Alerts This Week
Warning Icon 1 401
Alerts This Week
Warning Icon 1 401

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9,991 articles for you...
89

Fedora 43 Transmission Critical CORS Bug Fix 2026-0ed2011b62

Fixed a CORS bug that leaked the anti-CSRF nonce. (#8938) Fixed a use-after-free bug in peer code. (#8921) Fixed build error when compiling with fmt 12.2.0. (#8942) Fix qt icon. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0ed2011b62 2026-07-02 01:07:29.332055+00:00 -------------------------------------------------------------------------------- Name : transmission Product : Fedora 43 Version : 4.1.3 Release : 1.fc43 URL : http://www.transmissionbt.com Summary : A lightweight GTK+ BitTorrent client Description : Transmission is a free, lightweight BitTorrent client. It features a simple, intuitive interface on top on an efficient, cross-platform back-end. -------------------------------------------------------------------------------- Update Information: Fixed a CORS bug that leaked the anti-CSRF nonce. (#8938) Fixed a use-after-free bug in peer code. (#8921) Fixed build error when compiling with fmt 12.2.0. (#8942) Fix qt icon -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 30 2026 Gwyn Ciesla - 4.1.3-1 - 4.1.3 * Sat Jun 20 2026 Ryan Nosurname - 4.1.2-3 - Remove unnecessary Qt icon rename * Fri Jun 12 2026 Yaakov Selkowitz - 4.1.2-2 - Rebuilt for openssl 4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2447219 - transmission-qt has no icon https://bugzilla.redhat.com/show_bug.cgi?id=2447219 [ 2 ] Bug #2494743 - transmission-4.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2494743 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0ed2011b62' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Upgrade to Fedora 43's transmission to fix critical CORS and other bugs now. Ensure your system's security and functionality!. Fedora update, transmission fix, BitTorrent client. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 43 Caddy Important Security Update 22 CVEs Advisory 2026-3dc324bd9a

Security update resolving 22 CVEs across both caddy itself and its vendored libraries.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-3dc324bd9a 2026-07-02 01:07:29.332017+00:00 -------------------------------------------------------------------------------- Name : caddy Product : Fedora 43 Version : 2.10.2 Release : 9.fc43 URL : https://caddyserver.com Summary : Web server with automatic HTTPS Description : Caddy is an extensible server platform that uses TLS by default. -------------------------------------------------------------------------------- Update Information: Security update resolving 22 CVEs across both caddy itself and its vendored libraries. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2026 Carl George - 2.10.2-9 - Port to new golang packaging guidelines - Backport upstream fix for CVE-2026-27585 - Backport upstream fix for CVE-2026-27586 - Backport upstream fix for CVE-2026-27587 - Backport upstream fix for CVE-2026-27588 - Backport upstream fix for CVE-2026-27589 - Backport upstream fix for CVE-2026-27590 - Backport upstream fix for CVE-2026-30851 - Backport upstream fix for CVE-2026-30852 - Update vendored github.com/quic-go/quic-go to v0.57.0 for CVE-2025-64702 - Update vendored golang.org/x/crypto to v0.52.0 for CVE-2025-47913, CVE-2026-39828, CVE-2026-39829, and CVE-2026-39830 - Update vendored github.com/smallstep/certificates to v0.30.0 for CVE-2025-44005 and CVE-2026-40097 - Update vendored github.com/go-chi/chi/v5 to v5.2.5 for CVE-2025-69725 - Update vendored github.com/yuin/goldmark/renderer/html to v1.7.17 for CVE-2026-5160 * Mon Feb 2 2026 Maxwell G - 2.10.2-5 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Fri Jan 16 2026 Fedora Release Engineering - 2.10.