Detections
Analytics
RockyLinux 9 : kernel (RLSA-2026:27789)
high Nessus Plugin ID 322776
Synopsis
The remote RockyLinux host is missing one or more security updates.Description
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27789 advisory.* kernel: can: isotp: fix tx.buf use-after-free in isotp_sendmsg() (CVE-2026-31474)
* kernel: mptcp: fix slab-use-after-free in __inet_lookup_established (CVE-2026-31669)
* kernel: xen/privcmd: fix double free via VMA splitting (CVE-2026-31787)
* kernel: Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CVE-2026-31772)
* kernel: bnxt_en: Fix RSS context delete logic (CVE-2026-43260)
* kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing (CVE-2026-43279)
* kernel: scsi: qla2xxx: Completely fix fcport double free (CVE-2026-43414)
* kernel: net/sched: act_pedit: extend the writable skb range per key (CVE-2026-46331)
* kernel: gfs2: Fix use-after-free in iomap inline data write path (CVE-2026-45984)
* kernel: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (CVE-2026-46056)
* kernel: wifi: mac80211: drop stray 'static' from fast-RX rx_result (CVE-2026-46152)
* kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (CVE-2026-46117)
* kernel: RDMA/mana: Validate rx_hash_key_len (CVE-2026-46145)
* kernel: wifi: mac80211: remove station if connection prep fails (CVE-2026-46125)
* kernel: exit: prevent preemption of oopsing TASK_DEAD task (CVE-2026-46173)
* kernel: wifi: mac80211: use safe list iteration in radar detect work (CVE-2026-46166)
* kernel: nvmet-tcp: fix race between ICReq handling and queue teardown (CVE-2026-46135)
Bug Fix(es) and Enhancement(s):
* Rocky Linux9.4 - s390/ap: Expose ap_bindings_complete_count counter via sysfs [rhel-9.8.z] (JIRA:Rocky Linux-166048)
* [Rocky Linux 9.8] Hung tasks during both suspend and hibernate operations on systems with Intel E810 NICs [rhel-9.8.z] (JIRA:Rocky Linux-175699)
* DPLL: Add support for pin operational state [rhel-9.8.z] (JIRA:Rocky Linux-175820)
* DPLL: Add support for fractional frequency offset between pin and device [rhel-9.8.z] (JIRA:Rocky Linux-175823)
* ibmveth Adapter Freeze with Small MSS [rhel-9.8.z] (JIRA:Rocky Linux-178308)
* Rocky Linux9.4 - s390/mm: Add missing secure storage access fixups [rhel-9.8.z] (JIRA:Rocky Linux-183317)
* rbd: eliminate a race in lock_dwork draining on unmap [rhel-9.8.z] (JIRA:Rocky Linux-183130)
Tenable has extracted the preceding description block directly from the RockyLinux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.redhat.com/show_bug.cgi?id=2460646
https://bugzilla.redhat.com/show_bug.cgi?id=2461503
https://bugzilla.redhat.com/show_bug.cgi?id=2464092
https://bugzilla.redhat.com/show_bug.cgi?id=2464502
https://bugzilla.redhat.com/show_bug.cgi?id=2467083
https://bugzilla.redhat.com/show_bug.cgi?id=2467215
https://bugzilla.redhat.com/show_bug.cgi?id=2468155
https://bugzilla.redhat.com/show_bug.cgi?id=2479492
https://bugzilla.redhat.com/show_bug.cgi?id=2481922
https://bugzilla.redhat.com/show_bug.cgi?id=2482181
https://bugzilla.redhat.com/show_bug.cgi?id=2482563
https://bugzilla.redhat.com/show_bug.cgi?id=2482576
https://bugzilla.redhat.com/show_bug.cgi?id=2482581
https://bugzilla.redhat.com/show_bug.cgi?id=2482608
https://bugzilla.redhat.com/show_bug.cgi?id=2482634
https://bugzilla.redhat.com/show_bug.cgi?id=2482645
Plugin Details
Severity: High
ID: 322776
File Name: rocky_linux_RLSA-2026-27789.nasl
Version: 1.1
Type: Local
Published: 6/25/2026
Updated: 6/25/2026
Supported Sensors: Continuous Assessment, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2026-43260
