VDB
RHSA-2026%3A19521
RHSA-2026%3A19521
PUBLISHED
CVSS 7.300000190734863 HIGH
A flaw was found in the Linux kernel's Remote Direct Memory Access (RDMA) subsystem, specifically within the `rxe` component. This use-after-free vulnerability occurs in the `rxe_create_cq` function. When the `rxe_cq_from_init` function fails, the subsequent call to `rxe_cleanup` attempts to free memory resources that have already been released, leading to memory corruption. A local attacker with high privileges could exploit this flaw to cause a denial of service or potentially achieve arbitrary code execution.
Risk Scores
CVSS 3.1
7.300000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | kernel-tools-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | python3-perf-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-modules-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-debug-core-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-modules-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | python3-perf-debuginfo-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-debuginfo-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-debug-modules-extra-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-0:4.18.0-477.143.1.el8_8.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-core-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-debug-devel-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-debug-modules-extra-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-tools-debuginfo-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | perf-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-modules-extra-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | perf-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-tools-libs-0:4.18.0-477.143.1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | kernel-debuginfo-common-x86_64-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8) | 4.18.0-477.143.1.el8 |
| Red Hat | bpftool-0:4.18.0-477.143.1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8) | 4.18.0-477.143.1.el8 |
…and 52 more
Timeline
- May 20, 2026 CVE Published
- May 26, 2026 CVE Updated
- May 26, 2026 Distribution Patch
- May 26, 2026 Distribution Patch
- May 26, 2026 Security Advisory
- May 26, 2026 Security Advisory
- May 26, 2026 Security Advisory
- May 26, 2026 Security Advisory
- May 26, 2026 Security Advisory
- May 26, 2026 Security Advisory
- May 26, 2026 Security Advisory
- May 26, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2026:19521 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2373354 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2439947 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2448594 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2453803 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2457829 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2461107 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2477015 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2477802 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_19521.json advisory
- https://access.redhat.com/security/cve/CVE-2025-38024 advisory
- https://www.cve.org/CVERecord?id=CVE-2025-38024 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-38024 advisory
- https://lore.kernel.org/linux-cve-announce/2025061847-CVE-2025-38024-2904@gregkh/T advisory
- https://access.redhat.com/security/cve/CVE-2026-23191 advisory
- https://www.cve.org/CVERecord?id=CVE-2026-23191 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-23191 advisory
- https://lore.kernel.org/linux-cve-announce/2026021433-CVE-2026-23191-f990@gregkh/T advisory
- https://access.redhat.com/security/cve/CVE-2026-23243 advisory
…and 25 more