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 2.10.2-3 -Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Oct 10 2025 Alejandro Sáez - 2.10.2-2 - rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2488094 - CVE-2026-30851 caddy: Caddy: Privilege escalation via identity injection due to unstripped client headers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488094 [ 2 ] Bug #2488095 - CVE-2026-30852 caddy: Caddy: Information disclosure via double-expansion of user-controlled input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488095 [ 3 ] Bug #2488141 - CVE-2026-40097 caddy: Step CA: Denial of Service via crafted attestation key certificate [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488141 [ 4 ] Bug #2488502 - CVE-2026-27585 caddy: Caddy: Path security bypass due to unsanitized backslashes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488502 [ 5 ] Bug #2488503 - CVE-2026-27586 caddy: Caddy: Authentication bypass via mTLS client certificate validation failure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488503 [ 6 ] Bug #2488514 - CVE-2026-27587 caddy: Caddy: Access control bypass due to improper handling of percent-escape sequences in HTTP path matcher [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488514 [ 7 ] Bug #2488516 - CVE-2026-27588 caddy: Caddy: Access control bypass due to case-sensitive host matching [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488516 [ 8 ] Bug #2488517 - CVE-2026-27589 caddy: Caddy: Unauthorized configuration modification via cross-origin requests to the admin API [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488517 [ 9 ] Bug #2488518 - CVE-2026-27590 caddy: Caddy: Remote Code Execution via FastCGI path confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488518 [ 10 ] Bug #2488572 - CVE-2025-47910 caddy: CrossOriginProtection bypass in net/http[fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2488572 [ 11 ] Bug #2488575 - CVE-2025-58185 caddy: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2488575 [ 12 ] Bug #2488578 - CVE-2025-58188 caddy: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2488578 [ 13 ] Bug #2488580 - CVE-2025-58189 caddy: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2488580 [ 14 ] Bug #2488582 - CVE-2025-61723 caddy: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2488582 [ 15 ] Bug #2488661 - CVE-2025-64702 caddy: quic-go HTTP/3 QPACK Header Expansion DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488661 [ 16 ] Bug #2488663 - CVE-2025-47913 caddy: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488663 [ 17 ] Bug #2488665 - CVE-2025-44005 caddy: github.com/smallstep/certificates: Authorization bypass allows unauthorized certificate creation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488665 [ 18 ] Bug #2488666 - CVE-2025-69725 caddy: Go-chi/chi: Open Redirect vulnerability allows redirection to malicious websites [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488666 [ 19 ] Bug #2488667 - CVE-2026-5160 caddy: github.com/yuin/goldmark/renderer/html: Cross-site Scripting due to improper URL validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488667 [ 20 ] Bug #2489962 - CVE-2026-39828 caddy: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2489962 [ 21 ] Bug #2490067 -CVE-2026-39829 caddy: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490067 [ 22 ] Bug #2490486 - CVE-2026-39830 caddy: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490486 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-3dc324bd9a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fedora 43 security advisory updating Caddy addressing 22 CVEs with critical risks including DoS and information leaks.. Fedora 43, security advisory, Caddy update, CVE patching, web server security. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 43 hut Critical Go Standard Library Bugs Rebuild 2026-32113d4817

Update! Close Go standard library CVE bugs that are solved by a rebuild. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-32113d4817 2026-07-02 01:07:29.331944+00:00 -------------------------------------------------------------------------------- Name : hut Product : Fedora 43 Version : 0.8.0 Release : 1.fc43 URL : https://git.sr.ht/~xenrox/hut Summary : A CLI tool for Sourcehut Description : hut is a CLI tool for interacting with Sourcehut instances. It supports git.sr.ht as well as self-hosted Sourcehut instances. -------------------------------------------------------------------------------- Update Information: Update! Close Go standard library CVE bugs that are solved by a rebuild -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2026 Javier Olaechea - 0.8.0-1 - Update to 0.8.0. Fixes rhbz#2451702. * Tue Feb 3 2026 Maxwell G - 0.7.0-4 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Fri Jan 16 2026 Fedora Release Engineering - 0.7.