Linux Kernel Real-Time Update Fixes Security Flaws

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.3

Linux Kernel Real-Time Update Fixes Security Flaws

RLSA-2026:6036

Summary

Linux kernel updates fix security issues that could allow an attacker to take control of a system or disrupt network connections. This update is recommended for systems using the Real Time Linux Kernel, especially those with high determinism requirements. Install the update to ensure your system stays secure.

What to do

Update kernel-rt to version 0:4.18.0-553.115.1.rt7.456.el8_10.

Affected software

Vendor	Product	Affected versions	Fix available
–	kernel-rt	<= 0:4.18.0-553.115.1.rt7.456.el8_10	0:4.18.0-553.115.1.rt7.456.el8_10

Original title

Moderate: kernel-rt security update

Original description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem (CVE-2025-38180)

* kernel: macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209)

* kernel: net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

osv CVSS3.1 7.3

https://errata.rockylinux.org/RLSA-2026:6036 Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2376376 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2439900 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2439931 Third Party Advisory

Published: 7 Apr 2026 · Updated: 7 Apr 2026 · First seen: 7 Apr 2026