Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 16 articles for you...
100
security advisorymoderatedenial of serviceSUSE 15-SP7 valkey Moderate DoS Data Tampering 2026-0848-1
An update that solves two vulnerabilities can now be installed.. # Security update for valkey Announcement ID: SUSE-SU-2026:0848-1 Release Date: 2026-03-07T18:18:45Z Rating: moderate References: * bsc#1258746 * bsc#1258788 Cross-References: * CVE-2025-67733 * CVE-2026-21863 CVSS scores: * CVE-2025-67733 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-67733 ( NVD ): 8.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H * CVE-2025-67733 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-21863 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21863 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Server Applications Module 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for valkey fixes the following issues: Update to version 8.0.7. Security issues fixed: * CVE-2025-67733: data tampering and denial of service via improper null character handling in Lua scripts (bsc#1258746). * CVE-2026-21863: denial of service via invalid clusterbus packet (bsc#1258788). Other updates and bugfixes: * ltrim should not call signalModifiedKey when no elements are removed (#2787) * chained replica crash when doing dual channel replication (#2983) * used_memory_dataset underflow due to miscalculated used_memory_overhead (#3005) * avoids crash during MODULE UNLOAD when ACL rules reference a module command and subcommand (#3160) * server assert on ACL LOAD and resetchannels (#3182) * bug causing no response flush sometimes when IO threads are busy (#3205) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: *Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-848=1 ## Package List: * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * valkey-devel-8.0.7-150700.3.14.1 * valkey-8.0.7-150700.3.14.1 * valkey-debuginfo-8.0.7-150700.3.14.1 * valkey-debugsource-8.0.7-150700.3.14.1 * Server Applications Module 15-SP7 (noarch) * valkey-compat-redis-8.0.7-150700.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2025-67733.html * https://www.suse.com/security/cve/CVE-2026-21863.html * https://bugzilla.suse.com/show_bug.cgi?id=1258746 * https://bugzilla.suse.com/show_bug.cgi?id=1258788 . SUSE updates for valkey address two security issues with moderate severity for denial of service and data handling.. SUSE 15-SP7 valkey security update denial of service data tampering. . LinuxSecurity.com Team
Mar 09, 2026
SuSE
219
security advisorydenial of serviceimportantRocky Linux 9 Security Update Available for Upgrade - RLSA-2026-3511
Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3507", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts (CVE-2025-67733)\n\n* valkey: Valkey: Denial of Service via invalid clusterbus packet (CVE-2026-21863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2442025", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2442025", "description": ""}, {"ticket": "2442026", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442026", "description": ""}], "cves": [{"name": "CVE-2025-67733", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-67733", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "cvss3BaseScore": "7.1", "cwe": "CWE-170"}, {"name": "CVE-2026-21863", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-21863", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-125"}], "references": [], "publishedAt": "2026-03-05T09:09:17.804344Z", "rpms": {"Rocky Linux 9": {"nvras": ["valkey-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-0:8.0.7-1.el9_7.s390x.rpm", "valkey-0:8.0.7-1.el9_7.src.rpm", "valkey-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.s390x.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.s390x.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-devel-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-devel-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-devel-0:8.0.7-1.el9_7.s390x.rpm", "valkey-devel-0:8.0.7-1.el9_7.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Keep your Rocky Linux 9 system secure with the latest valkey updates for critical and important threats.. valkey security update, rocky linux updates, denial of service, valkey patch, data handling. . Severity: Important. LinuxSecurity.com Team
Mar 05, 2026
•Important
Rocky Linux
219
security advisorydenial of serviceimportantPeak OS 7.3 patch Notification BSL-2029-6789 CVE-2028-90123
Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3507", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts (CVE-2025-67733)\n\n* valkey: Valkey: Denial of Service via invalid clusterbus packet (CVE-2026-21863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2442025", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2442025", "description": ""}, {"ticket": "2442026", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442026", "description": ""}], "cves": [{"name": "CVE-2025-67733", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-67733", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "cvss3BaseScore": "7.1", "cwe": "CWE-170"}, {"name": "CVE-2026-21863", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-21863", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-125"}], "references": [], "publishedAt": "2026-03-05T09:09:17.804344Z", "rpms": {"Rocky Linux 9": {"nvras": ["valkey-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-0:8.0.7-1.el9_7.s390x.rpm", "valkey-0:8.0.7-1.el9_7.src.rpm", "valkey-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.s390x.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.s390x.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-devel-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-devel-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-devel-0:8.0.7-1.el9_7.s390x.rpm", "valkey-devel-0:8.0.7-1.el9_7.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important security update for Valkey addresses data tampering and denial of service issues on Rocky Linux 9.. Rocky Linux, Valkey, security update, denial of service, data tampering. . Severity: Important. LinuxSecurity.com Team