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Oct 10 2025 Alejandro Sáez - 0.7.0-2 - rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2408304 - CVE-2025-58189 hut: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408304 [ 2 ] Bug #2408723 - CVE-2025-61725 hut: Excessive CPU consumption in ParseAddress in net/mail [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408723 [ 3 ] Bug #2409777 - CVE-2025-61723 hut: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409777 [ 4 ] Bug #2410727 - CVE-2025-58185 hut: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410727 [ 5 ] Bug #2411623 - CVE-2025-58188 hut: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2411623 [ 6 ] Bug #2412711 - CVE-2025-58183 hut: Unbounded allocation when parsing GNU sparse map [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2412711 [ 7 ] Bug #2451702 - hut-0.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2451702 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-32113d4817' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update for hut on Fedora 43 addresses critical CVE issues to enhance security and performance.. Fedora updates, hut tool, CLI Sourcehut, CVE fixes. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 44 ipp-usb Critical DoS Security Fix FEDORA-2026-00901a5e8f

0.9.34 - security fix for CVE-2026-27145. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-00901a5e8f 2026-07-02 01:05:29.984014+00:00 -------------------------------------------------------------------------------- Name : ipp-usb Product : Fedora 44 Version : 0.9.34 Release : 2.fc44 URL : https://github.com/OpenPrinting/ipp-usb Summary : HTTP reverse proxy, backed by IPP-over-USB connection to device Description : HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol. -------------------------------------------------------------------------------- Update Information: 0.9.34 - security fix for CVE-2026-27145 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 30 2026 Zdenek Dohnal - 0.9.34-2 - ipp-usb-0.9.34 is available (fedora#2463247, fedora#2484207, fedora#2494316) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2484207 - CVE-2026-27145 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries https://bugzilla.redhat.com/show_bug.cgi?id=2484207 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-00901a5e8f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical security fix for ipp-usb in Fedora 44 to address denial of service via CVE-2026-27145. Immediate update advised.. ipp-usb security fix, fedora advisory, CVE-2026-27145. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 44 Caddy Critical Access Control and DoS Fix 2026-950cac64f2

Security update resolving 17 CVEs across both caddy itself and its vendored libraries.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-950cac64f2 2026-07-02 01:05:29.983957+00:00 -------------------------------------------------------------------------------- Name : caddy Product : Fedora 44 Version : 2.10.2 Release : 9.fc44 URL : https://caddyserver.com Summary : Web server with automatic HTTPS Description : Caddy is an extensible server platform that uses TLS by default. -------------------------------------------------------------------------------- Update Information: Security update resolving 17 CVEs across both caddy itself and its vendored libraries. