Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 218 articles for you...
172

Ubuntu Kernel 20.04 LTS Upgrade Important Security Flaws USN-8493-2

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8493-2 July 02, 2026 linux-oracle-5.15 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oracle-5.15: Linux kernel for Oracle Cloud systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; - STMicroelectronics network drivers; - NVME drivers; - x86 platform drivers; - SCSI subsystem; - SPI subsystem; - TCM subsystem; - USB over IP driver; - File systems infrastructure; - HFS+ file system; - Network file system (NFS) server daemon; - SMB network file system; - IPv6 networking; - Tracing infrastructure; - Timer subsystem; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Ceph Core library; - IPv4 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - RxRPC session sockets; - SMC sockets; - Sun RPC protocol; - X.25 network layer; - AMD SoC Alsa drivers; - KVM subsystem; (CVE-2022-48816, CVE-2023-53673, CVE-2025-37778, CVE-2025-37822, CVE-2025-37924, CVE-2025-38201, CVE-2025-40082, CVE-2025-68214, CVE-2025-68263, CVE-2025-71089, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224, CVE-2026-23176, CVE-2026-23180, CVE-2026-23182, CVE-2026-23190, CVE-2026-23193, CVE-2026-23198, CVE-2026-23202, CVE-2026-23206, CVE-2026-23216, CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23262, CVE-2026-23272, CVE-2026-23278, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455,CVE-2026-31402, CVE-2026-31418, CVE-2026-31478, CVE-2026-31607, CVE-2026-31637, CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668, CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071, CVE-2026-43114, CVE-2026-43117, CVE-2026-43186, CVE-2026-43304, CVE-2026-43341, CVE-2026-43383, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45988, CVE-2026-46043, CVE-2026-46119, CVE-2026-46135, CVE-2026-46195, CVE-2026-46243) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.15.0-1108-oracle 5.15.0-1108.114~20.04.1 Available with Ubuntu Pro linux-image-oracle 5.15.0.1108.114~20.04.1 Available with Ubuntu Pro linux-image-oracle-5.15 5.15.0.1108.114~20.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8493-2 https://ubuntu.com/security/notices/USN-8493-1 CVE-2022-48816, CVE-2023-53673, CVE-2025-37778, CVE-2025-37822, CVE-2025-37924, CVE-2025-38201, CVE-2025-40082, CVE-2025-68214, CVE-2025-68263, CVE-2025-71089, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224, CVE-2026-23176, CVE-2026-23180, CVE-2026-23182, CVE-2026-23190, CVE-2026-23193, CVE-2026-23198, CVE-2026-23202, CVE-2026-23206, CVE-2026-23216, CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23262, CVE-2026-23272, CVE-2026-23278, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455, CVE-2026-31402, CVE-2026-31418, CVE-2026-31478, CVE-2026-31607, CVE-2026-31637, CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668, CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071, CVE-2026-43114, CVE-2026-43117, CVE-2026-43186, CVE-2026-43304, CVE-2026-43341, CVE-2026-43383, CVE-2026-43406, CVE-2026-43407, CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45988, CVE-2026-46043, CVE-2026-46119, CVE-2026-46135, CVE-2026-46195, CVE-2026-46243 . Fixes multiple security issues in the Ubuntu Linux kernel. Update recommended to protect against potential system compromises.. Linux Kernel Security, Ubuntu Security Notice, Kernel Update Recommendations. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 02, 2026 Important Ubuntu
100

