Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 25 articles for you...
89
security advisorymoderatedenial of serviceFedora 44 Kea Advisory CVE-2026-3608 Moderate DoS Fix 2026-2b21a4dafe
New version 3.0.3 (rhbz#2451141) Fixes CVE-2026-3608 (rhbz#2451621). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-2b21a4dafe 2026-04-25 01:21:36.171315+00:00 -------------------------------------------------------------------------------- Name : kea Product : Fedora 44 Version : 3.0.3 Release : 1.fc44 URL : http://kea.isc.org Summary : DHCPv4, DHCPv6 and DDNS server from ISC Description : DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers support DNS Update mechanism, using stand-alone DDNS daemon. -------------------------------------------------------------------------------- Update Information: New version 3.0.3 (rhbz#2451141) Fixes CVE-2026-3608 (rhbz#2451621) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 26 2026 Martin Osvald - 3.0.3-1 - New version 3.0.3 (rhbz#2451141) - Fixes CVE-2026-3608 (rhbz#2451621) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2451141 - kea-3.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2451141 [ 2 ] Bug #2451621 - CVE-2026-3608 kea: Kea: Denial of Service via maliciously crafted message [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2451621 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-2b21a4dafe' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with theFedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 25, 2026
•Important
Fedora
202
security advisorysecurity issueimportantopenSUSE 15.6 kea Important Stack Overflow Issue SUSE-SU-2026-1548-1
An update that solves one vulnerability can now be installed.. # Security update for kea Announcement ID: SUSE-SU-2026:1548-1 Release Date: 2026-04-22T09:40:51Z Rating: important References: * bsc#1260380 Cross-References: * CVE-2026-3608 CVSS scores: * CVE-2026-3608 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-3608 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3608 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for kea fixes the following issues: Update to release 2.6.5. Security issues fixed: * CVE-2026-3608: stack overflow error via specially crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons(bsc#1260380). Other updates and bugfixes: * A null dereference is now no longer possible when configuring the Control Agent with a socket that lacks the mandatory socket-name entry. * UNIX sockets are now created as group-writable. * Corrected an issue in logging configuration when parsing "syslog:". * Fixed crash when handling misconfigured global reservations. * Support for recent versions of Sphinx has been added. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1548=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1548=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1548=1 ## Package List: * SUSELinux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * libkea-log61-2.6.5-150600.13.9.1 * libkea-pgsql71-debuginfo-2.6.5-150600.13.9.1 * libkea-asiodns49-2.6.5-150600.13.9.1 * libkea-pgsql71-2.6.5-150600.13.9.1 * libkea-hooks102-2.6.5-150600.13.9.1 * kea-devel-2.6.5-150600.13.9.1 * kea-hooks-debuginfo-2.6.5-150600.13.9.1 * libkea-cryptolink50-2.6.5-150600.13.9.1 * libkea-cc69-debuginfo-2.6.5-150600.13.9.1 * libkea-http72-2.6.5-150600.13.9.1 * kea-debuginfo-2.6.5-150600.13.9.1 * libkea-d2srv47-2.6.5-150600.13.9.1 * libkea-http72-debuginfo-2.6.5-150600.13.9.1 * libkea-stats41-debuginfo-2.6.5-150600.13.9.1 * libkea-eval69-2.6.5-150600.13.9.1 * libkea-exceptions33-2.6.5-150600.13.9.1 * python3-kea-2.6.5-150600.13.9.1 * libkea-exceptions33-debuginfo-2.6.5-150600.13.9.1 * libkea-asiodns49-debuginfo-2.6.5-150600.13.9.1 * libkea-cfgclient67-2.6.5-150600.13.9.1 * libkea-database62-debuginfo-2.6.5-150600.13.9.1 * libkea-tcp19-debuginfo-2.6.5-150600.13.9.1 * libkea-util87-debuginfo-2.6.5-150600.13.9.1 * libkea-dhcpsrv112-debuginfo-2.6.5-150600.13.9.1 * libkea-hooks102-debuginfo-2.6.5-150600.13.9.1 * libkea-asiolink72-2.6.5-150600.13.9.1 * libkea-dhcp_ddns57-debuginfo-2.6.5-150600.13.9.1 * libkea-util-io0-2.6.5-150600.13.9.1 * libkea-dns++57-debuginfo-2.6.5-150600.13.9.1 * libkea-mysql71-2.6.5-150600.13.9.1 * libkea-mysql71-debuginfo-2.6.5-150600.13.9.1 * kea-2.6.5-150600.13.9.1 * libkea-eval69-debuginfo-2.6.5-150600.13.9.1 * libkea-util-io0-debuginfo-2.6.5-150600.13.9.1 * libkea-database62-2.6.5-150600.13.9.1 * libkea-d2srv47-debuginfo-2.6.5-150600.13.9.1 * libkea-stats41-2.6.5-150600.13.9.1 * libkea-dns++57-2.6.5-150600.13.9.1 * libkea-process76-debuginfo-2.6.5-150600.13.9.1 * libkea-tcp19-2.6.5-150600.13.9.1 * libkea-dhcp_ddns57-2.6.5-150600.13.9.1 * libkea-util87-2.6.5-150600.13.9.1 * libkea-log61-debuginfo-2.6.5-150600.13.9.1 *libkea-cryptolink50-debuginfo-2.6.5-150600.13.9.1 * libkea-asiolink72-debuginfo-2.6.5-150600.13.9.1 * kea-debugsource-2.6.5-150600.13.9.1 * libkea-dhcpsrv112-2.6.5-150600.13.9.1 * libkea-dhcp++92-2.6.5-150600.13.9.1 * kea-hooks-2.6.5-150600.13.9.1 * libkea-cc69-2.6.5-150600.13.9.1 * libkea-cfgclient67-debuginfo-2.6.5-150600.13.9.1 * libkea-process76-2.6.5-150600.13.9.1 * libkea-dhcp++92-debuginfo-2.6.5-150600.13.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * kea-doc-2.6.5-150600.13.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libkea-log61-2.6.5-150600.13.9.1 * libkea-pgsql71-debuginfo-2.6.5-150600.13.9.1 * libkea-asiodns49-2.6.5-150600.13.9.1 * libkea-pgsql71-2.6.5-150600.13.9.1 * libkea-hooks102-2.6.5-150600.13.9.1 * kea-devel-2.6.5-150600.13.9.1 * kea-hooks-debuginfo-2.6.5-150600.13.9.1 * libkea-cryptolink50-2.6.5-150600.13.9.1 * libkea-cc69-debuginfo-2.6.5-150600.13.9.1 * libkea-http72-2.6.5-150600.13.9.1 * kea-debuginfo-2.6.5-150600.13.9.1 * libkea-d2srv47-2.6.5-150600.13.9.1 * libkea-http72-debuginfo-2.6.5-150600.13.9.1 * libkea-stats41-debuginfo-2.6.5-150600.13.9.1 * libkea-eval69-2.6.5-150600.13.9.1 * libkea-exceptions33-2.6.5-150600.13.9.1 * python3-kea-2.6.5-150600.13.9.1 * libkea-exceptions33-debuginfo-2.6.5-150600.13.9.1 * libkea-asiodns49-debuginfo-2.6.5-150600.13.9.1 * libkea-cfgclient67-2.6.5-150600.13.9.1 * libkea-database62-debuginfo-2.6.5-150600.13.9.1 * libkea-tcp19-debuginfo-2.6.5-150600.13.9.1 * libkea-util87-debuginfo-2.6.5-150600.13.9.1 * libkea-dhcpsrv112-debuginfo-2.6.5-150600.13.9.1 * libkea-hooks102-debuginfo-2.6.5-150600.13.9.1 * libkea-asiolink72-2.6.5-150600.13.9.1 * libkea-dhcp_ddns57-debuginfo-2.6.5-150600.13.9.1 * libkea-util-io0-2.6.5-150600.13.9.1 * libkea-dns++57-debuginfo-2.6.5-150600.13.9.1 * libkea-mysql71-2.6.5-150600.13.9.1 *libkea-mysql71-debuginfo-2.6.5-150600.13.9.1 * kea-2.6.5-150600.13.9.1 * libkea-eval69-debuginfo-2.6.5-150600.13.9.1 * libkea-util-io0-debuginfo-2.6.5-150600.13.9.1 * libkea-database62-2.6.5-150600.13.9.1 * libkea-d2srv47-debuginfo-2.6.5-150600.13.9.1 * libkea-stats41-2.6.5-150600.13.9.1 * libkea-dns++57-2.6.5-150600.13.9.1 * libkea-process76-debuginfo-2.6.5-150600.13.9.1 * libkea-tcp19-2.6.5-150600.13.9.1 * libkea-dhcp_ddns57-2.6.5-150600.13.9.1 * libkea-util87-2.6.5-150600.13.9.1 * libkea-log61-debuginfo-2.6.5-150600.13.9.1 * libkea-cryptolink50-debuginfo-2.6.5-150600.13.9.1 * libkea-asiolink72-debuginfo-2.6.5-150600.13.9.1 * kea-debugsource-2.6.5-150600.13.9.1 * libkea-dhcpsrv112-2.6.5-150600.13.9.1 * libkea-dhcp++92-2.6.5-150600.13.9.1 * kea-hooks-2.6.5-150600.13.9.1 * libkea-cc69-2.6.5-150600.13.9.1 * libkea-cfgclient67-debuginfo-2.6.5-150600.13.9.1 * libkea-process76-2.6.5-150600.13.9.1 * libkea-dhcp++92-debuginfo-2.6.5-150600.13.9.1 * openSUSE Leap 15.6 (noarch) * kea-doc-2.6.5-150600.13.9.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * libkea-log61-2.6.5-150600.13.9.1 * libkea-pgsql71-debuginfo-2.6.5-150600.13.9.1 * libkea-asiodns49-2.6.5-150600.13.9.1 * libkea-pgsql71-2.6.5-150600.13.9.1 * libkea-hooks102-2.6.5-150600.13.9.1 * kea-devel-2.6.5-150600.13.9.1 * kea-hooks-debuginfo-2.6.5-150600.13.9.1 * libkea-cryptolink50-2.6.5-150600.13.9.1 * libkea-cc69-debuginfo-2.6.5-150600.13.9.1 * libkea-http72-2.6.5-150600.13.9.1 * kea-debuginfo-2.6.5-150600.13.9.1 * libkea-d2srv47-2.6.5-150600.13.9.1 * libkea-http72-debuginfo-2.6.5-150600.13.9.1 * libkea-stats41-debuginfo-2.6.5-150600.13.9.1 * libkea-eval69-2.6.5-150600.13.9.1 * libkea-exceptions33-2.6.5-150600.13.9.1 * python3-kea-2.6.5-150600.13.9.1 * libkea-exceptions33-debuginfo-2.6.5-150600.13.9.1 * libkea-asiodns49-debuginfo-2.6.5-150600.13.9.1 *libkea-cfgclient67-2.6.5-150600.13.9.1 * libkea-database62-debuginfo-2.6.5-150600.13.9.1 * libkea-tcp19-debuginfo-2.6.5-150600.13.9.1 * libkea-util87-debuginfo-2.6.5-150600.13.9.1 * libkea-dhcpsrv112-debuginfo-2.6.5-150600.13.9.1 * libkea-hooks102-debuginfo-2.6.5-150600.13.9.1 * libkea-asiolink72-2.6.5-150600.13.9.1 * libkea-dhcp_ddns57-debuginfo-2.6.5-150600.13.9.1 * libkea-util-io0-2.6.5-150600.13.9.1 * libkea-dns++57-debuginfo-2.6.5-150600.13.9.1 * libkea-mysql71-2.6.5-150600.13.9.1 * libkea-mysql71-debuginfo-2.6.5-150600.13.9.1 * kea-2.6.5-150600.13.9.1 * libkea-eval69-debuginfo-2.6.5-150600.13.9.1 * libkea-util-io0-debuginfo-2.6.5-150600.13.9.1 * libkea-database62-2.6.5-150600.13.9.1 * libkea-d2srv47-debuginfo-2.6.5-150600.13.9.1 * libkea-stats41-2.6.5-150600.13.9.1 * libkea-dns++57-2.6.5-150600.13.9.1 * libkea-process76-debuginfo-2.6.5-150600.13.9.1 * libkea-tcp19-2.6.5-150600.13.9.1 * libkea-dhcp_ddns57-2.6.5-150600.13.9.1 * libkea-util87-2.6.5-150600.13.9.1 * libkea-log61-debuginfo-2.6.5-150600.13.9.1 * libkea-cryptolink50-debuginfo-2.6.5-150600.13.9.1 * libkea-asiolink72-debuginfo-2.6.5-150600.13.9.1 * kea-debugsource-2.6.5-150600.13.9.1 * libkea-dhcpsrv112-2.6.5-150600.13.9.1 * libkea-dhcp++92-2.6.5-150600.13.9.1 * kea-hooks-2.6.5-150600.13.9.1 * libkea-cc69-2.6.5-150600.13.9.1 * libkea-cfgclient67-debuginfo-2.6.5-150600.13.9.1 * libkea-process76-2.6.5-150600.13.9.1 * libkea-dhcp++92-debuginfo-2.6.5-150600.13.9.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * kea-doc-2.6.5-150600.13.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3608.html * https://bugzilla.suse.com/show_bug.cgi?id=1260380 . A security update for openSUSE 15.6 addressing critical stack overflow issues in kea with important severity.. openSUSE security, kea update, important vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Apr 22, 2026
•Important
OpenSUSE
100
security advisoryupdatebuffer overflowSUSE 15-SP7 Kea Important Buffer Overflow Vuln 2026-1378-1
An update that solves one vulnerability can now be installed.. # Security update for kea Announcement ID: SUSE-SU-2026:1378-1 Release Date: 2026-04-16T07:19:46Z Rating: important References: * bsc#1260380 Cross-References: * CVE-2026-3608 CVSS scores: * CVE-2026-3608 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-3608 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3608 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for kea fixes the following issues: Update to release 2.6.5: * A large number of bracket pairs in a JSON payload directed to any endpoint would result in a stack overflow, due to recursive calls when parsing the JSON. This has been fixed. (CVE-2026-3608) [bsc#1260380] * A null dereference is now no longer possible when configuring the Control Agent with a socket that lacks the mandatory socket-name entry. * UNIX sockets are now created as group-writable. * Corrected an issue in logging configuration when parsing "syslog:" * Earlier Kea versions could crash when handling misconfigured global reservations. This has been fixed. * Support for recent versions of Sphinx has been added. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1378=1 * Server Applications Module 15-SP7 zypper in -t patchSUSE-SLE-Module-Server-Applications-15-SP7-2026-1378=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python3-kea-2.6.5-150700.3.6.1 * kea-debugsource-2.6.5-150700.3.6.1 * kea-debuginfo-2.6.5-150700.3.6.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libkea-log61-2.6.5-150700.3.6.1 * libkea-dhcp_ddns57-2.6.5-150700.3.6.1 * libkea-asiolink72-debuginfo-2.6.5-150700.3.6.1 * libkea-hooks102-2.6.5-150700.3.6.1 * libkea-dhcp++92-debuginfo-2.6.5-150700.3.6.1 * libkea-log61-debuginfo-2.6.5-150700.3.6.1 * libkea-pgsql71-2.6.5-150700.3.6.1 * libkea-cfgclient67-2.6.5-150700.3.6.1 * libkea-util-io0-debuginfo-2.6.5-150700.3.6.1 * libkea-cfgclient67-debuginfo-2.6.5-150700.3.6.1 * libkea-dhcpsrv112-2.6.5-150700.3.6.1 * libkea-dhcp_ddns57-debuginfo-2.6.5-150700.3.6.1 * libkea-eval69-2.6.5-150700.3.6.1 * kea-debuginfo-2.6.5-150700.3.6.1 * libkea-cc69-2.6.5-150700.3.6.1 * libkea-cc69-debuginfo-2.6.5-150700.3.6.1 * libkea-cryptolink50-debuginfo-2.6.5-150700.3.6.1 * libkea-dns++57-2.6.5-150700.3.6.1 * libkea-dns++57-debuginfo-2.6.5-150700.3.6.1 * libkea-tcp19-debuginfo-2.6.5-150700.3.6.1 * libkea-hooks102-debuginfo-2.6.5-150700.3.6.1 * libkea-exceptions33-debuginfo-2.6.5-150700.3.6.1 * kea-2.6.5-150700.3.6.1 * libkea-util87-2.6.5-150700.3.6.1 * libkea-cryptolink50-2.6.5-150700.3.6.1 * libkea-eval69-debuginfo-2.6.5-150700.3.6.1 * libkea-pgsql71-debuginfo-2.6.5-150700.3.6.1 * libkea-d2srv47-debuginfo-2.6.5-150700.3.6.1 * libkea-http72-2.6.5-150700.3.6.1 * kea-debugsource-2.6.5-150700.3.6.1 * libkea-asiodns49-debuginfo-2.6.5-150700.3.6.1 * libkea-stats41-debuginfo-2.6.5-150700.3.6.1 * libkea-util87-debuginfo-2.6.5-150700.3.6.1 * libkea-asiolink72-2.6.5-150700.3.6.1 * libkea-exceptions33-2.6.5-150700.3.6.1 * libkea-mysql71-2.6.5-150700.3.6.1 * kea-devel-2.6.5-150700.3.6.1 * libkea-d2srv47-2.6.5-150700.3.6.1 *libkea-process76-2.6.5-150700.3.6.1 * libkea-dhcp++92-2.6.5-150700.3.6.1 * libkea-http72-debuginfo-2.6.5-150700.3.6.1 * libkea-mysql71-debuginfo-2.6.5-150700.3.6.1 * libkea-database62-debuginfo-2.6.5-150700.3.6.1 * kea-hooks-debuginfo-2.6.5-150700.3.6.1 * libkea-process76-debuginfo-2.6.5-150700.3.6.1 * libkea-dhcpsrv112-debuginfo-2.6.5-150700.3.6.1 * libkea-util-io0-2.6.5-150700.3.6.1 * libkea-stats41-2.6.5-150700.3.6.1 * libkea-tcp19-2.6.5-150700.3.6.1 * libkea-asiodns49-2.6.5-150700.3.6.1 * libkea-database62-2.6.5-150700.3.6.1 * kea-hooks-2.6.5-150700.3.6.1 * Server Applications Module 15-SP7 (noarch) * kea-doc-2.6.5-150700.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3608.html * https://bugzilla.suse.com/show_bug.cgi?id=1260380 . Update resolves a critical issue in kea, addressing a buffer overflow vulnerability affecting SUSE systems.. SUSE Kea Security Patch Important Update. . Severity: Important. LinuxSecurity.com Team
Apr 16, 2026
•Important
SuSE
217
security advisorysecurity issueimportantOracle Linux 10 ELSA-2026-7342 kea Important Fix for CVE-2026-3608
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-7342 http://linux.oracle.com/errata/ELSA-2026-7342.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: kea-3.0.1-3.el10_1.x86_64.rpm kea-doc-3.0.1-3.el10_1.noarch.rpm kea-hooks-3.0.1-3.el10_1.x86_64.rpm kea-keama-3.0.1-3.el10_1.x86_64.rpm kea-libs-3.0.1-3.el10_1.x86_64.rpm aarch64: kea-3.0.1-3.el10_1.aarch64.rpm kea-doc-3.0.1-3.el10_1.noarch.rpm kea-hooks-3.0.1-3.el10_1.aarch64.rpm kea-keama-3.0.1-3.el10_1.aarch64.rpm kea-libs-3.0.1-3.el10_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/kea-3.0.1-3.el10_1.src.rpm Related CVEs: CVE-2026-3608 Description of changes: [3.0.1-3] - Fixes CVE-2026-3608 _______________________________________________ El-errata mailing list
Apr 13, 2026
•Important
Oracle
219
security advisorydenial of servicesecurity issueRocky Linux 10 RLSA-2026-7353 kea Core Service Disruption
Important: kea security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:7342", "synopsis": "Important: kea security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for kea.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers support DNS Update mechanism, using stand-alone DDNS daemon.\n\nSecurity Fix(es):\n\n* Kea: Kea: Denial of Service via maliciously crafted message (CVE-2026-3608)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2451139", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451139", "description": ""}], "cves": [{"name": "CVE-2026-3608", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-3608", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-617"}], "references": [], "publishedAt": "2026-04-11T12:07:07.893431Z", "rpms": {"Rocky Linux 10": {"nvras": ["kea-keama-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-libs-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-libs-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-0:3.0.1-3.el10_1.x86_64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.s390x.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm","kea-debugsource-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-doc-0:3.0.1-3.el10_1.noarch.