Fixed a CORS bug that leaked the anti-CSRF nonce. (#8938) Fixed a use-after-free bug in peer code. (#8921) Fixed build error when compiling with fmt 12.2.0. (#8942) Fix qt icon. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0ed2011b62 2026-07-02 01:07:29.332055+00:00 -------------------------------------------------------------------------------- Name : transmission Product : Fedora 43 Version : 4.1.3 Release : 1.fc43 URL : http://www.transmissionbt.com Summary : A lightweight GTK+ BitTorrent client Description : Transmission is a free, lightweight BitTorrent client. It features a simple, intuitive interface on top on an efficient, cross-platform back-end. -------------------------------------------------------------------------------- Update Information: Fixed a CORS bug that leaked the anti-CSRF nonce. (#8938) Fixed a use-after-free bug in peer code. (#8921) Fixed build error when compiling with fmt 12.2.0. (#8942) Fix qt icon -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 30 2026 Gwyn Ciesla - 4.1.3-1 - 4.1.3 * Sat Jun 20 2026 Ryan Nosurname - 4.1.2-3 - Remove unnecessary Qt icon rename * Fri Jun 12 2026 Yaakov Selkowitz - 4.1.2-2 - Rebuilt for openssl 4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2447219 - transmission-qt has no icon https://bugzilla.redhat.com/show_bug.cgi?id=2447219 [ 2 ] Bug #2494743 - transmission-4.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2494743 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0ed2011b62' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Security update resolving 22 CVEs across both caddy itself and its vendored libraries.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3dc324bd9a 2026-07-02 01:07:29.332017+00:00 -------------------------------------------------------------------------------- Name : caddy Product : Fedora 43 Version : 2.10.2 Release : 9.fc43 URL : https://caddyserver.com Summary : Web server with automatic HTTPS Description : Caddy is an extensible server platform that uses TLS by default. -------------------------------------------------------------------------------- Update Information: Security update resolving 22 CVEs across both caddy itself and its vendored libraries. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2026 Carl George - 2.10.2-9 - Port to new golang packaging guidelines - Backport upstream fix for CVE-2026-27585 - Backport upstream fix for CVE-2026-27586 - Backport upstream fix for CVE-2026-27587 - Backport upstream fix for CVE-2026-27588 - Backport upstream fix for CVE-2026-27589 - Backport upstream fix for CVE-2026-27590 - Backport upstream fix for CVE-2026-30851 - Backport upstream fix for CVE-2026-30852 - Update vendored github.com/quic-go/quic-go to v0.57.0 for CVE-2025-64702 - Update vendored golang.org/x/crypto to v0.52.0 for CVE-2025-47913, CVE-2026-39828, CVE-2026-39829, and CVE-2026-39830 - Update vendored github.com/smallstep/certificates to v0.30.0 for CVE-2025-44005 and CVE-2026-40097 - Update vendored github.com/go-chi/chi/v5 to v5.2.5 for CVE-2025-69725 - Update vendored github.com/yuin/goldmark/renderer/html to v1.7.17 for CVE-2026-5160 * Mon Feb 2 2026 Maxwell G - 2.10.2-5 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Fri Jan 16 2026 Fedora Release Engineering - 2.10.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 2.10.2-3 -Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Oct 10 2025 Alejandro Sáez - 2.10.2-2 - rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2488094 - CVE-2026-30851 caddy: Caddy: Privilege escalation via identity injection due to unstripped client headers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488094 [ 2 ] Bug #2488095 - CVE-2026-30852 caddy: Caddy: Information disclosure via double-expansion of user-controlled input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488095 [ 3 ] Bug #2488141 - CVE-2026-40097 caddy: Step CA: Denial of Service via crafted attestation key certificate [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488141 [ 4 ] Bug #2488502 - CVE-2026-27585 caddy: Caddy: Path security bypass due to unsanitized backslashes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488502 [ 5 ] Bug #2488503 - CVE-2026-27586 caddy: Caddy: Authentication bypass via mTLS client certificate validation failure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488503 [ 6 ] Bug #2488514 - CVE-2026-27587 caddy: Caddy: Access control bypass due to improper handling of percent-escape sequences in HTTP path matcher [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488514 [ 7 ] Bug #2488516 - CVE-2026-27588 caddy: Caddy: Access control bypass due to case-sensitive host matching [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488516 [ 8 ] Bug #2488517 - CVE-2026-27589 caddy: Caddy: Unauthorized configuration modification via cross-origin requests to the admin API [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488517 [ 9 ] Bug #2488518 - CVE-2026-27590 caddy: Caddy: Remote Code Execution via FastCGI path confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488518 [ 10 ] Bug #2488572 - CVE-2025-47910 caddy: CrossOriginProtection bypass in net/http[fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2488572 [ 11 ] Bug #2488575 - CVE-2025-58185 caddy: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2488575 [ 12 ] Bug #2488578 - CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2488578 [ 13 ] Bug #2488580 - CVE-2025-58189 caddy: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2488580 [ 14 ] Bug #2488582 - CVE-2025-61723 caddy: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2488582 [ 15 ] Bug #2488661 - CVE-2025-64702 caddy: quic-go HTTP/3 QPACK Header Expansion DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488661 [ 16 ] Bug #2488663 - CVE-2025-47913 caddy: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488663 [ 17 ] Bug #2488665 - CVE-2025-44005 caddy: github.com/smallstep/certificates: Authorization bypass allows unauthorized certificate creation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488665 [ 18 ] Bug #2488666 - CVE-2025-69725 caddy: Go-chi/chi: Open Redirect vulnerability allows redirection to malicious websites [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488666 [ 19 ] Bug #2488667 - CVE-2026-5160 caddy: github.com/yuin/goldmark/renderer/html: Cross-site Scripting due to improper URL validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488667 [ 20 ] Bug #2489962 - CVE-2026-39828 caddy: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2489962 [ 21 ] Bug #2490067 -CVE-2026-39829 caddy: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490067 [ 22 ] Bug #2490486 - CVE-2026-39830 caddy: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490486 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3dc324bd9a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fedora 43 security advisory updating Caddy addressing 22 CVEs with critical risks including DoS and information leaks.. Fedora 43, security advisory, Caddy update, CVE patching, web server security. . LinuxSecurity.com Team
Update! Close Go standard library CVE bugs that are solved by a rebuild. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-32113d4817 2026-07-02 01:07:29.331944+00:00 -------------------------------------------------------------------------------- Name : hut Product : Fedora 43 Version : 0.8.0 Release : 1.fc43 URL : https://git.sr.ht/~xenrox/hut Summary : A CLI tool for Sourcehut Description : hut is a CLI tool for interacting with Sourcehut instances. It supports git.sr.ht as well as self-hosted Sourcehut instances. -------------------------------------------------------------------------------- Update Information: Update! Close Go standard library CVE bugs that are solved by a rebuild -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2026 Javier Olaechea - 0.8.0-1 - Update to 0.8.0. Fixes rhbz#2451702. * Tue Feb 3 2026 Maxwell G - 0.7.0-4 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Fri Jan 16 2026 Fedora Release Engineering - 0.7.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Oct 10 2025 Alejandro Sáez - 0.7.0-2 - rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2408304 - CVE-2025-58189 hut: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408304 [ 2 ] Bug #2408723 - CVE-2025-61725 hut: Excessive CPU consumption in ParseAddress in net/mail [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408723 [ 3 ] Bug #2409777 - CVE-2025-61723 hut: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409777 [ 4 ] Bug #2410727 - CVE-2025-58185 hut: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410727 [ 5 ] Bug #2411623 - CVE-2025-58188 hut: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2411623 [ 6 ] Bug #2412711 - CVE-2025-58183 hut: Unbounded allocation when parsing GNU sparse map [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2412711 [ 7 ] Bug #2451702 - hut-0.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2451702 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-32113d4817' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update for hut on Fedora 43 addresses critical CVE issues to enhance security and performance.. Fedora updates, hut tool, CLI Sourcehut, CVE fixes. . LinuxSecurity.com Team