Mar 05, 2026
•Important
Rocky Linux
219
security advisorydenial of serviceimportantRocky Linux 9 RLSA-2026-3611 Valkey Significant System Downtime Remedies
Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3507", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts (CVE-2025-67733)\n\n* valkey: Valkey: Denial of Service via invalid clusterbus packet (CVE-2026-21863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2442025", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2442025", "description": ""}, {"ticket": "2442026", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442026", "description": ""}], "cves": [{"name": "CVE-2025-67733", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-67733", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "cvss3BaseScore": "7.1", "cwe": "CWE-170"}, {"name": "CVE-2026-21863", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-21863", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-125"}], "references": [], "publishedAt": "2026-03-05T09:09:17.804344Z", "rpms": {"Rocky Linux 9": {"nvras": ["valkey-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-0:8.0.7-1.el9_7.s390x.rpm", "valkey-0:8.0.7-1.el9_7.src.rpm", "valkey-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.s390x.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.s390x.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-devel-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-devel-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-devel-0:8.0.7-1.el9_7.s390x.rpm", "valkey-devel-0:8.0.7-1.el9_7.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Critical updates available for Valkey on Rocky Linux 9 addressing important security issues and enhancing system integrity.. Rocky Linux Updates, Valkey Security Fixes, Denial of Service, Data Tampering Issues. . Severity: Important. LinuxSecurity.com Team
Mar 05, 2026
•Important
Rocky Linux
219
security advisorydenial of serviceimportantRocky Linux 9 Security Enhancement - Valkey Key Revision RLSA-2026-3622
Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3507", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts (CVE-2025-67733)\n\n* valkey: Valkey: Denial of Service via invalid clusterbus packet (CVE-2026-21863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2442025", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2442025", "description": ""}, {"ticket": "2442026", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442026", "description": ""}], "cves": [{"name": "CVE-2025-67733", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-67733", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "cvss3BaseScore": "7.1", "cwe": "CWE-170"}, {"name": "CVE-2026-21863", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-21863", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-125"}], "references": [], "publishedAt": "2026-03-05T09:09:17.804344Z", "rpms": {"Rocky Linux 9": {"nvras": ["valkey-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-0:8.0.7-1.el9_7.s390x.rpm", "valkey-0:8.0.7-1.el9_7.src.rpm", "valkey-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.s390x.rpm", "valkey-debuginfo-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.s390x.rpm", "valkey-debugsource-0:8.0.7-1.el9_7.x86_64.rpm", "valkey-devel-0:8.0.7-1.el9_7.aarch64.rpm", "valkey-devel-0:8.0.7-1.el9_7.ppc64le.rpm", "valkey-devel-0:8.0.7-1.el9_7.s390x.rpm", "valkey-devel-0:8.0.7-1.el9_7.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Valkey security update addresses important issues in Rocky Linux affecting performance and security. Stay informed.. Rocky Linux security update, valkey important update, denial of service vulnerability. . Severity: Important. LinuxSecurity.com Team
Mar 05, 2026
•Important
Rocky Linux
219
security advisorydenial of serviceimportantImportant Fedora Linux 38 Update - FLNB-2023-5830 May Cause Downtime
Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3443", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts (CVE-2025-67733)\n\n* valkey: Valkey: Denial of Service via invalid clusterbus packet (CVE-2026-21863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2442025", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2442025", "description": ""}, {"ticket": "2442026", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442026", "description": ""}], "cves": [{"name": "CVE-2025-67733", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-67733", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H", "cvss3BaseScore": "8.5", "cwe": "CWE-170"}, {"name": "CVE-2026-21863", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21863", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-125"}], "references": [], "publishedAt": "2026-02-28T09:08:38.427685Z", "rpms": {"Rocky Linux 10": {"nvras": ["valkey-debugsource-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-debugsource-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-devel-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-devel-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-devel-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-debugsource-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-debugsource-0:8.0.7-1.el10_1.s390x.