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:rocky:linux:kernel-rt-64k-debuginfo, p-cpe:/a:rocky:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:rocky:linux:kernel-debug-devel, p-cpe:/a:rocky:linux:kernel-rt-64k-core, p-cpe:/a:rocky:linux:kernel-rt-core, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-devel, p-cpe:/a:rocky:linux:python3-perf-debuginfo, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-modules-extra, p-cpe:/a:rocky:linux:kernel-debug-modules-extra, p-cpe:/a:rocky:linux:kernel-rt, p-cpe:/a:rocky:linux:kernel-abi-stablelists, p-cpe:/a:rocky:linux:kernel-modules, p-cpe:/a:rocky:linux:kernel-64k-modules, p-cpe:/a:rocky:linux:kernel-rt-debug, p-cpe:/a:rocky:linux:libperf, p-cpe:/a:rocky:linux:kernel-debuginfo, p-cpe:/a:rocky:linux:kernel-debug-modules, p-cpe:/a:rocky:linux:kernel-debug-core, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-core, p-cpe:/a:rocky:linux:kernel-rt-64k, p-cpe:/a:rocky:linux:kernel-rt-64k-debug, p-cpe:/a:rocky:linux:kernel-rt-64k-devel, p-cpe:/a:rocky:linux:kernel-debug, p-cpe:/a:rocky:linux:kernel-rt-debug-modules-extra, p-cpe:/a:rocky:linux:kernel-debug-devel-matched, p-cpe:/a:rocky:linux:kernel-uki-virt, cpe:/o:rocky:linux:9, p-cpe:/a:rocky:linux:kernel-tools, p-cpe:/a:rocky:linux:kernel-64k-devel-matched, p-cpe:/a:rocky:linux:kernel-rt-debug-devel, p-cpe:/a:rocky:linux:kernel-rt-devel, p-cpe:/a:rocky:linux:python3-perf, p-cpe:/a:rocky:linux:kernel-devel, p-cpe:/a:rocky:linux:kernel-rt-debuginfo, p-cpe:/a:rocky:linux:kernel, p-cpe:/a:rocky:linux:kernel-rt-debug-core, p-cpe:/a:rocky:linux:kernel-64k-debug-devel, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-debuginfo, p-cpe:/a:rocky:linux:kernel-64k-modules-extra, p-cpe:/a:rocky:linux:kernel-rt-64k-modules, p-cpe:/a:rocky:linux:kernel-rt-modules-core, p-cpe:/a:rocky:linux:kernel-rt-modules-extra, p-cpe:/a:rocky:linux:libperf-debuginfo, p-cpe:/a:rocky:linux:kernel-devel-matched, p-cpe:/a:rocky:linux:kernel-core, p-cpe:/a:rocky:linux:kernel-64k-debug-core, p-cpe:/a:rocky:linux:perf-debuginfo, p-cpe:/a:rocky:linux:kernel-debug-debuginfo, p-cpe:/a:rocky:linux:kernel-rt-debug-debuginfo, p-cpe:/a:rocky:linux:kernel-64k-debug-debuginfo, p-cpe:/a:rocky:linux:kernel-64k-devel, p-cpe:/a:rocky:linux:kernel-tools-debuginfo, p-cpe:/a:rocky:linux:perf, p-cpe:/a:rocky:linux:kernel-rt-debug-modules, p-cpe:/a:rocky:linux:kernel-rt-debug-modules-core, p-cpe:/a:rocky:linux:kernel-64k-modules-core, p-cpe:/a:rocky:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-modules, p-cpe:/a:rocky:linux:kernel-64k-core, p-cpe:/a:rocky:linux:kernel-64k-debug-modules, p-cpe:/a:rocky:linux:kernel-modules-core, p-cpe:/a:rocky:linux:kernel-modules-extra, p-cpe:/a:rocky:linux:rtla, p-cpe:/a:rocky:linux:kernel-rt-modules, p-cpe:/a:rocky:linux:kernel-tools-libs-devel, p-cpe:/a:rocky:linux:kernel-64k-debug-devel-matched, p-cpe:/a:rocky:linux:kernel-rt-64k-debug-modules-core, p-cpe:/a:rocky:linux:kernel-64k-debug, p-cpe:/a:rocky:linux:kernel-rt-64k-modules-extra, p-cpe:/a:rocky:linux:kernel-tools-libs, p-cpe:/a:rocky:linux:rv, p-cpe:/a:rocky:linux:kernel-uki-virt-addons, p-cpe:/a:rocky:linux:kernel-rt-64k-modules-core, p-cpe:/a:rocky:linux:kernel-debug-uki-virt, p-cpe:/a:rocky:linux:kernel-64k-debug-modules-extra, p-cpe:/a:rocky:linux:kernel-64k, p-cpe:/a:rocky:linux:kernel-64k-debuginfo, p-cpe:/a:rocky:linux:kernel-64k-debug-modules-core, p-cpe:/a:rocky:linux:kernel-debug-modules-core
Required KB Items: Host/local_checks_enabled, Host/RockyLinux/release, Host/RockyLinux/rpm-list, Host/cpu
Exploit Ease: No known exploits are available
Patch Publication Date: 6/25/2026
Vulnerability Publication Date: 3/12/2026
Reference Information
CVE: CVE-2026-31474, CVE-2026-31669, CVE-2026-31772, CVE-2026-31787, CVE-2026-43260, CVE-2026-43279, CVE-2026-43414, CVE-2026-45984, CVE-2026-46056, CVE-2026-46117, CVE-2026-46125, CVE-2026-46135, CVE-2026-46145, CVE-2026-46152, CVE-2026-46166, CVE-2026-46173, CVE-2026-46331