0.9.34 - security fix for CVE-2026-27145. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-00901a5e8f 2026-07-02 01:05:29.984014+00:00 -------------------------------------------------------------------------------- Name : ipp-usb Product : Fedora 44 Version : 0.9.34 Release : 2.fc44 URL : https://github.com/OpenPrinting/ipp-usb Summary : HTTP reverse proxy, backed by IPP-over-USB connection to device Description : HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol. -------------------------------------------------------------------------------- Update Information: 0.9.34 - security fix for CVE-2026-27145 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 30 2026 Zdenek Dohnal - 0.9.34-2 - ipp-usb-0.9.34 is available (fedora#2463247, fedora#2484207, fedora#2494316) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2484207 - CVE-2026-27145 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries https://bugzilla.redhat.com/show_bug.cgi?id=2484207 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-00901a5e8f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Security update resolving 17 CVEs across both caddy itself and its vendored libraries.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-950cac64f2 2026-07-02 01:05:29.983957+00:00 -------------------------------------------------------------------------------- Name : caddy Product : Fedora 44 Version : 2.10.2 Release : 9.fc44 URL : https://caddyserver.com Summary : Web server with automatic HTTPS Description : Caddy is an extensible server platform that uses TLS by default. -------------------------------------------------------------------------------- Update Information: Security update resolving 17 CVEs across both caddy itself and its vendored libraries. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2026 Carl George - 2.10.2-9 - Port to new golang packaging guidelines - Backport upstream fix for CVE-2026-27585 - Backport upstream fix for CVE-2026-27586 - Backport upstream fix for CVE-2026-27587 - Backport upstream fix for CVE-2026-27588 - Backport upstream fix for CVE-2026-27589 - Backport upstream fix for CVE-2026-27590 - Backport upstream fix for CVE-2026-30851 - Backport upstream fix for CVE-2026-30852 - Update vendored github.com/quic-go/quic-go to v0.57.0 for CVE-2025-64702 - Update vendored golang.org/x/crypto to v0.52.0 for CVE-2025-47913, CVE-2026-39828, CVE-2026-39829, and CVE-2026-39830 - Update vendored github.com/smallstep/certificates to v0.30.0 for CVE-2025-44005 and CVE-2026-40097 - Update vendored github.com/go-chi/chi/v5 to v5.2.5 for CVE-2025-69725 - Update vendored github.com/yuin/goldmark/renderer/html to v1.7.17 for CVE-2026-5160 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2488094 - CVE-2026-30851 caddy: Caddy: Privilege escalation via identity injection due to unstripped client headers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488094 [ 2 ] Bug #2488095 - CVE-2026-30852 caddy: Caddy: Information disclosure via double-expansion of user-controlled input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488095 [ 3 ] Bug #2488141 - CVE-2026-40097 caddy: Step CA: Denial of Service via crafted attestation key certificate [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488141 [ 4 ] Bug #2488502 - CVE-2026-27585 caddy: Caddy: Path security bypass due to unsanitized backslashes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488502 [ 5 ] Bug #2488503 - CVE-2026-27586 caddy: Caddy: Authentication bypass via mTLS client certificate validation failure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488503 [ 6 ] Bug #2488514 - CVE-2026-27587 caddy: Caddy: Access control bypass due to improper handling of percent-escape sequences in HTTP path matcher [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488514 [ 7 ] Bug #2488516 - CVE-2026-27588 caddy: Caddy: Access control bypass due to case-sensitive host matching [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488516 [ 8 ] Bug #2488517 - CVE-2026-27589 caddy: Caddy: Unauthorized configuration modification via cross-origin requests to the admin API [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488517 [ 9 ] Bug #2488518 - CVE-2026-27590 caddy: Caddy: Remote Code Execution via FastCGI path confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488518 [ 10 ] Bug #2488661 - CVE-2025-64702 