SB2026022343 - Red Hat Enterprise Linux 8 update for kernel
Published: February 23, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2025-38129)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the page_pool_ethtool_stats_get(), page_pool_return_page() and page_pool_scrub() functions in net/core/page_pool.c. A local user can escalate privileges on the system.
2) Use-after-free (CVE-ID: CVE-2025-38248)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the br_multicast_port_ctx_init() function in net/bridge/br_multicast.c. A local user can escalate privileges on the system.
3) Use-after-free (CVE-ID: CVE-2025-40064)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smc_pnet_find_ism_by_pnetid() function in net/smc/smc_pnet.c. A local user can escalate privileges on the system.
4) Use-after-free (CVE-ID: CVE-2025-68800)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlxsw_sp_mr_route_add() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c. A local user can escalate privileges on the system.
5) Use-after-free (CVE-ID: CVE-2026-23074)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the teql_qdisc_init() function in net/sched/sch_teql.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.