SB2026050681 - Red Hat Enterprise Linux 8 update for kernel
Published: May 6, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2026-23191)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the is_access_interleaved() and loopback_check_format() functions in sound/drivers/aloop.c. A local user can escalate privileges on the system.
2) Improper resource shutdown or release (CVE-ID: CVE-2026-23401)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper handling of SPTE updates in KVM MMU when installing emulated MMIO SPTEs. A local user can trigger a page fault after host userspace modifies guest memory mappings to switch from memslot to emulated MMIO, leading to an attempt to mark an already present SPTE as MMIO, which results in a kernel warning and potential guest crash. A local user can send a specially crafted request to cause a denial of service.
The issue arises when KVM fails to drop the existing shadow-present SPTE before installing an MMIO SPTE, resulting in inconsistent MMU state and triggering a kernel warning that can crash the guest.
3) Improper control of a resource through its lifetime (CVE-ID: CVE-2026-31431)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper memory handling within the authencesn cryptographic template in algif_aead when processing AEAD operations. A local user can trigger the vulnerable code path to execute arbitrary code on the system.
Note, this vulnerability was dubbed "Copy Fail".
Remediation
Install update from vendor's website.