RedHat Linux 核心多個漏洞

發佈日期: 2026年05月08日

風險: 中度風險

類型: 操作系統 - LINUX

於 RedHat Linux核心發現多個漏洞。遠端攻擊者可利用這些漏洞，於目標系統觸發阻斷服務狀況、權限提升及洩露敏感資料。

 

注意:

CVE-2026-31431 正在被廣泛利用。Copy Fail（CVE-2026-31431）是 Linux 核心中 authencesn 密碼學範本的一項邏輯漏洞。此漏洞可能使未具特權的本機使用者，對系統上任何可讀取檔案的頁面快取執行可控的四位元組寫入。對於自 2017 年起發佈的受影響 Linux 發行版而言，此問題可能導致本機權限提升，包括取得 root 權限。

---

影響

• 阻斷服務
• 權限提升
• 資料洩露

---

受影響之系統或技術

• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
• Red Hat CodeReady Linux Builder for ARM 64 10 aarch64
• Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x
• Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x
• Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x
• Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
• Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
• Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64
• Red Hat CodeReady Linux Builder for x86_64 8 x86_64
• Red Hat CodeReady Linux Builder for x86_64 9 x86_64
• Red Hat CodeReady Linux Builder for x86_64 10 x86_64
• Red Hat Enterprise Linux Server - AUS 8.4 x86_64
• Red Hat Enterprise Linux Server - AUS 8.6 x86_64
• Red Hat Enterprise Linux Server - AUS 9.2 x86_64
• Red Hat Enterprise Linux Server - AUS 9.4 x86_64
• Red Hat Enterprise Linux Server - AUS 9.6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x
• Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le
• Red Hat Enterprise Linux Server - TUS 8.6 x86_64
• Red Hat Enterprise Linux Server - TUS 8.8 x86_64
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
• Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64
• Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
• Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
• Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
• Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
• Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64
• Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64
• Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64
• Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
• Red Hat Enterprise Linux for ARM 64 8 aarch64
• Red Hat Enterprise Linux for ARM 64 9 aarch64
• Red Hat Enterprise Linux for ARM 64 10 aarch64
• Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x
• Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x
• Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
• Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
• Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
• Red Hat Enterprise Linux for IBM z Systems 8 s390x
• Red Hat Enterprise Linux for IBM z Systems 9 s390x
• Red Hat Enterprise Linux for IBM z Systems 10 s390x
• Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
• Red Hat Enterprise Linux for Power, little endian 8 ppc64le
• Red Hat Enterprise Linux for Power, little endian 9 ppc64le
• Red Hat Enterprise Linux for Power, little endian 10 ppc64le
• Red Hat Enterprise Linux for Real Time 8 x86_64
• Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
• Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7 x86_64
• Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
• Red Hat Enterprise Linux for x86_64 8 x86_64
• Red Hat Enterprise Linux for x86_64 9 x86_64
• Red Hat Enterprise Linux for x86_64 10 x86_64
• Red Hat OpenShift Container Platform 4.13 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.13 for RHEL 9 x86_64
• Red Hat OpenShift Container Platform 4.16 for RHEL 9 x86_64
• Red Hat OpenShift Container Platform 4.17 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.17 for RHEL 9 x86_64
• Red Hat OpenShift Container Platform 4.18 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.18 for RHEL 9 x86_64
• Red Hat OpenShift Container Platform 4.19 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.19 for RHEL 9 x86_64
• Red Hat OpenShift Container Platform 4.20 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.20 for RHEL 9 x86_64
• Red Hat OpenShift Container Platform 4.21 for RHEL 8 x86_64
• Red Hat OpenShift Container Platform 4.21 for RHEL 9 x86_64
• Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 8 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.13 for RHEL 9 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.16 for RHEL 9 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.17 for RHEL 8 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.17 for RHEL 9 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.18 for RHEL 8 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.18 for RHEL 9 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.19 for RHEL 8 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.19 for RHEL 9 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.20 for RHEL 8 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.20 for RHEL 9 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.21 for RHEL 8 aarch64
• Red Hat OpenShift Container Platform for ARM 64 4.21 for RHEL 9 aarch64
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 8 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.13 for RHEL 9 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.16 for RHEL 9 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.17 for RHEL 8 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.17 for RHEL 9 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.18 for RHEL 8 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.18 for RHEL 9 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.19 for RHEL 8 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.19 for RHEL 9 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.20 for RHEL 8 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.20 for RHEL 9 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.21 for RHEL 8 s390x
• Red Hat OpenShift Container Platform for IBM Z and LinuxONE 4.21 for RHEL 9 s390x
• Red Hat OpenShift Container Platform for Power 4.13 for RHEL 8 ppc64le
• Red Hat OpenShift Container Platform for Power 4.13 for RHEL 9 ppc64le
• Red Hat OpenShift Container Platform for Power 4.16 for RHEL 9 ppc64le
• Red Hat OpenShift Container Platform for Power 4.17 for RHEL 8 ppc64le
• Red Hat OpenShift Container Platform for Power 4.17 for RHEL 9 ppc64le
• Red Hat OpenShift Container Platform for Power 4.18 for RHEL 8 ppc64le
• Red Hat OpenShift Container Platform for Power 4.18 for RHEL 9 ppc64le
• Red Hat OpenShift Container Platform for Power 4.19 for RHEL 8 ppc64le
• Red Hat OpenShift Container Platform for Power 4.19 for RHEL 9 ppc64le
• Red Hat OpenShift Container Platform for Power 4.20 for RHEL 8 ppc64le
• Red Hat OpenShift Container Platform for Power 4.20 for RHEL 9 ppc64le
• Red Hat OpenShift Container Platform for Power 4.21 for RHEL 8 ppc64le
• Red Hat OpenShift Container Platform for Power 4.21 for RHEL 9 ppc64le