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-hooks-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-keama-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-0:3.0.1-3.el10_1.aarch64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-keama-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.aarch64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.aarch64.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-hooks-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-hooks-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-0:3.0.1-3.el10_1.x86_64.rpm", "kea-0:3.0.1-3.el10_1.src.rpm", "kea-keama-0:3.0.1-3.el10_1.aarch64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.x86_64.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important kea security update on Rocky Linux addresses a denial of service risk. Immediate action is recommended.. Rocky Linux, kea update, denial of service, security advisory. . Severity: Important. LinuxSecurity.com Team
Apr 11, 2026
•Important
Rocky Linux
219
security advisoryDoSimportantFedora OS 38 RLSB-2026-8945 Nginx Vulnerability Alert CVE-2026-4821
Important: kea security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:7342", "synopsis": "Important: kea security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for kea.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers support DNS Update mechanism, using stand-alone DDNS daemon.\n\nSecurity Fix(es):\n\n* Kea: Kea: Denial of Service via maliciously crafted message (CVE-2026-3608)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2451139", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451139", "description": ""}], "cves": [{"name": "CVE-2026-3608", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-3608", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-617"}], "references": [], "publishedAt": "2026-04-11T12:07:07.893431Z", "rpms": {"Rocky Linux 10": {"nvras": ["kea-keama-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-libs-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-libs-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-0:3.0.1-3.el10_1.x86_64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.s390x.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm","kea-debugsource-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-doc-0:3.0.1-3.el10_1.noarch.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-hooks-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-keama-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-0:3.0.1-3.el10_1.aarch64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-keama-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.aarch64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.aarch64.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-hooks-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-hooks-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-0:3.0.1-3.el10_1.x86_64.rpm", "kea-0:3.0.1-3.el10_1.src.rpm", "kea-keama-0:3.0.1-3.el10_1.aarch64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.x86_64.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important kea security update for Rocky Linux 10 addresses Denial of Service due to crafted messages. Act now!. Kea Security Update, Rocky Linux, CVE-2026-3608, Denial of Service. . Severity: Important. LinuxSecurity.com Team
Apr 11, 2026
•Important
Rocky Linux
219
security advisorydenial of serviceupdateRocky Linux 10 RLSA-2026-7344 Kea Notable Denial of Service Flaw
Important: kea security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:7342", "synopsis": "Important: kea security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for kea.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers support DNS Update mechanism, using stand-alone DDNS daemon.\n\nSecurity Fix(es):\n\n* Kea: Kea: Denial of Service via maliciously crafted message (CVE-2026-3608)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2451139", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451139", "description": ""}], "cves": [{"name": "CVE-2026-3608", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-3608", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-617"}], "references": [], "publishedAt": "2026-04-11T12:07:07.893431Z", "rpms": {"Rocky Linux 10": {"nvras": ["kea-keama-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-libs-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-libs-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-0:3.0.1-3.el10_1.x86_64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.s390x.