core

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debug-modules-extra

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debug-uki-virt

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debuginfo

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debuginfo-common-aarch64

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debuginfo-common-ppc64le

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debuginfo-common-s390x

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-debuginfo-common-x86_64

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-devel

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-devel-matched

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-doc

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-modules

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-modules-core

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-modules-extra

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-rt

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-rt-64k

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-rt-64k-core

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-rt-64k-debug

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-rt-64k-debug-core

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-rt-64k-debug-debuginfo

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-rt-64k-debug-devel

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-rt-64k-debug-modules

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-rt-64k-debug-modules-core

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-rt-64k-debug-modules-extra

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

• redhat•kernel-rt-64k-debuginfo

  < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8 | < 0:5.14.0-687.5.1.el9_8

Showing first 50 affected entries in server-rendered view.

References (87)

• https://access.redhat.com/errata/RHSA-2026:18587
• https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.8_release_notes/index
• https://access.redhat.com/security/updates/classification/#moderate
• https://bugzilla.redhat.com/show_bug.cgi?id=2360247
• https://bugzilla.redhat.com/show_bug.cgi?id=2367614
• https://bugzilla.redhat.com/show_bug.cgi?id=2373343
• https://bugzilla.redhat.com/show_bug.cgi?id=2376060
• https://bugzilla.redhat.com/show_bug.cgi?id=2376065
• https://bugzilla.redhat.com/show_bug.cgi?id=2379178
• https://bugzilla.redhat.com/show_bug.cgi?id=2383397
• https://bugzilla.redhat.com/show_bug.cgi?id=2383399
• https://bugzilla.redhat.com/show_bug.cgi?id=2383478
• https://bugzilla.redhat.com/show_bug.cgi?id=2383906
• https://bugzilla.redhat.com/show_bug.cgi?id=2396940
• https://bugzilla.redhat.com/show_bug.cgi?id=2414468
• https://bugzilla.redhat.com/show_bug.cgi?id=2436806
• https://bugzilla.redhat.com/show_bug.cgi?id=2448594
• https://issues.redhat.com/browse/RHEL-101326
• https://issues.redhat.com/browse/RHEL-101342
• https://issues.redhat.com/browse/RHEL-107273
• https://issues.redhat.com/browse/RHEL-107917
• https://issues.redhat.com/browse/RHEL-109634
• https://issues.redhat.com/browse/RHEL-111113
• https://issues.redhat.com/browse/RHEL-116075
• https://issues.redhat.com/browse/RHEL-125143
• https://issues.redhat.com/browse/RHEL-141481
• https://issues.redhat.com/browse/RHEL-145938
• https://issues.redhat.com/browse/RHEL-147489
• https://issues.redhat.com/browse/RHEL-9065
• https://issues.redhat.com/browse/RHEL-95934
• https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_18587.json
• https://access.redhat.com/security/cve/CVE-2025-22105
• https://www.cve.org/CVERecord?id=CVE-2025-22105
• https://nvd.nist.gov/vuln/detail/CVE-2025-22105
• https://lore.kernel.org/linux-cve-announce/2025041622-CVE-2025-22105-afef@gregkh/T
• https://access.redhat.com/security/cve/CVE-2025-37980
• https://www.cve.org/CVERecord?id=CVE-2025-37980
• https://nvd.nist.gov/vuln/detail/CVE-2025-37980
• https://lore.kernel.org/linux-cve-announce/2025052040-CVE-2025-37980-561f@gregkh/T
• https://access.redhat.com/security/cve/CVE-2025-38015
• https://www.cve.org/CVERecord?id=CVE-2025-38015
• https://nvd.nist.gov/vuln/detail/CVE-2025-38015
• https://lore.kernel.org/linux-cve-announce/2025061844-CVE-2025-38015-84e8@gregkh/T
• https://access.redhat.com/security/cve/CVE-2025-38097
• https://www.cve.org/CVERecord?id=CVE-2025-38097
• https://nvd.nist.gov/vuln/detail/CVE-2025-38097
• https://lore.kernel.org/linux-cve-announce/2025070305-CVE-2025-38097-287c@gregkh/T
• https://access.redhat.com/security/cve/CVE-2025-38166
• https://www.cve.org/CVERecord?id=CVE-2025-38166
• https://nvd.nist.gov/vuln/detail/CVE-2025-38166
• https://lore.kernel.org/linux-cve-announce/2025070341-CVE-2025-38166-3dc8@gregkh/T
• https://access.redhat.com/security/cve/CVE-2025-38279
• https://www.cve.org/CVERecord?id=CVE-2025-38279
• https://nvd.nist.gov/vuln/detail/CVE-2025-38279
• https://lore.kernel.org/linux-cve-announce/2025071009-CVE-2025-38279-af9f@gregkh/T
• https://access.redhat.com/security/cve/CVE-2025-38400
• https://www.cve.org/CVERecord?id=CVE-2025-38400
• https://nvd.nist.gov/vuln/detail/CVE-2025-38400
• https://lore.kernel.org/linux-cve-announce/2025072510-CVE-2025-38400-a0d2@gregkh/T
• https://access.redhat.com/security/cve/CVE-2025-38405
• https://www.cve.org/CVERecord?id=CVE-2025-38405
• https://nvd.nist.gov/vuln/detail/CVE-2025-38405
• https://lore.kernel.org/linux-cve-announce/2025072511-CVE-2025-38405-014e@gregkh/T
• https://access.redhat.com/security/cve/CVE-2025-38441
• https://www.cve.org/CVERecord?id=CVE-2025-38441
• https://nvd.nist.gov/vuln/detail/CVE-2025-38441
• https://lore.kernel.org/linux-cve-announce/2025072502-CVE-2025-38441-bb71@gregkh/T
• https://access.redhat.com/security/cve/CVE-2025-38470
• https://www.cve.org/CVERecord?id=CVE-2025-38470
• https://nvd.nist.gov/vuln/detail/CVE-2025-38470
• https://lore.kernel.org/linux-cve-announce/2025072811-CVE-2025-38470-a4d4@gregkh/T
• https://access.redhat.com/security/cve/CVE-2025-39866
• https://www.cve.org/CVERecord?id=CVE-2025-39866
• https://nvd.nist.gov/vuln/detail/CVE-2025-39866
• https://lore.kernel.org/linux-cve-announce/2025091907-CVE-2025-39866-45d3@gregkh/T
• https://access.redhat.com/security/cve/CVE-2025-40134
• https://www.cve.org/CVERecord?id=CVE-2025-40134
• https://nvd.nist.gov/vuln/detail/CVE-2025-40134
• https://lore.kernel.org/linux-cve-announce/2025111254-CVE-2025-40134-4d24@gregkh/T
• https://access.redhat.com/security/cve/CVE-2026-23040
• https://www.cve.org/CVERecord?id=CVE-2026-23040
• https://nvd.nist.gov/vuln/detail/CVE-2026-23040
• https://lore.kernel.org/linux-cve-announce/2026020438-CVE-2026-23040-1980@gregkh/T
• https://access.redhat.com/security/cve/CVE-2026-23243
• https://www.cve.org/CVERecord?id=CVE-2026-23243
• https://nvd.nist.gov/vuln/detail/CVE-2026-23243
• https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2026-23243-b88e@gregkh/T