SB2026020216 - Red Hat Enterprise Linux 9 update for kernel 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026020216

SB2026020216 - Red Hat Enterprise Linux 9 update for kernel

Published: February 2, 2026

Security Bulletin ID SB2026020216
Severity
Low
Patch available
YES
Number of vulnerabilities 14
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 14 secuirty vulnerabilities.


1) Out-of-bounds read (CVE-ID: CVE-2025-21724)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the iova_bitmap_offset_to_index() function in drivers/vfio/iova_bitmap.c. A local user can perform a denial of service (DoS) attack.


2) Out-of-bounds read (CVE-ID: CVE-2023-53034)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the switchtec_ntb_mw_set_trans() function in drivers/ntb/hw/mscc/ntb_hw_switchtec.c. A local user can perform a denial of service (DoS) attack.


3) Use-after-free (CVE-ID: CVE-2025-23142)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the sctp_transport_free() function in net/sctp/transport.c, within the sctp_writeable(), sctp_sendmsg_to_asoc(), sctp_sock_rfree() and sctp_wait_for_sndbuf() functions in net/sctp/socket.c. A local user can escalate privileges on the system.


4) Input validation error (CVE-ID: CVE-2025-37789)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the validate_set() function in net/openvswitch/flow_netlink.c. A local user can perform a denial of service (DoS) attack.


5) Memory leak (CVE-ID: CVE-2025-37849)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the kvm_arch_vcpu_create() function in arch/arm64/kvm/arm.c. A local user can perform a denial of service (DoS) attack.


6) NULL pointer dereference (CVE-ID: CVE-2023-53240)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the xsk_build_skb(), xsk_generic_xmit(), xsk_no_wakeup(), __xsk_sendmsg(), __xsk_recvmsg() and xsk_poll() functions in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.


7) Input validation error (CVE-ID: CVE-2025-39898)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the e1000_set_eeprom() function in drivers/net/ethernet/intel/e1000e/ethtool.c. A local user can perform a denial of service (DoS) attack.


8) Memory leak (CVE-ID: CVE-2023-53552)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the i915_fence_release() function in drivers/gpu/drm/i915/i915_request.c. A local user can perform a denial of service (DoS) attack.


9) Improper locking (CVE-ID: CVE-2023-53581)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the remove_unready_flow() and mlx5e_tc_del_fdb_flow() functions in drivers/net/ethernet/mellanox/mlx5/core/en_tc.c. A local user can perform a denial of service (DoS) attack.


10) Input validation error (CVE-ID: CVE-2025-39971)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the i40e_vc_config_queues_msg() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.


11) Out-of-bounds read (CVE-ID: CVE-2023-53705)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ipv6_find_tlv() function in net/ipv6/exthdrs_core.c. A local user can perform a denial of service (DoS) attack.


12) Out-of-bounds read (CVE-ID: CVE-2025-40154)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the log_quirks() function in sound/soc/intel/boards/bytcr_rt5640.c. A local user can perform a denial of service (DoS) attack.


13) Use-after-free (CVE-ID: CVE-2025-40141)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the iso_sock_kill() function in net/bluetooth/iso.c. A local user can escalate privileges on the system.


14) Out-of-bounds read (CVE-ID: CVE-2025-40277)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vmw_cmd_check() function in drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c. A local user can perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References