Detections
Analytics
RockyLinux 9 : kernel (RLSA-2026:19568)
high Nessus Plugin ID 318043
Synopsis
The remote RockyLinux host is missing one or more security updates.Description
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19568 advisory.* kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (CVE-2025-39766)
* kernel: scsi: qla2xxx: Fix improper freeing of purex item (CVE-2025-68741)
* kernel: libceph: make decode_pool() more resilient against corrupted osdmaps (CVE-2025-71116)
* kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done() (CVE-2026-22984)
* kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (CVE-2026-22990)
* kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state (CVE-2026-23136)
* kernel: net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204)
* kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation (CVE-2026-23270)
* kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401)
* kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402)
* kernel: can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532)
* kernel: usbip: validate number_of_packets in usbip_pack_ret_submit() (CVE-2026-31607)
* kernel: md/bitmap: fix GPF in write_page caused by resize race (CVE-2026-43163)
* kernel: RDMA/umem: Fix double dma_buf_unpin in failure path (CVE-2026-43128)
* kernel: Dirty Frag is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-43284)
* kernel: Fragnesia is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)
* kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)
Tenable has extracted the preceding description block directly from the RockyLinux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://errata.rockylinux.org/RLSA-2026:19568
https://bugzilla.redhat.com/show_bug.cgi?id=2394648
https://bugzilla.redhat.com/show_bug.cgi?id=2425046
https://bugzilla.redhat.com/show_bug.cgi?id=2429602
https://bugzilla.redhat.com/show_bug.cgi?id=2432389
https://bugzilla.redhat.com/show_bug.cgi?id=2432400
https://bugzilla.redhat.com/show_bug.cgi?id=2439852
https://bugzilla.redhat.com/show_bug.cgi?id=2439931
https://bugzilla.redhat.com/show_bug.cgi?id=2448745
https://bugzilla.redhat.com/show_bug.cgi?id=2453803
https://bugzilla.redhat.com/show_bug.cgi?id=2454844
https://bugzilla.redhat.com/show_bug.cgi?id=2461107
https://bugzilla.redhat.com/show_bug.cgi?id=2461521
https://bugzilla.redhat.com/show_bug.cgi?id=2467059
https://bugzilla.redhat.com/show_bug.cgi?id=2467144
https://bugzilla.redhat.com/show_bug.cgi?id=2467771
Plugin Details
Severity: High
ID: 318043
File Name: rocky_linux_RLSA-2026-19568.nasl
Version: 1.1
Type: Local
Published: 5/30/2026
Updated: 5/30/2026
Supported Sensors: Continuous Assessment, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 10.0
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.9
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2026-46300
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:rocky:linux:kernel-rt-core, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-devel, p-cpe:/a:rocky:linux:kernel-zfcpdump-debuginfo, p-cpe:/a:rocky:linux:python3-perf-debuginfo, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-modules-extra, p-cpe:/a:rocky:linux:kernel-debug-modules-extra, p-cpe:/a:rocky:linux:kernel-rt, p-cpe:/a:rocky:linux:kernel-abi-stablelists, p-cpe:/a:rocky:linux:kernel-modules, p-cpe:/a:rocky:linux:kernel-zfcpdump-modules-extra, p-cpe:/a:rocky:linux:kernel-64k-modules, p-cpe:/a:rocky:linux:kernel-rt-debug, p-cpe:/a:rocky:linux:kernel-zfcpdump-modules-core, p-cpe:/a:rocky:linux:kernel-debuginfo, p-cpe:/a:rocky:linux:libperf, p-cpe:/a:rocky:linux:kernel-debug-modules, p-cpe:/a:rocky:linux:kernel-debug-core, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-core, p-cpe:/a:rocky:linux:kernel-rt-64k, p-cpe:/a:rocky:linux:kernel-rt-64k-debug, p-cpe:/a:rocky:linux:kernel-rt-64k-devel, p-cpe:/a:rocky:linux:kernel-debug, p-cpe:/a:rocky:linux:kernel-rt-debug-modules-extra, p-cpe:/a:rocky:linux:kernel-debug-devel-matched, p-cpe:/a:rocky:linux:kernel-uki-virt, p-cpe:/a:rocky:linux:kernel-debuginfo-common-s390x, cpe:/o:rocky:linux:9, p-cpe:/a:rocky:linux:kernel-tools, p-cpe:/a:rocky:linux:kernel-64k-devel-matched, p-cpe:/a:rocky:linux:kernel-rt-debug-devel, p-cpe:/a:rocky:linux:kernel-rt-devel, p-cpe:/a:rocky:linux:python3-perf, p-cpe:/a:rocky:linux:kernel-devel, p-cpe:/a:rocky:linux:kernel-rt-debuginfo, p-cpe:/a:rocky:linux:kernel, p-cpe:/a:rocky:linux:kernel-rt-debug-core, p-cpe:/a:rocky:linux:kernel-64k-debug-devel, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-debuginfo, p-cpe:/a:rocky:linux:kernel-64k-modules-extra, p-cpe:/a:rocky:linux:kernel-rt-64k-modules, p-cpe:/a:rocky:linux:kernel-rt-modules-core, p-cpe:/a:rocky:linux:kernel-rt-modules-extra, p-cpe:/a:rocky:linux:libperf-debuginfo, p-cpe:/a:rocky:linux:kernel-devel-matched, p-cpe:/a:rocky:linux:kernel-core, p-cpe:/a:rocky:linux:kernel-64k-debug-core, p-cpe:/a:rocky:linux:kernel-zfcpdump-devel, p-cpe:/a:rocky:linux:perf-debuginfo, p-cpe:/a:rocky:linux:kernel-debug-debuginfo, p-cpe:/a:rocky:linux:kernel-rt-debug-debuginfo, p-cpe:/a:rocky:linux:kernel-64k-debug-debuginfo, p-cpe:/a:rocky:linux:kernel-64k-devel, p-cpe:/a:rocky:linux:kernel-tools-debuginfo, p-cpe:/a:rocky:linux:kernel-debuginfo-common-ppc64le, p-cpe:/a:rocky:linux:kernel-zfcpdump-modules, p-cpe:/a:rocky:linux:kernel-zfcpdump-devel-matched, p-cpe:/a:rocky:linux:perf, p-cpe:/a:rocky:linux:kernel-rt-debug-modules, p-cpe:/a:rocky:linux:kernel-rt-debug-modules-core, p-cpe:/a:rocky:linux:kernel-64k-modules-core, p-cpe:/a:rocky:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-modules, p-cpe:/a:rocky:linux:kernel-64k-core, p-cpe:/a:rocky:linux:kernel-64k-debug-modules, p-cpe:/a:rocky:linux:kernel-modules-core, p-cpe:/a:rocky:linux:kernel-modules-extra, p-cpe:/a:rocky:linux:rtla, p-cpe:/a:rocky:linux:kernel-rt-modules, p-cpe:/a:rocky:linux:kernel-tools-libs-devel, p-cpe:/a:rocky:linux:kernel-64k-debug-devel-matched, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-modules-core, p-cpe:/a:rocky:linux:kernel-64k-debug, p-cpe:/a:rocky:linux:kernel-rt-64k-modules-extra, p-cpe:/a:rocky:linux:kernel-tools-libs, p-cpe:/a:rocky:linux:rv, p-cpe:/a:rocky:linux:kernel-uki-virt-addons, p-cpe:/a:rocky:linux:kernel-rt-64k-modules-core, p-cpe:/a:rocky:linux:kernel-debug-uki-virt, p-cpe:/a:rocky:linux:kernel-64k-debug-modules-extra, p-cpe:/a:rocky:linux:kernel-64k, p-cpe:/a:rocky:linux:kernel-64k-debuginfo, p-cpe:/a:rocky:linux:kernel-64k-debug-modules-core, p-cpe:/a:rocky:linux:kernel-zfcpdump-core, p-cpe:/a:rocky:linux:kernel-debug-modules-core, p-cpe:/a:rocky:linux:kernel-rt-64k-debuginfo, p-cpe:/a:rocky:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:rocky:linux:kernel-zfcpdump, p-cpe:/a:rocky:linux:kernel-debug-devel, p-cpe:/a:rocky:linux:kernel-rt-64k-core
Required KB Items: Host/local_checks_enabled, Host/RockyLinux/release, Host/RockyLinux/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/28/2026
Vulnerability Publication Date: 9/11/2025
Reference Information
CVE: CVE-2025-39766, CVE-2025-68741, CVE-2025-71116, CVE-2026-22984, CVE-2026-22990, CVE-2026-23136, CVE-2026-23204, CVE-2026-23270, CVE-2026-23401, CVE-2026-31402, CVE-2026-31532, CVE-2026-31607, CVE-2026-43128, CVE-2026-43163, CVE-2026-43284, CVE-2026-46300, CVE-2026-46333