Detections
Analytics

RHEL 9 : kernel-rt (RHSA-2026:1443)

high Nessus Plugin ID 297001

Synopsis

The remote Red Hat host is missing one or more security updates for kernel-rt.

Description

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1443 advisory.

 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

 Security Fix(es):

 * kernel: Linux kernel: iommufd/iova_bitmap shift-out-of-bounds vulnerability (CVE-2025-21724)

 * kernel: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (CVE-2023-53034)

 * kernel: Linux kernel: SCTP use-after-free due to race condition in sendmsg (CVE-2025-23142)

 * kernel: net: openvswitch: fix nested key length validation in the set() action (CVE-2025-37789)

 * kernel: KVM: arm64: Tear down vGIC on failed vCPU creation (CVE-2025-37849)

 * kernel: xsk: check IFF_UP earlier in Tx path (CVE-2023-53240)

 * kernel: e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898)

 * kernel: drm/i915: mark requests for GuC virtual engines to avoid use-after-free (CVE-2023-53552)

 * kernel: net/mlx5e: Check for NOT_READY flag state after locking (CVE-2023-53581)

 * kernel: i40e: fix idx validation in config queues msg (CVE-2025-39971)

 * kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (CVE-2023-53705)

 * kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (CVE-2025-40154)

 * kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free (CVE-2025-40141)

 * kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (CVE-2025-40277)

 For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the RHEL kernel-rt package based on the guidance in RHSA-2026:1443.

See Also

https://access.redhat.com/security/updates/classification/#moderate

https://bugzilla.redhat.com/show_bug.cgi?id=2348649

https://bugzilla.redhat.com/show_bug.cgi?id=2360239

https://bugzilla.redhat.com/show_bug.cgi?id=2363300

https://bugzilla.redhat.com/show_bug.cgi?id=2363315

https://bugzilla.redhat.com/show_bug.cgi?id=2365271

https://bugzilla.redhat.com/show_bug.cgi?id=2395413

https://bugzilla.redhat.com/show_bug.cgi?id=2400598

https://bugzilla.redhat.com/show_bug.cgi?id=2401514

https://bugzilla.redhat.com/show_bug.cgi?id=2401545

https://bugzilla.redhat.com/show_bug.cgi?id=2404108

https://bugzilla.redhat.com/show_bug.cgi?id=2405713

https://bugzilla.redhat.com/show_bug.cgi?id=2414494

https://bugzilla.redhat.com/show_bug.cgi?id=2414522

https://bugzilla.redhat.com/show_bug.cgi?id=2419954

http://www.nessus.org/u?d60957f8

https://access.redhat.com/errata/RHSA-2026:1443

Plugin Details

Severity: High

ID: 297001

File Name: redhat-RHSA-2026-1443.nasl

Version: 1.1

Type: local

Agent: unix

Published: 1/28/2026

Updated: 1/28/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

Vendor

Vendor Severity: Moderate

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-37849

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:redhat:rhel_e4s:9.2, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug, p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules, p-cpe:/a:redhat:enterprise_linux:kernel-rt, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-core, p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm, p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 1/28/2026

Vulnerability Publication Date: 9/4/2021

Reference Information

CVE: CVE-2023-53034, CVE-2023-53240, CVE-2023-53552, CVE-2023-53581, CVE-2023-53705, CVE-2025-21724, CVE-2025-23142, CVE-2025-37789, CVE-2025-37849, CVE-2025-39971, CVE-2025-40141, CVE-2025-40154, CVE-2025-40277

CWE: 122, 125, 190, 20, 459, 476, 787, 825

RHSA: 2026:1443