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm","kea-debugsource-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-doc-0:3.0.1-3.el10_1.noarch.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-hooks-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-keama-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-0:3.0.1-3.el10_1.aarch64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-keama-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.aarch64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.aarch64.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-hooks-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-hooks-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-0:3.0.1-3.el10_1.x86_64.rpm", "kea-0:3.0.1-3.el10_1.src.rpm", "kea-keama-0:3.0.1-3.el10_1.aarch64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.x86_64.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important Kea security update available for Rocky Linux 10 addressing denial of service risk and requiring updates.. Kea security update, Rocky Linux advisory, Denial of Service threat, security patch. . Severity: Important. LinuxSecurity.com Team
Apr 11, 2026
•Important
Rocky Linux
219
security advisorydenial of servicesecurity fixRocky Linux 10 RLSA-2026-7352 Kea Vital System Restoration Update
Important: kea security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:7342", "synopsis": "Important: kea security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for kea.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers support DNS Update mechanism, using stand-alone DDNS daemon.\n\nSecurity Fix(es):\n\n* Kea: Kea: Denial of Service via maliciously crafted message (CVE-2026-3608)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2451139", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451139", "description": ""}], "cves": [{"name": "CVE-2026-3608", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-3608", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-617"}], "references": [], "publishedAt": "2026-04-11T12:07:07.893431Z", "rpms": {"Rocky Linux 10": {"nvras": ["kea-keama-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-libs-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-libs-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-0:3.0.1-3.el10_1.x86_64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.s390x.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm","kea-debugsource-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-doc-0:3.0.1-3.el10_1.noarch.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-hooks-0:3.0.1-3.el10_1.aarch64.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm", "kea-keama-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-0:3.0.1-3.el10_1.aarch64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-keama-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.aarch64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.aarch64.rpm", "kea-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-hooks-0:3.0.1-3.el10_1.ppc64le.rpm", "kea-hooks-debuginfo-0:3.0.1-3.el10_1.x86_64.rpm", "kea-hooks-0:3.0.1-3.el10_1.s390x.rpm", "kea-libs-0:3.0.1-3.el10_1.x86_64.rpm", "kea-0:3.0.1-3.el10_1.src.rpm", "kea-keama-0:3.0.1-3.el10_1.aarch64.rpm", "kea-libs-debuginfo-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.s390x.rpm", "kea-0:3.0.1-3.el10_1.x86_64.rpm", "kea-debugsource-0:3.0.1-3.el10_1.x86_64.rpm", "kea-keama-debuginfo-0:3.0.1-3.el10_1.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important security update available for Kea on Rocky Linux 10 to fix a denial of service issue. Update recommended.. Kea security, Rocky Linux update, Denial of Service fix, security advisory, kea vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Apr 11, 2026
•Important
Rocky Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!