caddy: quic-go HTTP/3 QPACK Header Expansion DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488661 [ 11 ] Bug #2488663 - CVE-2025-47913 caddy: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488663 [ 12 ] Bug #2488665 - CVE-2025-44005 caddy:github.com/smallstep/certificates: Authorization bypass allows unauthorized certificate creation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488665 [ 13 ] Bug #2488666 - CVE-2025-69725 caddy: Go-chi/chi: Open Redirect vulnerability allows redirection to malicious websites [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488666 [ 14 ] Bug #2488667 - CVE-2026-5160 caddy: github.com/yuin/goldmark/renderer/html: Cross-site Scripting due to improper URL validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488667 [ 15 ] Bug #2489962 - CVE-2026-39828 caddy: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2489962 [ 16 ] Bug #2490067 - CVE-2026-39829 caddy: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490067 [ 17 ] Bug #2490486 - CVE-2026-39830 caddy: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490486 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-950cac64f2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Update to 1.74.3. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6145ae14ca 2026-07-02 01:05:29.983954+00:00 -------------------------------------------------------------------------------- Name : rclone Product : Fedora 44 Version : 1.74.3 Release : 1.fc44 URL : https://github.com/rclone/rclone Summary : Rsync for cloud storage Description : "rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files. -------------------------------------------------------------------------------- Update Information: Update to 1.74.3 -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 6 2026 Packit - 1.74.3-1 - Update to 1.74.3 upstream release - Resolves: rhbz#2485621 * Sat May 23 2026 Packit - 1.74.2-1 - Update to 1.74.2 upstream release - Resolves: rhbz#2468412 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2486295 - CVE-2026-45287 rclone: OpenTelemetry-Go: Denial of Service due to file descriptor leak [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2486295 [ 2 ] Bug #2489905 - CVE-2026-39828 rclone: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2489905 [ 3 ] Bug #2490091 - CVE-2026-39829 rclone: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490091 [ 4 ] Bug #2490402 - CVE-2026-39830 rclone: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490402 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6145ae14ca' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8493-1 July 01, 2026 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-5.15, linux-azure-fde-5.15, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-fips: Linux kernel with FIPS - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with FIPS - linux-gke: Linux kernel for Google Container Engine (GKE) systems - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-intel-iot-realtime: Linux kernel for Intel IoT Real-time platforms - linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-nvidia: Linux kernel for NVIDIA systems - linux-nvidia-tegra: Linux kernel for NVIDIA Tegra systems - linux-nvidia-tegra-igx: Linux kernel for NVIDIA Tegra IGX systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-realtime: Linux kernel for Real-time systems - linux-aws-5.15: Linux kernel for Amazon WebServices (AWS) systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems - linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems - linux-hwe-5.15: Linux hardware enablement (HWE) kernel - linux-ibm-5.15: Linux kernel for IBM cloud systems - linux-lowlatency-hwe-5.15: Linux low latency kernel - linux-nvidia-tegra-5.15: Linux kernel for NVIDIA Tegra systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; - STMicroelectronics network drivers; - NVME drivers; - x86 platform drivers; - SCSI subsystem; - SPI subsystem; - TCM subsystem; - USB over IP driver; - File systems infrastructure; - HFS+ file system; - Network file system (NFS) server daemon; - SMB network file system; - IPv6 networking; - Tracing infrastructure; - Timer subsystem; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Ceph Core library; - IPv4 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - RxRPC session sockets; - SMC sockets; - Sun RPC protocol; - X.25 network layer; - AMD SoC Alsa drivers; - KVM