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2026 Carl George - 2.10.2-9 - Port to new golang packaging guidelines - Backport upstream fix for CVE-2026-27585 - Backport upstream fix for CVE-2026-27586 - Backport upstream fix for CVE-2026-27587 - Backport upstream fix for CVE-2026-27588 - Backport upstream fix for CVE-2026-27589 - Backport upstream fix for CVE-2026-27590 - Backport upstream fix for CVE-2026-30851 - Backport upstream fix for CVE-2026-30852 - Update vendored github.com/quic-go/quic-go to v0.57.0 for CVE-2025-64702 - Update vendored golang.org/x/crypto to v0.52.0 for CVE-2025-47913, CVE-2026-39828, CVE-2026-39829, and CVE-2026-39830 - Update vendored github.com/smallstep/certificates to v0.30.0 for CVE-2025-44005 and CVE-2026-40097 - Update vendored github.com/go-chi/chi/v5 to v5.2.5 for CVE-2025-69725 - Update vendored github.com/yuin/goldmark/renderer/html to v1.7.17 for CVE-2026-5160 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2488094 - CVE-2026-30851 caddy: Caddy: Privilege escalation via identity injection due to unstripped client headers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488094 [ 2 ] Bug #2488095 - CVE-2026-30852 caddy: Caddy: Information disclosure via double-expansion of user-controlled input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488095 [ 3 ] Bug #2488141 - CVE-2026-40097 caddy: Step CA: Denial of Service via crafted attestation key certificate [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488141 [ 4 ] Bug #2488502 - CVE-2026-27585 caddy: Caddy: Path security bypass due to unsanitized backslashes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488502 [ 5 ] Bug #2488503 - CVE-2026-27586 caddy: Caddy: Authentication bypass via mTLS client certificate validation failure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488503 [ 6 ] Bug #2488514 - CVE-2026-27587 caddy: Caddy: Access control bypass due to improper handling of percent-escape sequences in HTTP path matcher [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488514 [ 7 ] Bug #2488516 - CVE-2026-27588 caddy: Caddy: Access control bypass due to case-sensitive host matching [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488516 [ 8 ] Bug #2488517 - CVE-2026-27589 caddy: Caddy: Unauthorized configuration modification via cross-origin requests to the admin API [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488517 [ 9 ] Bug #2488518 - CVE-2026-27590 caddy: Caddy: Remote Code Execution via FastCGI path confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488518 [ 10 ] Bug #2488661 - CVE-2025-64702 caddy: quic-go HTTP/3 QPACK Header Expansion DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488661 [ 11 ] Bug #2488663 - CVE-2025-47913 caddy: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488663 [ 12 ] Bug #2488665 - CVE-2025-44005 caddy:github.com/smallstep/certificates: Authorization bypass allows unauthorized certificate creation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488665 [ 13 ] Bug #2488666 - CVE-2025-69725 caddy: Go-chi/chi: Open Redirect vulnerability allows redirection to malicious websites [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488666 [ 14 ] Bug #2488667 - CVE-2026-5160 caddy: github.com/yuin/goldmark/renderer/html: Cross-site Scripting due to improper URL validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488667 [ 15 ] Bug #2489962 - CVE-2026-39828 caddy: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2489962 [ 16 ] Bug #2490067 - CVE-2026-39829 caddy: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490067 [ 17 ] Bug #2490486 - CVE-2026-39830 caddy: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490486 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-950cac64f2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. FedoraCode of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . The latest Fedora security update for Caddy addresses 17 critical CVEs, ensuring enhanced security for users.. Caddy Security Update, Fedora 44, Critical CVEs, Server Security, Denial of Service Fix. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 44 Rclone Critical Denial of Service Issues 2026-6145ae14ca

