Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Fedora 38.0 Core Security Alert on Threat Exposure SSA-2023-789-01

slackware
Calendar Grey May 2, 2026
Dist Slackware Esm H88
Important Slackware kernel update resolves severe out-of-bounds security flaw that could potentially compromise system integrity and safety
New kernel packages are available for Slackware 15.0 and -current to fix a security issue.

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/linux-5.15.204/kernel-generic-5.15.204-i586-1.txz: Upgraded. This update fixes a critical security issue: An out-of-bounds write in the userspace interface for AEAD cipher algorithms may be leveraged to get a root shell through a setuid binary. While the proof of concepts for this have so far targeted different program versions than Slackware uses, there's nothing preventing anyone from targeting one a setuid binary that we use. Mitigation: If for some reason it's not possible to upgrade the kernel right away, since we use CONFIG_CRYPTO_USER_API_AEAD=m you may blacklist or remove the algif_aead.ko kernel module to prevent the exploit. For more information, see: https://copy.fail/ https://www.cve.org/CVERecord?id=CVE-2026-31431 (* Security fix *) patches/packages/linux-5.15.204/kernel-generic-smp-5.15.204_smp-i686-1.txz: Upgraded. This update fixes a critical security issue:

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory critical exploit slackware kernel out-of-bounds

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.204/kernel-generic-5.15.204-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.204/kernel-generic-smp-5.15.204_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.204/kernel-headers-5.15.204_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.204/kernel-huge-5.15.204-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.204/kernel-huge-smp-5.15.204_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.204/kernel-modules-5.15.204-i...

Read the Full Advisory

MD5 Signatures

Slackware 15.0 packages: 84d144deb4c8768ec74c590ca0f41142 kernel-generic-5.15.204-i586-1.txz cbbf7ece16f1aa1d953d30f4c59ea74c kernel-generic-smp-5.15.204_smp-i686-1.txz 843ff19489918252ca0ce37a0294d69b kernel-headers-5.15.204_smp-x86-1.txz f48c63ad3496e024c2203fdbe25de26c kernel-huge-5.15.204-i586-1.txz 0bb79df746dd6bf5853941ee08465a30 kernel-huge-smp-5.15.204_smp-i686-1.txz 58fc5c7fecf49667716fd51bdbe09597 kernel-modules-5.15.204-i586-1.txz bfc0fb5bff4e8bd71b3e4fc2b5597137 kernel-modules-smp-5.15.204_smp-i686-1.txz 4b0ecf18b8edf559e49f6d025b4a98ac kernel-source-5.15.204_smp-noarch-1.txz
Slackware x86_64 15.0 packages: 4cebb486fe97259af7f71fa720a10edc kernel-generic-5.15.204-x86_64-1.txz 80e5afbacc559e7ea586fb59d2c780d1 kernel-headers-5.15.204-x86-1.txz b273f304058eadab1926f9214a824d27 kernel-huge-5.15.204-x86_64-1.txz c80e7d6f6f30a72ea427b3966dc58a48 kernel-modules-5.15.204-x86_64-1.txz 614f6de83a2622eeedf5997dc55890c2 kernel-source-5.15.204-noarch-1.txz
Slackware -current packages: f9aa17dc7ef6eb79718dcac551956f74 kernel-firmware-20260429_56a13f9-noarch-1.txz a2bdfc40b47e9665673f294550849fef kernel-generic-6.12.85-i686-1.txz 3665455c14d5e64f2516752e6474773f kernel-headers-6.12.85-x86-1.txz 730d98bc6528159c7fb8216b614f6fe5 kernel-source-6.12.85-noarch-1.txz 84debcb1df57c080ac5fedde2af10e72 kernel-generic-6.18.26-i686-1.txz fa85205317e20d28f416b074772885d3 kernel-headers-6.18.26-x86-1.txz 59d09e799be2eb791ae7689b533b0d5b kernel-source-6.18.26-noarch-1.txz 5e22fa32b7a3e2963d79a8b7f3ac0f99 kernel-generic-7.0.3-i686-1.txz 9a00439fa5e47f2776247c19ac499319 kernel-headers-7.0.3-x86-1.txz ffc536e77878cd6d1c881ad40b2d13fc kernel-source-7.0.3-noarch-1.txz
Slackware x86_64 -current packages: f9aa17dc7ef6eb79718dcac551956f74 kernel-firmware-20260429_56a13f9-noarch-1.txz 4c7762cb7f258b247dfc6f394f4bdde0 kernel-generic-6.18.26-x86_64-1.txz 12d0b057c87c4d3af6c202205d0c5776 kernel-headers-6.18.26-x86-1.txz d51c3e4d093fe4f9a290c4117c62239e kernel-source-6.18.26-noarch-1.txz 77ba107837a9b2f93372f7c4f1127316 kernel-generic-7.0.3-x86_64-1.txz 99e73f6412f218050cc38ada7eb13c7e kernel-headers-7.0.3-x86-1.txz 5c1e50da16dd02816256dbd9d356bb49 kernel-source-7.0.3-noarch-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical exploit slackware kernel out-of-bounds

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg kernel-*.txz If you are using an initrd, you'll need to rebuild it. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 15.0): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 5.15.204-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 15.0): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 5.15.204 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 5.15.204-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 5.15.204 as the version. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition.

Related News

Your message here