Changeflow GovPing Data Privacy & Cybersecurity Red Hat Linux Kernel Vulnerabilities
Priority review Notice Added Final

Red Hat Linux Kernel Vulnerabilities

Favicon for www.cert.ssi.gouv.fr CERT-FR Security Advisories
Published March 27th, 2026
Detected March 27th, 2026
Email

Summary

The French National Cybersecurity Agency (ANSSI) has issued a security advisory regarding multiple vulnerabilities in the Red Hat Linux kernel. These vulnerabilities could lead to data integrity and confidentiality breaches, denial of service, and arbitrary code execution.

View original document View source feed page

What changed

The Agence nationale de la sécurité des systèmes d'information (ANSSI) has published an advisory detailing numerous vulnerabilities affecting various versions of the Red Hat Enterprise Linux kernel. These issues, identified in Red Hat security bulletins (RHSA-2026:5197 through RHSA-2026:5821), pose significant risks including data integrity and confidentiality compromise, security policy bypass, denial of service, arbitrary code execution, and privilege escalation.

Organizations utilizing the affected Red Hat Linux distributions are strongly advised to review the specific Red Hat security bulletins referenced in the advisory and apply the necessary patches and updates immediately. Failure to address these vulnerabilities could expose systems to severe security breaches, leading to operational disruption and potential data loss or theft. The advisory itself is informational, but the underlying Red Hat advisories contain critical patching information.

What to do next

  1. Review Red Hat security bulletins RHSA-2026:5197 through RHSA-2026:5821
  2. Apply all relevant security patches and updates to affected Red Hat Linux systems
  3. Monitor systems for any signs of compromise

Source document (simplified)

Premier Ministre S.G.D.S.N

Agence nationale
de la sécurité des
systèmes d'information

Paris, le 27 mars 2026 N° CERTFR-2026-AVI-0370 Affaire suivie par: CERT-FR

Avis du CERT-FR

Objet: Multiples vulnérabilités dans le noyau Linux de Red Hat

Gestion du document

| Référence | CERTFR-2026-AVI-0370 |
| Titre | Multiples vulnérabilités dans le noyau Linux de Red Hat |
| Date de la première version | 27 mars 2026 |
| Date de la dernière version | 27 mars 2026 |
| Source(s) | Bulletin de sécurité Red Hat RHSA-2026:5197 du 23 mars 2026
Bulletin de sécurité Red Hat RHSA-2026:5689 du 25 mars 2026
Bulletin de sécurité Red Hat RHSA-2026:5690 du 25 mars 2026
Bulletin de sécurité Red Hat RHSA-2026:5691 du 25 mars 2026
Bulletin de sécurité Red Hat RHSA-2026:5693 du 25 mars 2026
Bulletin de sécurité Red Hat RHSA-2026:5727 du 25 mars 2026
Bulletin de sécurité Red Hat RHSA-2026:5732 du 25 mars 2026
Bulletin de sécurité Red Hat RHSA-2026:5813 du 25 mars 2026
Bulletin de sécurité Red Hat RHSA-2026:5821 du 25 mars 2026 |
Une gestion de version détaillée se trouve à la fin de ce document.

Risques

  • Atteinte à l'intégrité des données
  • Atteinte à la confidentialité des données
  • Contournement de la politique de sécurité
  • Déni de service
  • Exécution de code arbitraire
  • Non spécifié par l'éditeur
  • Élévation de privilèges

Systèmes affectés

  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat CodeReady Linux Builder for x8664 - Extended Update Support 9.6 x8664
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for x8664 - Extended Update Support 9.6 x8664
  • Red Hat Enterprise Linux for x8664 - Extended Update Support Extension 8.4 x8664
  • Red Hat Enterprise Linux for x8664 - Extended Update Support Extension 8.6 x8664
  • Red Hat Enterprise Linux for x8664 - Extended Update Support Extension 8.8 x8664
  • Red Hat Enterprise Linux for x8664 - Update Services for SAP Solutions 8.6 x8664
  • Red Hat Enterprise Linux for x8664 - Update Services for SAP Solutions 8.8 x8664
  • Red Hat Enterprise Linux for x8664 - Update Services for SAP Solutions 9.0 x8664
  • Red Hat Enterprise Linux for x8664 - Update Services for SAP Solutions 9.2 x8664
  • Red Hat Enterprise Linux for x8664 - Update Services for SAP Solutions 9.6 x8664
  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le

Résumé

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Documentation

Gestion détaillée du document

  1. le 27 mars 2026 Version initiale

Related changes

Favicon for www.cert.ssi.gouv.fr Symantec DLP Privilege Escalation Vulnerability
Priority review Mar 31, 2026 CERT-FR Security Advisories Data Privacy & Cybersecurity
Favicon for www.cert.ssi.gouv.fr Elastic OpenTelemetry Java Remote Code Execution Vulnerability
Urgent Mar 31, 2026 CERT-FR Security Advisories Data Privacy & Cybersecurity
Favicon for www.cert.ssi.gouv.fr Papercut Vulnerabilities Expose Data Confidentiality, Enable Remote XSS
Priority review Mar 31, 2026 CERT-FR Security Advisories Data Privacy & Cybersecurity
Favicon for changeflow.com Cyber vulnerability assessment and remedy identification patent
Routine Mar 31, 2026 ChangeBridge: Patent Grants - Business Methods (G06Q) Banking & Finance
Favicon for wid.cert-bund.de IBM App Connect Enterprise Multiple DoS Vulnerabilities
Priority review Mar 31, 2026 CERT-Bund Security Advisories Data Privacy & Cybersecurity
Favicon for wid.cert-bund.de Kyocera Printer Critical Vulnerabilities CVSS 9.8 Remote Attack
Urgent Mar 31, 2026 CERT-Bund Security Advisories Data Privacy & Cybersecurity

Source

Favicon for www.cert.ssi.gouv.fr
CERT-FR Security Advisories cert.ssi.gouv.fr/avis
Data Privacy & Cybersecurity
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
ANSSI
Published
March 27th, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Substantive
Document ID
CERTFR-2026-AVI-0370

Who this affects

Industry sector
5182 Data Processing & Hosting 5170 Telecommunications 9211 Government & Public Administration
Activity scope
Vulnerability Management System Patching
Geographic scope
France FR

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Compliance frameworks
NIST CSF
Topics
Vulnerability Management Operating Systems

Browse Categories

Agriculture & Food Safety 63 AI Regulation 3 Banking & Finance 266 Consumer & Competition 1 Consumer Protection 44 Courts & Legal 360 Data Privacy & Cybersecurity 74 Defense & National Security 52 Education 20 Energy 107 Environment 85 Government & Legislation 285 Healthcare 136 Housing 16 Immigration 9 Insurance 58 Labor & Employment 114 Legal & Courts 1 Pharma & Drug Safety 103 Securities & Markets 104 Tax 65 Tax & Revenue 1 Telecom & Technology 47 Trade & Sanctions 124 Transportation 57

Get Data Privacy & Cybersecurity alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when CERT-FR Security Advisories publishes new changes.

Optional. Personalizes your daily digest.

Free. Unsubscribe anytime.