{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2026-46300", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-05-13T15:03:33.111Z", "datePublished": "2026-05-23T11:44:02.231Z", "dateUpdated": "2026-07-10T12:05:53.334Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-06-14T18:07:34.359Z" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skbuff: preserve shared-frag marker during coalescing\n\nskb_try_coalesce() can attach paged frags from @from to @to. If @from\nhas SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same\nexternally-owned or page-cache-backed frags, but the shared-frag marker\nis currently lost.\n\nThat breaks the invariant relied on by later in-place writers. In\nparticular, ESP input checks skb_has_shared_frag() before deciding\nwhether an uncloned nonlinear skb can skip skb_cow_data(). If TCP\nreceive coalescing has moved shared frags into an unmarked skb, ESP can\nsee skb_has_shared_frag() as false and decrypt in place over page-cache\nbacked frags.\n\nPropagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged\nfrags. The tailroom copy path does not need the marker because it copies\nbytes into @to's linear data rather than transferring frag descriptors." } ], "metrics": [ { "cvssV3_1": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH" } } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "net/core/skbuff.c" ], "versions": [ { "version": "cef401de7be8c4e155c6746bfccf721a4fa5fab9", "lessThan": "3599e6b3cc1ada96883d496a50a210d3afbb6987", "status": "affected", "versionType": "git" }, { "version": "cef401de7be8c4e155c6746bfccf721a4fa5fab9", "lessThan": "2f2b16022a2e10ca7bccfb98db5ed2ec0f72641c", "status": "affected", "versionType": "git" }, { "version": "cef401de7be8c4e155c6746bfccf721a4fa5fab9", "lessThan": "9d3e5fd19fe1063bf607219e8562fbd567b8e8d5", "status": "affected", "versionType": "git" }, { "version": "cef401de7be8c4e155c6746bfccf721a4fa5fab9", "lessThan": "78bf6b6bb19541d19fbda6242e7cfe2c682763c0", "status": "affected", "versionType": "git" }, { "version": "cef401de7be8c4e155c6746bfccf721a4fa5fab9", "lessThan": "760e1addc27ba1a7beb4a0a7e8b3e9ec49e7a34e", "status": "affected", "versionType": "git" }, { "version": "cef401de7be8c4e155c6746bfccf721a4fa5fab9", "lessThan": "3bd9e113d50034db99d7ef69fd8e5242d15e414a", "status": "affected", "versionType": "git" }, { "version": "cef401de7be8c4e155c6746bfccf721a4fa5fab9", "lessThan": "3884358a9286b17f389a72b1426fc4547c23c111", "status": "affected", "versionType": "git" }, { "version": "cef401de7be8c4e155c6746bfccf721a4fa5fab9", "lessThan": "f84eca5817390257cef78013d0112481c503b4a3", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "net/core/skbuff.c" ], "versions": [ { "version": "3.9", "status": "affected" }, { "version": "0", "lessThan": "3.9", "status": "unaffected", "versionType": "semver" }, { "version": "5.10.257", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver" }, { "version": "5.15.208", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.1.174", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.6.141", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.12.91", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.18.33", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver" }, { "version": "7.0.10", "lessThanOrEqual": "7.0.*", "status": "unaffected", "versionType": "semver" }, { "version": "7.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.9", "versionEndExcluding": "5.10.257" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.9", "versionEndExcluding": "5.15.208" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.9", "versionEndExcluding": "6.1.174" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.9", "versionEndExcluding": "6.6.141" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.9", "versionEndExcluding": "6.12.91" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.9", "versionEndExcluding": "6.18.33" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.9", "versionEndExcluding": "7.0.10" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.9", "versionEndExcluding": "7.1" } ] } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/3599e6b3cc1ada96883d496a50a210d3afbb6987" }, { "url": "https://git.kernel.org/stable/c/2f2b16022a2e10ca7bccfb98db5ed2ec0f72641c" }, { "url": "https://git.kernel.org/stable/c/9d3e5fd19fe1063bf607219e8562fbd567b8e8d5" }, { "url": "https://git.kernel.org/stable/c/78bf6b6bb19541d19fbda6242e7cfe2c682763c0" }, { "url": "https://git.kernel.org/stable/c/760e1addc27ba1a7beb4a0a7e8b3e9ec49e7a34e" }, { "url": "https://git.kernel.org/stable/c/3bd9e113d50034db99d7ef69fd8e5242d15e414a" }, { "url": "https://git.kernel.org/stable/c/3884358a9286b17f389a72b1426fc4547c23c111" }, { "url": "https://git.kernel.org/stable/c/f84eca5817390257cef78013d0112481c503b4a3" } ], "title": "net: skbuff: preserve shared-frag marker during coalescing", "x_generator": { "engine": "bippy-1.2.0" } }, "adp": [ { "title": "CVE Program Container", "references": [ { "url": "http://www.openwall.com/lists/oss-security/2026/05/13/5" }, { "url": "http://www.openwall.com/lists/oss-security/2026/05/21/11" }, { "url": "http://www.openwall.com/lists/oss-security/2026/05/21/12" }, { "url": "http://www.openwall.com/lists/oss-security/2026/05/21/13" } ], "providerMetadata": { "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-05-23T12:24:19.703Z" } }, { "affected": [ { "cpes": [ "cpe:/a:redhat:enterprise_linux_nvidia:10::el10" ], "defaultStatus": "affected", "product": "NVIDIA for RHEL 10", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.21::el10", "cpe:/a:redhat:openshift:4.21::el8", "cpe:/a:redhat:openshift:4.21::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.21", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.12::el8" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.12", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.13::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.13", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.14::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.14", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.15::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.15", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.16::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.16", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.17::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.17", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.18::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.18", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.19::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.19", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.20::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.20", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux_eus:10.0" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:10.2" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream (v. 10)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_e4s:9.0::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_e4s:9.2::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_eus:9.4::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_eus:9.6::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream (v. 9)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux_eus:10.0" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:10.2" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS (v. 10)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:8::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS (v. 8)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_aus:8.4::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_aus:8.6::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_e4s:8.6::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_tus:8.6::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_e4s:8.8::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_tus:8.8::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_e4s:9.0::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_e4s:9.2::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_e4s:9.4::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS E4S (v.9.4)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_eus:9.4::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_eus:9.6::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:9::baseos" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux BaseOS (v. 9)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux_eus:10.0" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:10.2" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:enterprise_linux:8::crb" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux CRB (v. 8)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_eus:9.4::crb" ], "defaultStatus": "affected", "product": "Red Hat CodeReady Linux Builder EUS (v.9.4)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_eus:9.6::crb" ], "defaultStatus": "affected", "product": "Red Hat CodeReady Linux Builder EUS (v.9.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux_eus:10.0" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:10.2" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time for NFV (v. 10)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:enterprise_linux:8::nfv" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux NFV (v. 8)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_e4s:9.0::nfv" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux NFV E4S (v.9.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_e4s:9.2::nfv" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_eus:9.4::nfv" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_eus:9.6::nfv" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:enterprise_linux:9::nfv" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time for NFV (v. 9)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux_eus:10.0" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time EUS (v. 10.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:10.2" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time (v. 10)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:enterprise_linux:8::realtime" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux RT (v. 8)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_e4s:9.0::realtime" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time E4S (v.9.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_e4s:9.2::realtime" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time E4S (v.9.2)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_eus:9.4::realtime" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time EUS (v.9.4)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_eus:9.6::realtime" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time EUS (v.9.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:enterprise_linux:9::realtime" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Real Time (v. 9)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unaffected", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" } ], "datePublic": "2026-05-13T12:00:00.000Z", "descriptions": [ { "lang": "en", "value": "A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-123", "description": "Write-what-where Condition", "lang": "en", "type": "CWE" } ] } ], "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2026-46300" }, { "name": "RHBZ#2477015", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015" }, { "tags": [ "x_sadp-csaf-vex" ], "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46300.json" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19540" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:33486" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHBA-2026:20032" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:21695" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:21690" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:28887" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23233" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20087" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:25044" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:34098" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:21656" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23245" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:21702" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23240" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20299" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19569" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19705" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20593" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20054" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20129" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19568" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19666" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23470" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20130" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20051" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19521" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23471" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23469" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:24814" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23468" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19664" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19711" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19875" } ], "solutions": [ { "lang": "en", "value": "RHSA-2026:19540: NVIDIA for RHEL 10" }, { "lang": "en", "value": "RHSA-2026:33486: NVIDIA for RHEL 10" }, { "lang": "en", "value": "RHBA-2026:20032: Red Hat OpenShift Container Platform 4.21" }, { "lang": "en", "value": "RHSA-2026:21695: Red Hat OpenShift Container Platform 4.12" }, { "lang": "en", "value": "RHSA-2026:21690: Red Hat OpenShift Container Platform 4.13" }, { "lang": "en", "value": "RHSA-2026:28887: Red Hat OpenShift Container Platform 4.14" }, { "lang": "en", "value": "RHSA-2026:23233: Red Hat OpenShift Container Platform 4.15" }, { "lang": "en", "value": "RHSA-2026:20087: Red Hat OpenShift Container Platform 4.16" }, { "lang": "en", "value": "RHSA-2026:25044: Red Hat OpenShift Container Platform 4.16" }, { "lang": "en", "value": "RHSA-2026:34098: Red Hat OpenShift Container Platform 4.17" }, { "lang": "en", "value": "RHSA-2026:21656: Red Hat OpenShift Container Platform 4.18" }, { "lang": "en", "value": "RHSA-2026:23245: Red Hat OpenShift Container Platform 4.19" }, { "lang": "en", "value": "RHSA-2026:21702: Red Hat OpenShift Container Platform 4.20" }, { "lang": "en", "value": "RHSA-2026:23240: Red Hat OpenShift Container Platform 4.21" }, { "lang": "en", "value": "RHSA-2026:20299: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0), Red Hat Enterprise Linux Real Time EUS (v. 10.0), Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:19569: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)" }, { "lang": "en", "value": "RHSA-2026:19705: Red Hat Enterprise Linux AppStream E4S (v.9.0), Red Hat Enterprise Linux BaseOS E4S (v.9.0)" }, { "lang": "en", "value": "RHSA-2026:20593: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux BaseOS E4S (v.9.2)" }, { "lang": "en", "value": "RHSA-2026:20054: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat Enterprise Linux BaseOS EUS (v.9.4), Red Hat Enterprise Linux Real Time EUS (v.9.4), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)" }, { "lang": "en", "value": "RHSA-2026:20129: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6), Red Hat Enterprise Linux BaseOS EUS (v.9.6), Red Hat Enterprise Linux Real Time EUS (v.9.6), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:19568: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9), Red Hat Enterprise Linux Real Time (v. 9), Red Hat Enterprise Linux Real Time for NFV (v. 9)" }, { "lang": "en", "value": "RHSA-2026:19666: Red Hat Enterprise Linux BaseOS (v. 8), Red Hat Enterprise Linux CRB (v. 8)" }, { "lang": "en", "value": "RHSA-2026:23470: Red Hat Enterprise Linux BaseOS (v. 8)" }, { "lang": "en", "value": "RHSA-2026:20130: Red Hat Enterprise Linux BaseOS AUS (v.8.4), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)" }, { "lang": "en", "value": "RHSA-2026:20051: Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS E4S (v.8.6), Red Hat Enterprise Linux BaseOS TUS (v.8.6)" }, { "lang": "en", "value": "RHSA-2026:19521: Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)" }, { "lang": "en", "value": "RHSA-2026:23471: Red Hat Enterprise Linux BaseOS E4S (v.8.8)" }, { "lang": "en", "value": "RHSA-2026:23469: Red Hat Enterprise Linux BaseOS E4S (v.9.2)" }, { "lang": "en", "value": "RHSA-2026:24814: Red Hat Enterprise Linux BaseOS E4S (v.9.4)" }, { "lang": "en", "value": "RHSA-2026:23468: Red Hat Enterprise Linux BaseOS EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:19664: Red Hat Enterprise Linux NFV (v. 8), Red Hat Enterprise Linux RT (v. 8)" }, { "lang": "en", "value": "RHSA-2026:19711: Red Hat Enterprise Linux NFV E4S (v.9.0), Red Hat Enterprise Linux Real Time E4S (v.9.0)" }, { "lang": "en", "value": "RHSA-2026:19875: Red Hat Enterprise Linux Real Time E4S (v.9.2), Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)" } ], "timeline": [ { "lang": "en", "time": "2026-05-13T13:28:21.270Z", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2026-05-13T12:00:00.000Z", "value": "Made public." } ], "title": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel", "workarounds": [ { "lang": "en", "value": "See the security bulletin for a detailed mitigation procedure." } ], "x_adpType": "supplier", "x_generator": { "engine": "sadp-cli 1.0.0" }, "providerMetadata": { "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c", "shortName": "redhat-SADP", "dateUpdated": "2026-07-10T12:05:53.334Z" } } ] } }