Update to 1.74.3. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6145ae14ca 2026-07-02 01:05:29.983954+00:00 -------------------------------------------------------------------------------- Name : rclone Product : Fedora 44 Version : 1.74.3 Release : 1.fc44 URL : https://github.com/rclone/rclone Summary : Rsync for cloud storage Description : "rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files. -------------------------------------------------------------------------------- Update Information: Update to 1.74.3 -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 6 2026 Packit - 1.74.3-1 - Update to 1.74.3 upstream release - Resolves: rhbz#2485621 * Sat May 23 2026 Packit - 1.74.2-1 - Update to 1.74.2 upstream release - Resolves: rhbz#2468412 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2486295 - CVE-2026-45287 rclone: OpenTelemetry-Go: Denial of Service due to file descriptor leak [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2486295 [ 2 ] Bug #2489905 - CVE-2026-39828 rclone: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2489905 [ 3 ] Bug #2490091 - CVE-2026-39829 rclone: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490091 [ 4 ] Bug #2490402 - CVE-2026-39830 rclone: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490402 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6145ae14ca' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update to rclone 1.74.3 addresses multiple critical issues, including denial of service vulnerabilities.. Fedora rclone update, cloud storage security, software advisory, application vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
172

Ubuntu Linux Kernel Critical Security Flaws Update USN-8493-1

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8493-1 July 01, 2026 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-5.15, linux-azure-fde-5.15, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-fips: Linux kernel with FIPS - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with FIPS - linux-gke: Linux kernel for Google Container Engine (GKE) systems - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-intel-iot-realtime: Linux kernel for Intel IoT Real-time platforms - linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-nvidia: Linux kernel for NVIDIA systems - linux-nvidia-tegra: Linux kernel for NVIDIA Tegra systems - linux-nvidia-tegra-igx: Linux kernel for NVIDIA Tegra IGX systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-realtime: Linux kernel for Real-time systems - linux-aws-5.15: Linux kernel for Amazon WebServices (AWS) systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems - linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems - linux-hwe-5.15: Linux hardware enablement (HWE) kernel - linux-ibm-5.15: Linux kernel for IBM cloud systems - linux-lowlatency-hwe-5.15: Linux low latency kernel - linux-nvidia-tegra-5.15: Linux kernel for NVIDIA Tegra systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; - STMicroelectronics network drivers; - NVME drivers; - x86 platform drivers; - SCSI subsystem; - SPI subsystem; - TCM subsystem; - USB over IP driver; - File systems infrastructure; - HFS+ file system; - Network file system (NFS) server daemon; - SMB network file system; - IPv6 networking; - Tracing infrastructure; - Timer subsystem; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Ceph Core library; - IPv4 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - RxRPC session sockets; - SMC sockets; - Sun RPC protocol; - X.25 network layer; - AMD SoC Alsa drivers; - KVM subsystem; (CVE-2022-48816, CVE-2023-53673, CVE-2025-37778, CVE-2025-37822, CVE-2025-37924, CVE-2025-38201, CVE-2025-40082, CVE-2025-68214, CVE-2025-68263, CVE-2025-71089, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224, CVE-2026-23176, CVE-2026-23180, CVE-2026-23182, CVE-2026-23190, CVE-2026-23193, CVE-2026-23198, CVE-2026-23202, CVE-2026-23206, CVE-2026-23216, CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23262, CVE-2026-23272, CVE-2026-23278, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455, CVE-2026-31402, CVE-2026-31418, CVE-2026-31478, CVE-2026-31607, CVE-2026-31637, CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668, CVE-2026-31669,CVE-2026-31682, CVE-2026-31685, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071, CVE-2026-43114, CVE-2026-43117, CVE-2026-43186, CVE-2026-43304, CVE-2026-43341, CVE-2026-43383, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45988, CVE-2026-46043, CVE-2026-46119, CVE-2026-46135, CVE-2026-46195, CVE-2026-46243) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-1052-nvidia-tegra-igx 5.15.0-1052.52 linux-image-5.15.0-1052-nvidia-tegra-igx-rt 5.15.0-1052.52 linux-image-5.15.0-1063-nvidia-tegra 5.15.0-1063.63 linux-image-5.15.0-1063-nvidia-tegra-rt 5.15.0-1063.63 linux-image-5.15.0-1094-gkeop 