subsystem; (CVE-2022-48816, CVE-2023-53673, CVE-2025-37778, CVE-2025-37822, CVE-2025-37924, CVE-2025-38201, CVE-2025-40082, CVE-2025-68214, CVE-2025-68263, CVE-2025-71089, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224, CVE-2026-23176, CVE-2026-23180, CVE-2026-23182, CVE-2026-23190, CVE-2026-23193, CVE-2026-23198, CVE-2026-23202, CVE-2026-23206, CVE-2026-23216, CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23262, CVE-2026-23272, CVE-2026-23278, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455, CVE-2026-31402, CVE-2026-31418, CVE-2026-31478, CVE-2026-31607, CVE-2026-31637, CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668, CVE-2026-31669,CVE-2026-31682, CVE-2026-31685, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071, CVE-2026-43114, CVE-2026-43117, CVE-2026-43186, CVE-2026-43304, CVE-2026-43341, CVE-2026-43383, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45988, CVE-2026-46043, CVE-2026-46119, CVE-2026-46135, CVE-2026-46195, CVE-2026-46243) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-1052-nvidia-tegra-igx 5.15.0-1052.52 linux-image-5.15.0-1052-nvidia-tegra-igx-rt 5.15.0-1052.52 linux-image-5.15.0-1063-nvidia-tegra 5.15.0-1063.63 linux-image-5.15.0-1063-nvidia-tegra-rt 5.15.0-1063.63 linux-image-5.15.0-1094-gkeop 5.15.0-1094.102 linux-image-5.15.0-1103-intel-iot-realtime 5.15.0-1103.105 Available with Ubuntu Pro linux-image-5.15.0-1103-kvm 5.15.0-1103.108 linux-image-5.15.0-1105-ibm 5.15.0-1105.109 linux-image-5.15.0-1106-intel-iotg 5.15.0-1106.112 linux-image-5.15.0-1106-nvidia 5.15.0-1106.107 linux-image-5.15.0-1106-nvidia-lowlatency 5.15.0-1106.107 linux-image-5.15.0-1107-gke 5.15.0-1107.113 linux-image-5.15.0-1108-oracle 5.15.0-1108.114 linux-image-5.15.0-1110-realtime 5.15.0-1110.119 Available with Ubuntu Pro linux-image-5.15.0-1111-aws 5.15.0-1111.118 linux-image-5.15.0-1111-aws-64k 5.15.0-1111.118 linux-image-5.15.0-1111-aws-fips 5.15.0-1111.118+fips1 Available with Ubuntu Pro linux-image-5.15.0-1111-gcp 5.15.0-1111.121 linux-image-5.15.0-1111-gcp-fips 5.15.0-1111.121+fips1 Available with Ubuntu Pro linux-image-5.15.0-1116-azure 5.15.0-1116.125 linux-image-5.15.0-183-lowlatency 5.15.0-183.193 linux-image-5.15.0-183-lowlatency-64k 5.15.0-183.193 linux-image-5.15.0-185-fips 5.15.0-185.195+fips1 Available with Ubuntu Pro linux-image-5.15.0-185-generic 5.15.0-185.195 linux-image-5.15.0-185-generic-64k 5.15.0-185.195 linux-image-5.15.0-185-generic-lpae 5.15.0-185.195 linux-image-aws-5.15 5.15.0.1111.114 linux-image-aws-64k-5.15 5.15.0.1111.114 linux-image-aws-64k-lts-22.04 5.15.0.1111.114 linux-image-aws-fips 5.15.0.1111.107 Available with Ubuntu Pro linux-image-aws-fips-5.15 5.15.0.1111.107 Available with Ubuntu Pro linux-image-aws-lts-22.04 5.15.0.1111.114 linux-image-azure-5.15 5.15.0.1116.114 linux-image-azure-lts-22.04 5.15.0.1116.114 linux-image-fips 5.15.0.185.108 Available with Ubuntu Pro linux-image-fips-5.15 5.15.0.185.108 Available with Ubuntu Pro linux-image-gcp-5.15 5.15.0.1111.108 linux-image-gcp-fips 5.15.0.1111.101 Available with Ubuntu Pro linux-image-gcp-fips-5.15 5.15.0.1111.101 Available with Ubuntu Pro linux-image-gcp-lts-22.04 5.15.0.1111.108 linux-image-generic 5.15.0.185.166 linux-image-generic-5.15 5.15.0.185.166 linux-image-generic-64k 5.15.0.185.166 linux-image-generic-64k-5.15 5.15.0.185.166 linux-image-generic-lpae 5.15.0.185.166 linux-image-generic-lpae-5.15 5.15.0.185.166 linux-image-gke 5.15.0.1107.106 linux-image-gke-5.15 5.15.0.1107.106 linux-image-gkeop 5.15.0.1094.93 linux-image-gkeop-5.15 5.15.0.1094.93 linux-image-ibm 5.15.0.1105.102 linux-image-ibm-5.15 5.15.0.1105.102 linux-image-intel-iot-realtime 5.15.0.1103.107 Available with Ubuntu Pro linux-image-intel-iot-realtime-5.15 5.15.0.1103.107 Available with Ubuntu Pro linux-image-intel-iotg 5.15.0.1106.105 linux-image-intel-iotg-5.15 5.15.0.1106.105 linux-image-kvm 5.15.0.1103.99 linux-image-kvm-5.15 5.15.0.1103.99 linux-image-lowlatency 5.15.0.183.154 linux-image-lowlatency-5.15 5.15.0.183.154 linux-image-lowlatency-64k 5.15.0.183.154 linux-image-lowlatency-64k-5.15 5.15.0.183.154 linux-image-nvidia 5.15.0.1106.106 linux-image-nvidia-5.15 5.15.0.1106.106 linux-image-nvidia-lowlatency 5.15.0.1106.106 linux-image-nvidia-lowlatency-5.15 5.15.0.1106.106 linux-image-nvidia-tegra 5.15.0.1063.63 linux-image-nvidia-tegra-5.15 5.15.0.1063.63 linux-image-nvidia-tegra-igx 5.15.0.1052.54 linux-image-nvidia-tegra-igx-5.15 5.15.0.1052.54 linux-image-nvidia-tegra-igx-rt 5.15.0.1052.54 linux-image-nvidia-tegra-igx-rt-5.15 5.15.0.1052.54 linux-image-nvidia-tegra-rt 5.15.0.1063.63 linux-image-nvidia-tegra-rt-5.15 5.15.0.1063.63 linux-image-oem-20.04 