Alerts This Week
Warning Icon 1 401
Alerts This Week
Warning Icon 1 401

Oracle Linux 10 cockpit Critical Remote Code Execution VULN ELSA-2026-7383

oracle
Calendar Grey April 15, 2026
Oracle Linux Logo Esm H88
Oracle Linux updates warn of critical issues in cockpit allowing remote execution without authentication. Update immediately.
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

Summary

[344-3.0.1] - Storage: Enable btrfs support [Orabug: 37464632] - Replaced upstream urls in documentation with oracle links [Orabug: 36528753] - Drop subscription-manager-cockpit requirement for ol [Orabug: 34681110] - Remove duplicate reference to server in cockpit [Orabug: 34030494] - Update documentation links [Orabug: 30271413], [Orabug: 32013095], [Orabug: 32795691], [Orabug: 34398512], [Orabug: 34742876], [Orabug: 37253273] - Update spec file for new release [344-3] - correctly apply CVE patches (CVE-2026-4631) * Wed Mar 25 2026 Jelle van der Waa

SRPMs

http://oss.oracle.com/ol10/SRPMS-updates/cockpit-344-3.0.1.el10_1.src.rpm

x86_64

cockpit-344-3.0.1.el10_1.x86_64.rpm cockpit-bridge-344-3.0.1.el10_1.noarch.rpm cockpit-doc-344-3.0.1.el10_1.noarch.rpm cockpit-packagekit-344-3.0.1.el10_1.noarch.rpm cockpit-storaged-344-3.0.1.el10_1.noarch.rpm cockpit-system-344-3.0.1.el10_1.noarch.rpm cockpit-ws-344-3.0.1.el10_1.x86_64.rpm cockpit-ws-selinux-344-3.0.1.el10_1.x86_64.rpm

aarch64

cockpit-344-3.0.1.el10_1.aarch64.rpm cockpit-bridge-344-3.0.1.el10_1.noarch.rpm cockpit-doc-344-3.0.1.el10_1.noarch.rpm cockpit-packagekit-344-3.0.1.el10_1.noarch.rpm cockpit-storaged-344-3.0.1.el10_1.noarch.rpm cockpit-system-344-3.0.1.el10_1.noarch.rpm cockpit-ws-344-3.0.1.el10_1.aarch64.rpm cockpit-ws-selinux-344-3.0.1.el10_1.aarch64.rpm

Severity
critical
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-4631

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here