5.15.0-1094.102 linux-image-5.15.0-1103-intel-iot-realtime 5.15.0-1103.105 Available with Ubuntu Pro linux-image-5.15.0-1103-kvm 5.15.0-1103.108 linux-image-5.15.0-1105-ibm 5.15.0-1105.109 linux-image-5.15.0-1106-intel-iotg 5.15.0-1106.112 linux-image-5.15.0-1106-nvidia 5.15.0-1106.107 linux-image-5.15.0-1106-nvidia-lowlatency 5.15.0-1106.107 linux-image-5.15.0-1107-gke 5.15.0-1107.113 linux-image-5.15.0-1108-oracle 5.15.0-1108.114 linux-image-5.15.0-1110-realtime 5.15.0-1110.119 Available with Ubuntu Pro linux-image-5.15.0-1111-aws 5.15.0-1111.118 linux-image-5.15.0-1111-aws-64k 5.15.0-1111.118 linux-image-5.15.0-1111-aws-fips 5.15.0-1111.118+fips1 Available with Ubuntu Pro linux-image-5.15.0-1111-gcp 5.15.0-1111.121 linux-image-5.15.0-1111-gcp-fips 5.15.0-1111.121+fips1 Available with Ubuntu Pro linux-image-5.15.0-1116-azure 5.15.0-1116.125 linux-image-5.15.0-183-lowlatency 5.15.0-183.193 linux-image-5.15.0-183-lowlatency-64k 5.15.0-183.193 linux-image-5.15.0-185-fips 5.15.0-185.195+fips1 Available with Ubuntu Pro linux-image-5.15.0-185-generic 5.15.0-185.195 linux-image-5.15.0-185-generic-64k 5.15.0-185.195 linux-image-5.15.0-185-generic-lpae 5.15.0-185.195 linux-image-aws-5.15 5.15.0.1111.114 linux-image-aws-64k-5.15 5.15.0.1111.114 linux-image-aws-64k-lts-22.04 5.15.0.1111.114 linux-image-aws-fips 5.15.0.1111.107 Available with Ubuntu Pro linux-image-aws-fips-5.15 5.15.0.1111.107 Available with Ubuntu Pro linux-image-aws-lts-22.04 5.15.0.1111.114 linux-image-azure-5.15 5.15.0.1116.114 linux-image-azure-lts-22.04 5.15.0.1116.114 linux-image-fips 5.15.0.185.108 Available with Ubuntu Pro linux-image-fips-5.15 5.15.0.185.108 Available with Ubuntu Pro linux-image-gcp-5.15 5.15.0.1111.108 linux-image-gcp-fips 5.15.0.1111.101 Available with Ubuntu Pro linux-image-gcp-fips-5.15 5.15.0.1111.101 Available with Ubuntu Pro linux-image-gcp-lts-22.04 5.15.0.1111.108 linux-image-generic 5.15.0.185.166 linux-image-generic-5.15 5.15.0.185.166 linux-image-generic-64k 5.15.0.185.166 linux-image-generic-64k-5.15 5.15.0.185.166 linux-image-generic-lpae 5.15.0.185.166 linux-image-generic-lpae-5.15 5.15.0.185.166 linux-image-gke 5.15.0.1107.106 linux-image-gke-5.15 5.15.0.1107.106 linux-image-gkeop 5.15.0.1094.93 linux-image-gkeop-5.15 5.15.0.1094.93 linux-image-ibm 5.15.0.1105.102 linux-image-ibm-5.15 5.15.0.1105.102 linux-image-intel-iot-realtime 5.15.0.1103.107 Available with Ubuntu Pro linux-image-intel-iot-realtime-5.15 5.15.0.1103.107 Available with Ubuntu Pro linux-image-intel-iotg 5.15.0.1106.105 linux-image-intel-iotg-5.15 5.15.0.1106.105 linux-image-kvm 5.15.0.1103.99 linux-image-kvm-5.15 5.15.0.1103.99 linux-image-lowlatency 5.15.0.183.154 linux-image-lowlatency-5.15 5.15.0.183.154 linux-image-lowlatency-64k 5.15.0.183.154 linux-image-lowlatency-64k-5.15 5.15.0.183.154 linux-image-nvidia 5.15.0.1106.106 linux-image-nvidia-5.15 5.15.0.1106.106 linux-image-nvidia-lowlatency 5.15.0.1106.106 linux-image-nvidia-lowlatency-5.15 5.15.0.1106.106 linux-image-nvidia-tegra 5.15.0.1063.63 linux-image-nvidia-tegra-5.15 5.15.0.1063.63 linux-image-nvidia-tegra-igx 5.15.0.1052.54 linux-image-nvidia-tegra-igx-5.15 5.15.0.1052.54 linux-image-nvidia-tegra-igx-rt 5.15.0.1052.54 linux-image-nvidia-tegra-igx-rt-5.15 5.15.0.1052.54 linux-image-nvidia-tegra-rt 5.15.0.1063.63 linux-image-nvidia-tegra-rt-5.15 5.15.0.1063.63 linux-image-oem-20.04 5.15.0.185.166 linux-image-oracle-5.15 5.15.0.1108.104 linux-image-oracle-lts-22.04 5.15.0.1108.104 linux-image-realtime 5.15.0.1110.114 Available with Ubuntu Pro linux-image-realtime-5.15 5.15.0.1110.114 Available with Ubuntu Pro linux-image-virtual 5.15.0.185.166 linux-image-virtual-5.15 5.15.0.185.166 Ubuntu 20.04 LTS linux-image-5.15.0-1063-nvidia-tegra 5.15.0-1063.63~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1063-nvidia-tegra-rt 5.15.0-1063.63~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1105-ibm 5.15.0-1105.109~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1111-aws 5.15.0-1111.118~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1116-azure 5.15.0-1116.125~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1116-azure-fde 5.15.0-1116.125~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-183-lowlatency 