5.15.0.185.166 linux-image-oracle-5.15 5.15.0.1108.104 linux-image-oracle-lts-22.04 5.15.0.1108.104 linux-image-realtime 5.15.0.1110.114 Available with Ubuntu Pro linux-image-realtime-5.15 5.15.0.1110.114 Available with Ubuntu Pro linux-image-virtual 5.15.0.185.166 linux-image-virtual-5.15 5.15.0.185.166 Ubuntu 20.04 LTS linux-image-5.15.0-1063-nvidia-tegra 5.15.0-1063.63~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1063-nvidia-tegra-rt 5.15.0-1063.63~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1105-ibm 5.15.0-1105.109~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1111-aws 5.15.0-1111.118~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1116-azure 5.15.0-1116.125~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1116-azure-fde 5.15.0-1116.125~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-183-lowlatency 5.15.0-183.193~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-183-lowlatency-64k 5.15.0-183.193~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-185-generic 5.15.0-185.195~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-185-generic-64k 5.15.0-185.195~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-185-generic-lpae 5.15.0-185.195~20.04.1 Available with Ubuntu Pro linux-image-aws 5.15.0.1111.118~20.04.1 Available with Ubuntu Pro linux-image-aws-5.15 5.15.0.1111.118~20.04.1 Available with Ubuntu Pro linux-image-azure 5.15.0.1116.125~20.04.1 Available with Ubuntu Pro linux-image-azure-5.15 5.15.0.1116.125~20.04.1 Available with Ubuntu Pro linux-image-azure-cvm 5.15.0.1116.125~20.04.1 Available with Ubuntu Pro linux-image-azure-fde 5.15.0.1116.125~20.04.1 Available with Ubuntu Pro linux-image-azure-fde-5.15 5.15.0.1116.125~20.04.1 Available with Ubuntu Pro linux-image-generic-5.15 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-generic-64k-5.15 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-generic-64k-hwe-20.04 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-generic-hwe-20.04 5.15.0.185.195~20.04.1 Availablewith Ubuntu Pro linux-image-generic-lpae-5.15 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-generic-lpae-hwe-20.04 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-ibm 5.15.0.1105.109~20.04.1 Available with Ubuntu Pro linux-image-ibm-5.15 5.15.0.1105.109~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-5.15 5.15.0.183.193~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-64k-5.15 5.15.0.183.193~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-64k-hwe-20.04 5.15.0.183.193~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-hwe-20.04 5.15.0.183.193~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra 5.15.0.1063.63~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-5.15 5.15.0.1063.63~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-rt 5.15.0.1063.63~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-rt-5.15 5.15.0.1063.63~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04b 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04c 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04d 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-virtual-5.15 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-virtual-hwe-20.04 5.15.0.185.195~20.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8493-1 CVE-2022-48816, CVE-2023-53673, CVE-2025-37778, CVE-2025-37822, CVE-2025-37924, CVE-2025-38201, CVE-2025-40082, CVE-2025-68214, CVE-2025-68263, CVE-2025-71089, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224, CVE-2026-23176, CVE-2026-23180, CVE-2026-23182, CVE-2026-23190, CVE-2026-23193, CVE-2026-23198, CVE-2026-23202, CVE-2026-23206, CVE-2026-23216, CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23262, CVE-2026-23272, CVE-2026-23278, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455, CVE-2026-31402, CVE-2026-31418, CVE-2026-31478, CVE-2026-31607, CVE-2026-31637, CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668, CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071, CVE-2026-43114, CVE-2026-43117, CVE-2026-43186, CVE-2026-43304, CVE-2026-43341, CVE-2026-43383, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45988, CVE-2026-46043, CVE-2026-46119, CVE-2026-46135, CVE-2026-46195, CVE-2026-46243 Package Information: https://launchpad.net/ubuntu/+source/linux/5.15.0-185.195 https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1111.118 https://launchpad.net/ubuntu/+source/linux-aws-fips/5.15.0-1111.118+fips1 https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1116.125 