Changeflow GovPing Data Privacy & Cybersecurity Red Hat Linux Kernel Multiple Vulnerabilities A...
Urgent Guidance Added Final

Red Hat Linux Kernel Multiple Vulnerabilities Alert

Favicon for www.cert.ssi.gouv.fr CERT-FR Security Advisories
Published
Detected
Email

Summary

CERT-FR issued an advisory alerting organizations to multiple kernel vulnerabilities in Red Hat Linux affecting numerous products across multiple architectures (x86_64, aarch64, s390x, ppc64le). The vulnerabilities expose affected systems to data confidentiality breaches, security policy bypass, remote denial of service, arbitrary code execution, and privilege escalation risks. Organizations running Red Hat Enterprise Linux, CodeReady Linux Builder, and related products must patch immediately.

View original document View source feed page

What changed

CERT-FR published advisory CERTFR-2026-AVI-0423 notifying organizations of multiple kernel vulnerabilities in Red Hat Linux products. The vulnerabilities affect numerous Red Hat Enterprise Linux and CodeReady Linux Builder variants across versions 8, 9, and 10 on x86_64, aarch64, s390x, and ppc64le architectures. The identified risks include data confidentiality breaches, security policy bypass, remote denial of service, arbitrary code execution, and local privilege escalation.

Organizations running affected Red Hat Linux systems face urgent remediation requirements. These vulnerabilities can enable attackers to execute arbitrary code with kernel privileges, compromise data confidentiality, cause system unavailability, or escalate privileges to root level. Critical infrastructure operators, government agencies, and enterprises using Red Hat Linux should prioritize immediate patching and system restarts to mitigate remote exploitation and privilege escalation risks.

What to do next

  1. Identify all running instances of affected Red Hat Linux products (Enterprise Linux, CodeReady Linux Builder) across all architectures
  2. Apply kernel security patches referenced in Red Hat security bulletins (RHSA-2026:6570 through RHSA-2026:7100) immediately
  3. Restart affected systems after applying kernel updates to complete remediation

Archived snapshot

Apr 10, 2026

GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.

Premier Ministre S.G.D.S.N

Agence nationale
de la sécurité des
systèmes d'information

Paris, le 10 avril 2026 N° CERTFR-2026-AVI-0423 Affaire suivie par: CERT-FR

Avis du CERT-FR

Objet: Multiples vulnérabilités dans le noyau Linux de Red Hat

Gestion du document

| Référence | CERTFR-2026-AVI-0423 |
| Titre | Multiples vulnérabilités dans le noyau Linux de Red Hat |
| Date de la première version | 10 avril 2026 |
| Date de la dernière version | 10 avril 2026 |
| Source(s) | Bulletin de sécurité Red Hat RHSA-2026:6570 du 06 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:6571 du 06 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:6572 du 06 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:6632 du 06 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:6692 du 06 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:6940 du 07 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:6948 du 08 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:6953 du 08 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:6954 du 08 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:6961 du 08 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:6986 du 08 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:7003 du 08 avril 2026
Bulletin de sécurité Red Hat RHSA-2026:7100 du 08 avril 2026 |
Une gestion de version détaillée se trouve à la fin de ce document.

Risques

  • Atteinte à la confidentialité des données
  • Contournement de la politique de sécurité
  • Déni de service à distance
  • Exécution de code arbitraire
  • Élévation de privilèges