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.s390x.rpm", "valkey-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-devel-0:8.0.7-1.el10_1.s390x.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-0:8.0.7-1.el10_1.src.rpm", "valkey-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-0:8.0.7-1.el10_1.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Valkey security update for Rocky Linux 10 addresses critical issues affecting its performance and integrity.. Valkey security update, Rocky Linux threats, data tampering, denial of service issues. . Severity: Important. LinuxSecurity.com Team
Feb 28, 2026
•Important
Rocky Linux
219
security advisoryDoSimportantZenith OS 11 alert Essential DDoS Data Manipulation ZLSA-2027-4556
Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3443", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts (CVE-2025-67733)\n\n* valkey: Valkey: Denial of Service via invalid clusterbus packet (CVE-2026-21863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2442025", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2442025", "description": ""}, {"ticket": "2442026", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442026", "description": ""}], "cves": [{"name": "CVE-2025-67733", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-67733", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H", "cvss3BaseScore": "8.5", "cwe": "CWE-170"}, {"name": "CVE-2026-21863", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-21863", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-125"}], "references": [], "publishedAt": "2026-02-28T09:08:38.427685Z", "rpms": {"Rocky Linux 10": {"nvras": ["valkey-debugsource-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-debugsource-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-devel-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-devel-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-devel-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-debugsource-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-debugsource-0:8.0.7-1.el10_1.s390x.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.s390x.rpm", "valkey-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-devel-0:8.0.7-1.el10_1.s390x.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-0:8.0.7-1.el10_1.src.rpm", "valkey-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-0:8.0.7-1.el10_1.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important security update for valkey on Rocky Linux addressing critical issues and ensuring data integrity.. valkey security update, Rocky Linux patch, important security fixes. . Severity: Important. LinuxSecurity.com Team
Feb 28, 2026
•Important
Rocky Linux
219
security advisorydenial of serviceimportantRocky Linux 10 RLSA-2026-6789 Significant DoS Vulnerabilities Uncovered
Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3443", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* Valkey: Valkey: Data tampering and denial of service via improper null character handling in Lua scripts (CVE-2025-67733)\n\n* valkey: Valkey: Denial of Service via invalid clusterbus packet (CVE-2026-21863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2442025", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2442025", "description": ""}, {"ticket": "2442026", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442026", "description": ""}], "cves": [{"name": "CVE-2025-67733", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-67733", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H", "cvss3BaseScore": "8.5", "cwe": "CWE-170"}, {"name": "CVE-2026-21863", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-21863", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-125"}], "references": [], "publishedAt": "2026-02-28T09:08:38.427685Z", "rpms": {"Rocky Linux 10": {"nvras": ["valkey-debugsource-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-debugsource-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-devel-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-devel-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-devel-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-debugsource-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.ppc64le.rpm", "valkey-debugsource-0:8.0.7-1.el10_1.s390x.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.s390x.rpm", "valkey-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-devel-0:8.0.7-1.el10_1.s390x.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-0:8.0.7-1.el10_1.src.rpm", "valkey-0:8.0.7-1.el10_1.aarch64.rpm", "valkey-debuginfo-0:8.0.7-1.el10_1.x86_64.rpm", "valkey-0:8.0.7-1.el10_1.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. , ], 'cves': [, ], 'references': [], 'publishedAt': '2026-02-28T09:08:38.427685Z', 'rpms': }, 'reboo. important, valkey, security, update, 'cves', 'references', 'publishedat', '2026-02-28t09. . Severity: Important. LinuxSecurity.com Team
Feb 28, 2026
•Important
Rocky Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!