5.15.0-183.193~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-183-lowlatency-64k 5.15.0-183.193~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-185-generic 5.15.0-185.195~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-185-generic-64k 5.15.0-185.195~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-185-generic-lpae 5.15.0-185.195~20.04.1 Available with Ubuntu Pro linux-image-aws 5.15.0.1111.118~20.04.1 Available with Ubuntu Pro linux-image-aws-5.15 5.15.0.1111.118~20.04.1 Available with Ubuntu Pro linux-image-azure 5.15.0.1116.125~20.04.1 Available with Ubuntu Pro linux-image-azure-5.15 5.15.0.1116.125~20.04.1 Available with Ubuntu Pro linux-image-azure-cvm 5.15.0.1116.125~20.04.1 Available with Ubuntu Pro linux-image-azure-fde 5.15.0.1116.125~20.04.1 Available with Ubuntu Pro linux-image-azure-fde-5.15 5.15.0.1116.125~20.04.1 Available with Ubuntu Pro linux-image-generic-5.15 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-generic-64k-5.15 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-generic-64k-hwe-20.04 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-generic-hwe-20.04 5.15.0.185.195~20.04.1 Availablewith Ubuntu Pro linux-image-generic-lpae-5.15 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-generic-lpae-hwe-20.04 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-ibm 5.15.0.1105.109~20.04.1 Available with Ubuntu Pro linux-image-ibm-5.15 5.15.0.1105.109~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-5.15 5.15.0.183.193~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-64k-5.15 5.15.0.183.193~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-64k-hwe-20.04 5.15.0.183.193~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-hwe-20.04 5.15.0.183.193~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra 5.15.0.1063.63~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-5.15 5.15.0.1063.63~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-rt 5.15.0.1063.63~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-rt-5.15 5.15.0.1063.63~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04b 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04c 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04d 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-virtual-5.15 5.15.0.185.195~20.04.1 Available with Ubuntu Pro linux-image-virtual-hwe-20.04 5.15.0.185.195~20.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8493-1 CVE-2022-48816, CVE-2023-53673, CVE-2025-37778, CVE-2025-37822, CVE-2025-37924, CVE-2025-38201, CVE-2025-40082, CVE-2025-68214, CVE-2025-68263, CVE-2025-71089, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224, CVE-2026-23176, CVE-2026-23180, CVE-2026-23182, CVE-2026-23190, CVE-2026-23193, CVE-2026-23198, CVE-2026-23202, CVE-2026-23206, CVE-2026-23216, CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23262, CVE-2026-23272, CVE-2026-23278, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455, CVE-2026-31402, CVE-2026-31418, CVE-2026-31478, CVE-2026-31607, CVE-2026-31637, CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668, CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071, CVE-2026-43114, CVE-2026-43117, CVE-2026-43186, CVE-2026-43304, CVE-2026-43341, CVE-2026-43383, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45988, CVE-2026-46043, CVE-2026-46119, CVE-2026-46135, CVE-2026-46195, CVE-2026-46243 Package Information: https://launchpad.net/ubuntu/+source/linux/5.15.0-185.195 https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1111.118 https://launchpad.net/ubuntu/+source/linux-aws-fips/5.15.0-1111.118+fips1 https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1116.125 https://launchpad.net/ubuntu/+source/linux-fips/5.15.0-185.195+fips1 https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1111.121 https://launchpad.net/ubuntu/+source/linux-gcp-fips/5.15.0-1111.121+fips1 https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1107.113 https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1094.102 https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1105.109 https://launchpad.net/ubuntu/+source/linux-intel-iot-realtime/5.15.0-1103.105 https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1106.112 