Systèmes affectés

  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 10 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x
  • Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
  • Red Hat CodeReady Linux Builder for x8664 - Extended Update Support 10.0 x8664
  • Red Hat CodeReady Linux Builder for x8664 - Extended Update Support 9.6 x8664
  • Red Hat CodeReady Linux Builder for x8664 10 x8664
  • Red Hat CodeReady Linux Builder for x8664 8 x8664
  • Red Hat CodeReady Linux Builder for x8664 9 x8664
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 10 aarch64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems 10 s390x
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian 10 ppc64le
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
  • Red Hat Enterprise Linux for x8664 - 4 years of updates 10.0 x8664
  • Red Hat Enterprise Linux for x8664 - Extended Life Cycle 8.10 x8664
  • Red Hat Enterprise Linux for x8664 - Extended Life Cycle 9.2 x8664
  • Red Hat Enterprise Linux for x8664 - Extended Life Cycle 9.6 x8664
  • Red Hat Enterprise Linux for x8664 - Extended Update Support 10.0 x8664
  • Red Hat Enterprise Linux for x8664 - Extended Update Support 9.6 x8664
  • Red Hat Enterprise Linux for x8664 - Extended Update Support Extension 8.4 x8664
  • Red Hat Enterprise Linux for x8664 - Extended Update Support Extension 8.6 x8664
  • Red Hat Enterprise Linux for x8664 - Extended Update Support Extension 8.8 x8664
  • Red Hat Enterprise Linux for x8664 - Update Services for SAP Solutions 8.6 x8664
  • Red Hat Enterprise Linux for x8664 - Update Services for SAP Solutions 8.8 x8664
  • Red Hat Enterprise Linux for x8664 - Update Services for SAP Solutions 9.0 x8664
  • Red Hat Enterprise Linux for x8664 - Update Services for SAP Solutions 9.2 x8664
  • Red Hat Enterprise Linux for x8664 - Update Services for SAP Solutions 9.6 x8664
  • Red Hat Enterprise Linux for x8664 10 x8664
  • Red Hat Enterprise Linux for x8664 8 x8664
  • Red Hat Enterprise Linux for x8664 9 x8664
  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le

Résumé

De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Documentation

Gestion détaillée du document

  1. le 10 avril 2026 Version initiale

Named provisions

Gestion du document Risques Systèmes affectés

Related changes

Favicon for www.cert.ssi.gouv.fr Multiple Ubuntu Linux Kernel Vulnerabilities Allow Privilege Escalation
Priority review Apr 10, 2026 CERT-FR Security Advisories Data Privacy & Cybersecurity
Favicon for www.cert.ssi.gouv.fr Multiple Windows Vulnerabilities Enable Code Execution, Privilege Escalation
Urgent Apr 15, 2026 CERT-FR Security Advisories Data Privacy & Cybersecurity
Favicon for www.cert.ssi.gouv.fr Multiple Microsoft Office Vulnerabilities Allow Remote Code Execution, Data Breach
Priority review Apr 15, 2026 CERT-FR Security Advisories Data Privacy & Cybersecurity

Get daily alerts for CERT-FR Security Advisories

Daily digest delivered to your inbox.

Free. Unsubscribe anytime.

Source

Favicon for www.cert.ssi.gouv.fr
CERT-FR Security Advisories cert.ssi.gouv.fr/avis
Data Privacy & Cybersecurity

About this page

What is GovPing?

Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission

What's from the agency?

Source document text, dates, docket IDs, and authority are extracted directly from CERT-FR.

What's AI-generated?

The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.

Last updated

Press inquiries →

Classification

Agency
CERT-FR
Published
April 10th, 2026
Instrument
Guidance
Legal weight
Non-binding
Stage
Final
Change scope
Substantive
Document ID
CERTFR-2026-AVI-0423

Who this affects

Applies to
Technology companies Government agencies
Industry sector
5112 Software & Technology
Activity scope
Vulnerability remediation Security patching System updates
Geographic scope
France FR

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Compliance frameworks
NIST CSF
Topics
Data Privacy Software & Technology

Browse Categories

Agriculture & Food Safety 64 AI Regulation 3 Banking & Finance 292 Consumer Protection 46 Courts & Legal 361 Data Privacy & Cybersecurity 76 Defense & National Security 51 Education 22 Energy 100 Environment 86 Environmental & Energy 10 Environmental Regulation 7 Financial Regulation 2 Government & Legislation 279 Government Operations 4 Healthcare 136 Healthcare & Life Sciences 3 Housing 16 Immigration 8 Immigration & Border Control 1 Insurance 58 Labor & Employment 113 Legal & Judicial 8 Pharma & Drug Safety 104 Public Health 2 Real Estate & Housing 3 Sanctions & Export Controls 1 Securities & Markets 103 Securities Regulation 6 Tax 65 Telecom & Technology 47 Trade & Commerce 2 Trade & Sanctions 135 Transportation 59

Get alerts for this source

We'll email you when CERT-FR Security Advisories publishes new changes.

Free. Unsubscribe anytime.

You're subscribed!