---

解決方案

在安裝軟體之前，請先瀏覽供應商之網站，以獲得更多詳細資料。

 

安裝供應商提供的修補程式：

• https://access.redhat.com/errata/RHSA-2026:13565
• https://access.redhat.com/errata/RHSA-2026:13566
• https://access.redhat.com/errata/RHSA-2026:13577
• https://access.redhat.com/errata/RHSA-2026:13578
• https://access.redhat.com/errata/RHSA-2026:13664
• https://access.redhat.com/errata/RHSA-2026:13681
• https://access.redhat.com/errata/RHSA-2026:13690
• https://access.redhat.com/errata/RHSA-2026:13727
• https://access.redhat.com/errata/RHSA-2026:13729
• https://access.redhat.com/errata/RHSA-2026:13734
• https://access.redhat.com/errata/RHSA-2026:13811
• https://access.redhat.com/errata/RHSA-2026:13862
• https://access.redhat.com/errata/RHSA-2026:13885
• https://access.redhat.com/errata/RHSA-2026:13887
• https://access.redhat.com/errata/RHSA-2026:13932
• https://access.redhat.com/errata/RHSA-2026:13936
• https://access.redhat.com/errata/RHSA-2026:14112
• https://access.redhat.com/errata/RHSA-2026:14137
• https://access.redhat.com/errata/RHSA-2026:14165
• https://access.redhat.com/errata/RHSA-2026:14230
• https://access.redhat.com/errata/RHSA-2026:14301
• https://access.redhat.com/errata/RHSA-2026:14339
• https://access.redhat.com/errata/RHSA-2026:14823
• https://access.redhat.com/errata/RHSA-2026:14869
• https://access.redhat.com/errata/RHSA-2026:14925
• https://access.redhat.com/errata/RHSA-2026:14926

---

漏洞識別碼

• CVE-2018-16885
• CVE-2024-41073
• CVE-2024-53216
• CVE-2025-37861
• CVE-2025-40240
• CVE-2025-40252
• CVE-2025-68724
• CVE-2025-68741
• CVE-2025-71238
• CVE-2026-23097
• CVE-2026-23136
• CVE-2026-23191
• CVE-2026-23193
• CVE-2026-23243
• CVE-2026-23270
• CVE-2026-23401
• CVE-2026-31402
• CVE-2026-31419
• CVE-2026-31431
• CVE-2026-31532
• CVE-2026-43077

---

資料來源

• Redhat

---

相關連結

• https://access.redhat.com/errata/RHSA-2026:13565
• https://access.redhat.com/errata/RHSA-2026:13566
• https://access.redhat.com/errata/RHSA-2026:13577
• https://access.redhat.com/errata/RHSA-2026:13578
• https://access.redhat.com/errata/RHSA-2026:13664
• https://access.redhat.com/errata/RHSA-2026:13681
• https://access.redhat.com/errata/RHSA-2026:13690
• https://access.redhat.com/errata/RHSA-2026:13727
• https://access.redhat.com/errata/RHSA-2026:13729
• https://access.redhat.com/errata/RHSA-2026:13734
• https://access.redhat.com/errata/RHSA-2026:13811
• https://access.redhat.com/errata/RHSA-2026:13862
• https://access.redhat.com/errata/RHSA-2026:13885
• https://access.redhat.com/errata/RHSA-2026:13887
• https://access.redhat.com/errata/RHSA-2026:13932
• https://access.redhat.com/errata/RHSA-2026:13936
• https://access.redhat.com/errata/RHSA-2026:14112
• https://access.redhat.com/errata/RHSA-2026:14137
• https://access.redhat.com/errata/RHSA-2026:14165
• https://access.redhat.com/errata/RHSA-2026:14230
• https://access.redhat.com/errata/RHSA-2026:14301
• https://access.redhat.com/errata/RHSA-2026:14339
• https://access.redhat.com/errata/RHSA-2026:14823
• https://access.redhat.com/errata/RHSA-2026:14869
• https://access.redhat.com/errata/RHSA-2026:14925
• https://access.redhat.com/errata/RHSA-2026:14926
• https://www.cisa.gov/news-events/alerts/2026/05/01/cisa-adds-one-known-exploited-vulnerability-catalog