https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1103.108 https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-183.193 https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1106.107 https://launchpad.net/ubuntu/+source/linux-nvidia-tegra/5.15.0-1063.63 https://launchpad.net/ubuntu/+source/linux-nvidia-tegra-igx/5.15.0-1052.52 https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1108.114 https://launchpad.net/ubuntu/+source/linux-realtime/5.15.0-1110.119 . Several security issues fixed in Ubuntu Linux kernel require immediate updates to maintain system integrity and security.. Linux Kernel Security, Ubuntu Security Notice, Ubuntu Kernel Update. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Ubuntu
172

Ubuntu 24.04 LTS Linux Kernel High-Risk Vulnerabilities Resolved USN-8491-1

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8491-1 July 01, 2026 linux-oem-6.17 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-6.17: Linux kernel for OEM systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; - STMicroelectronics network drivers; - Network drivers; - NVME drivers; - SCSI subsystem; - USB over IP driver; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - SMB network file system; - Kernel thread helper (kthread); - IPv6 networking; - Tracing infrastructure; - Kernel exit() syscall; - Scatterlist API; - B.A.T.M.A.N. meshing protocol; - Ethernet bridge; - Ceph Core library; - IPv4 networking; - Multipath TCP; - Netfilter; - RxRPC session sockets; - SMC sockets; - X.25 network layer; (CVE-2026-22984, CVE-2026-23272, CVE-2026-23278, CVE-2026-23392, CVE-2026-23427, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455, CVE-2026-31402, CVE-2026-31418, CVE-2026-31436, CVE-2026-31448, CVE-2026-31478, CVE-2026-31607, CVE-2026-31635, CVE-2026-31637, CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668, CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-31718, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071, CVE-2026-43083, CVE-2026-43114, CVE-2026-43117, CVE-2026-43125, CVE-2026-43186, CVE-2026-43197, CVE-2026-43304, CVE-2026-43341, CVE-2026-43376,CVE-2026-43378, CVE-2026-43383, CVE-2026-43384, CVE-2026-43402, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45898, CVE-2026-45988, CVE-2026-46039, CVE-2026-46043, CVE-2026-46115, CVE-2026-46119, CVE-2026-46135, CVE-2026-46185, CVE-2026-46195, CVE-2026-46243, CVE-2026-46244, CVE-2026-46266, CVE-2026-46289, CVE-2026-46290, CVE-2026-46316, CVE-2026-46325) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.17.0-1028-oem 6.17.0-1028.28 linux-image-oem-24.04 6.17.0-1028.28 linux-image-oem-24.04a 6.17.0-1028.28 linux-image-oem-24.04b 6.17.0-1028.28 linux-image-oem-24.04c 6.17.0-1028.28 linux-image-oem-24.04d 6.17.0-1028.28 linux-image-oem-6.17 6.17.0-1028.28 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8491-1 CVE-2026-22984, CVE-2026-23272, CVE-2026-23278, CVE-2026-23392, CVE-2026-23427, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455, CVE-2026-31402, CVE-2026-31418, CVE-2026-31436, CVE-2026-31448, CVE-2026-31478, CVE-2026-31607, CVE-2026-31635, CVE-2026-31637, CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668, CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-31718, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071, CVE-2026-43083, CVE-2026-43114, CVE-2026-43117, CVE-2026-43125, CVE-2026-43186, CVE-2026-43197, CVE-2026-43304, CVE-2026-43341, CVE-2026-43376, CVE-2026-43378, CVE-2026-43383, CVE-2026-43384, CVE-2026-43402, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45898, CVE-2026-45988, CVE-2026-46039, CVE-2026-46043, CVE-2026-46115, CVE-2026-46119, CVE-2026-46135, CVE-2026-46185, CVE-2026-46195, CVE-2026-46243, CVE-2026-46244, CVE-2026-46266, CVE-2026-46289, CVE-2026-46290, CVE-2026-46316, CVE-2026-46325 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-6.17/6.17.0-1028.28 . Several security issues in Ubuntu's Linux kernel addressed by security advisory USN-8491-1. Update now to protect your system.. Ubuntu Linux Kernel Update Security Issues Compromise. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Ubuntu
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here