ALSA-2026:27354

[ALSA-2026:27354] Important: kernel-rt security, bug fix, and enhancement update

Type:

security

Severity:

important

Release date:

2026-06-22

Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.  

Security Fix(es):  

  * kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service (CVE-2026-31419)
  * kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation (CVE-2026-31488)
  * kernel: net: mana: fix use-after-free in add_adev() error path (CVE-2026-43056)
  * kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing (CVE-2026-43279)
  * kernel: net/sched: act_pedit: extend the writable skb range per key (CVE-2026-46331)
  * kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop (CVE-2026-46090)
  * kernel: RDMA/mana: Validate rx_hash_key_len (CVE-2026-46145)
  * kernel: nvmet-tcp: fix race between ICReq handling and queue teardown (CVE-2026-46135)


Bug Fix(es) and Enhancement(s):  

  * AlmaLinux8 RT kernel panic in replenish_dl_entity() caused by stale DEADLINE PI state during rt_mutex de-boosting (JIRA:AlmaLinux-178520)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
x86_64	kernel-rt-debug-4.18.0-553.136.1.rt7.477.el8_10.x86_64.rpm	287fdd5f860c628c249d0cd2386880cf015f7ff611940fa189217b660b58e604
x86_64	kernel-rt-core-4.18.0-553.136.1.rt7.477.el8_10.x86_64.rpm	381157786811d53d4152c4d7c8666f27ca4867cd33337fba92618d8352ce5b89
x86_64	kernel-rt-debug-core-4.18.0-553.136.1.rt7.477.el8_10.x86_64.rpm	8bd7573e17a68c08d3a01227450d35cb61b7aa332aaca59d4521e6f13fbb998d
x86_64	kernel-rt-devel-4.18.0-553.136.1.rt7.477.el8_10.x86_64.rpm	8c4ee4c5967b48d2bc64e1ae4ee53d171f558016a4984f33349304682128f40d
x86_64	kernel-rt-4.18.0-553.136.1.rt7.477.el8_10.x86_64.rpm	9b5ee3b7989ef9192c0ebbee2776972ebe3cde326c5ece585cbd8dbad2513a2a
x86_64	kernel-rt-debug-modules-4.18.0-553.136.1.rt7.477.el8_10.x86_64.rpm	bcfe01a64300c8a654f6ed649cdd78e3bd5938728a811898e8f3dd376e5f4972
x86_64	kernel-rt-modules-extra-4.18.0-553.136.1.rt7.477.el8_10.x86_64.rpm	bdc877fdbd9440b022ad7040cc74526b8bbc38d9a6bfb0f7f0315dfbf88c999b
x86_64	kernel-rt-debug-devel-4.18.0-553.136.1.rt7.477.el8_10.x86_64.rpm	d26dd791a2f604905fbd7be3a53c8139a75e784f777fcc6986443936bf3f16e8
x86_64	kernel-rt-debug-modules-extra-4.18.0-553.136.1.rt7.477.el8_10.x86_64.rpm	e6815438f87d366cf15af71a46a611bdee44f99522e20cd5fa461571c83a5024
x86_64	kernel-rt-modules-4.18.0-553.136.1.rt7.477.el8_10.x86_64.rpm	ed1db17d5c645a1411af5c47aad91d59092605b85ced8a8f2cdaa15bd68caa25

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.