https://launchpad.net/ubuntu/+source/linux-fips/5.15.0-185.195+fips1 https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1111.121 https://launchpad.net/ubuntu/+source/linux-gcp-fips/5.15.0-1111.121+fips1 https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1107.113 https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1094.102 https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1105.109 https://launchpad.net/ubuntu/+source/linux-intel-iot-realtime/5.15.0-1103.105 https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1106.112 https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1103.108 https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-183.193 https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1106.107 https://launchpad.net/ubuntu/+source/linux-nvidia-tegra/5.15.0-1063.63 https://launchpad.net/ubuntu/+source/linux-nvidia-tegra-igx/5.15.0-1052.52 https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1108.114 https://launchpad.net/ubuntu/+source/linux-realtime/5.15.0-1110.119 . Several security issues fixed in Ubuntu Linux kernel require immediate updates to maintain system integrity and security.. Linux Kernel Security, Ubuntu Security Notice, Ubuntu Kernel Update. . LinuxSecurity.com Team
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8491-1 July 01, 2026 linux-oem-6.17 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-6.17: Linux kernel for OEM systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; - STMicroelectronics network drivers; - Network drivers; - NVME drivers; - SCSI subsystem; - USB over IP driver; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - SMB network file system; - Kernel thread helper (kthread); - IPv6 networking; - Tracing infrastructure; - Kernel exit() syscall; - Scatterlist API; - B.A.T.M.A.N. meshing protocol; - Ethernet bridge; - Ceph Core library; - IPv4 networking; - Multipath TCP; - Netfilter; - RxRPC session sockets; - SMC sockets; - X.25 network layer; (CVE-2026-22984, CVE-2026-23272, CVE-2026-23278, CVE-2026-23392, CVE-2026-23427, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455, CVE-2026-31402, CVE-2026-31418, CVE-2026-31436, CVE-2026-31448, CVE-2026-31478, CVE-2026-31607, CVE-2026-31635, CVE-2026-31637, CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668, CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-31718, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071, CVE-2026-43083, CVE-2026-43114, CVE-2026-43117, CVE-2026-43125, CVE-2026-43186, CVE-2026-43197, CVE-2026-43304, CVE-2026-43341, CVE-2026-43376,CVE-2026-43378, CVE-2026-43383, CVE-2026-43384, CVE-2026-43402, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45898, CVE-2026-45988, CVE-2026-46039, CVE-2026-46043, CVE-2026-46115, CVE-2026-46119, CVE-2026-46135, CVE-2026-46185, CVE-2026-46195, CVE-2026-46243, CVE-2026-46244, CVE-2026-46266, CVE-2026-46289, CVE-2026-46290, CVE-2026-46316, CVE-2026-46325) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.17.0-1028-oem 6.17.0-1028.28 linux-image-oem-24.04 6.17.0-1028.28 linux-image-oem-24.04a 6.17.0-1028.28 linux-image-oem-24.04b 6.17.0-1028.28 linux-image-oem-24.04c 6.17.0-1028.28 linux-image-oem-24.04d 6.17.0-1028.28 linux-image-oem-6.17 6.17.0-1028.28 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8491-1 CVE-2026-22984, CVE-2026-23272, CVE-2026-23278, CVE-2026-23392, CVE-2026-23427, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455, CVE-2026-31402, CVE-2026-31418, CVE-2026-31436, CVE-2026-31448, CVE-2026-31478, CVE-2026-31607, CVE-2026-31635, CVE-2026-31637, CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668, CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-31718, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071, CVE-2026-43083, CVE-2026-43114, CVE-2026-43117, CVE-2026-43125, CVE-2026-43186, CVE-2026-43197, CVE-2026-43304, CVE-2026-43341, CVE-2026-43376, CVE-2026-43378, CVE-2026-43383, CVE-2026-43384, CVE-2026-43402, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45898, CVE-2026-45988, CVE-2026-46039, CVE-2026-46043, CVE-2026-46115, CVE-2026-46119, CVE-2026-46135, CVE-2026-46185, CVE-2026-46195, CVE-2026-46243, CVE-2026-46244, CVE-2026-46266, CVE-2026-46289, CVE-2026-46290, CVE-2026-46316, CVE-2026-46325 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-6.17/6.17.0-1028.28 . Several security issues in Ubuntu's Linux kernel addressed by security advisory USN-8491-1. Update now to protect your system.. Ubuntu Linux Kernel Update Security Issues Compromise. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.