SUSE Linux 15-SP7 Xen Important Security Update CVE-2026-42487

An update that solves four vulnerabilities can now be installed.. # Security update for xen Announcement ID: SUSE-SU-2026:2364-1 Release Date: 2026-06-11T06:54:28Z Rating: important References: * bsc#1266952 * bsc#1266953 * bsc#1266955 Cross-References: * CVE-2026-42487 * CVE-2026-42488 * CVE-2026-42489 * CVE-2026-42490 CVSS scores: * CVE-2026-42487 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42487 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42488 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-42488 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-42489 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42489 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2026-42490 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2026-42490 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2026-42487: x86 HVM I/O port list traversal (bsc#1266952). * CVE-2026-42488: x86: mismatched mapcache metadata (bsc#1266955). * CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse (bsc#1266953). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2364=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2364=1 ## Package List: * Basesystem Module 15-SP7 (x86_64) * xen-libs-debuginfo-4.20.3_06-150700.3.41.1 * xen-tools-domU-debuginfo-4.20.3_06-150700.3.41.1 * xen-libs-4.20.3_06-150700.3.41.1 * xen-tools-domU-4.20.3_06-150700.3.41.1 * xen-debugsource-4.20.3_06-150700.3.41.1 * Server Applications Module 15-SP7 (x86_64) * xen-tools-4.20.3_06-150700.3.41.1 * xen-devel-4.20.3_06-150700.3.41.1 * xen-tools-debuginfo-4.20.3_06-150700.3.41.1 * xen-debugsource-4.20.3_06-150700.3.41.1 * xen-4.20.3_06-150700.3.41.1 * Server Applications Module 15-SP7 (noarch) * xen-tools-xendomains-wait-disk-4.20.3_06-150700.3.41.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42487.html * https://www.suse.com/security/cve/CVE-2026-42488.html * https://www.suse.com/security/cve/CVE-2026-42489.html * https://www.suse.com/security/cve/CVE-2026-42490.html * https://bugzilla.suse.com/show_bug.cgi?id=1266952 * https://bugzilla.suse.com/show_bug.cgi?id=1266953 * https://bugzilla.suse.com/show_bug.cgi?id=1266955 . Install the important security update for xen to fix four vulnerabilities affecting SUSE Linux Enterprise systems.. SUSE Xen Update Security, Important Xen Patch, Linux Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 11, 2026 Important SuSE
172

Ubuntu 26.04 LTS Major Privilege Escalation Vulnerabilities USN-8370-1

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8370-1 June 02, 2026 linux, linux-aws, linux-gcp, linux-ibm, linux-nvidia, linux-oracle, linux-raspi, linux-realtime vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-nvidia: Linux kernel for NVIDIA systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-realtime: Linux kernel for Real-time systems Details: It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43284, CVE-2026-43500, CVE-2026-45998, CVE-2026-46000) It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43503, CVE-2026-46300) Qualys discovered that a race condition existed in the ptrace subsystem of the Linux kernel when privileged processes are exiting. An unprivileged local attacker could use this issue to expose sensitive information. (CVE-2026-46333) Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0 contain a memory leak when handling AppArmornotifications. A local attacker could use this to cause resource exhaustion. (CVE-2026-47326) Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0 contain a NULL pointer dereference when handling AppArmor notifications. A local attacker could use this to cause a kernel oops. (CVE-2026-47327) Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0 contained an invalid free when handling AppArmor notifications. A local attacker could use this to corrupt kernel memory. (CVE-2026-47328) Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0 contained insufficient validation of AppArmor notification responses. A local attacker could use this to allow crafted responses to be processed. (CVE-2026-47329) Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0 used an uninitialized variable when handling AppArmor notifications. A local attacker could use this to cause incorrect caching of data. (CVE-2026-47330) Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0 contained an out-of-bounds (OOB) read when handling AppArmor notifications. A local attacker could use this to cause information disclosure of kernel memory. (CVE-2026-47332) Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0 contained a out-of-bounds (OOB) read when handling AppArmor notifications. A local attacker could use this to cause kernel memory corruption and, theoretically, influence processing of AppArmor policies. (CVE-2026-47333) Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0 contained incorrect holding of locks when handling AppArmor notifications. A local attacker could use this to cause a kernel panic or deadlock. (CVE-2026-47334) Tristan Madani and Trevor Lawrence have each independently discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0 contained a NULL pointer dereference when handling AppArmor network socket mediation. A local attacker could use this to cause a kernel oops. (CVE-2026-47337) A security issue wasdiscovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - RDS protocol; (CVE-2026-43494) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS linux-image-7.0.0-1005-gcp 7.0.0-1005.5 linux-image-7.0.0-1005-gcp-64k 7.0.0-1005.5 linux-image-7.0.0-1005-oracle 7.0.0-1005.5 linux-image-7.0.0-1005-oracle-64k 7.0.0-1005.5 linux-image-7.0.0-1006-aws 7.0.0-1006.6 linux-image-7.0.0-1006-aws-64k 7.0.0-1006.6 linux-image-7.0.0-1007-ibm 7.0.0-1007.7 linux-image-7.0.0-1009-nvidia 7.0.0-1009.9 linux-image-7.0.0-1009-nvidia-64k 7.0.0-1009.9 linux-image-7.0.0-1011-raspi 7.0.0-1011.11 linux-image-7.0.0-1011-raspi-realtime 7.0.0-1011.11 linux-image-7.0.0-22-generic 7.0.0-22.22 linux-image-7.0.0-22-generic-64k 7.0.0-22.22 linux-image-7.0.0-22-realtime 7.0.0-22.22.1 linux-image-7.0.0-22-realtime-64k 7.0.0-22.22.1 linux-image-aws 7.0.0-1006.6 linux-image-aws-64k 7.0.0-1006.6 linux-image-aws-64k-7.0 7.0.0-1006.6 linux-image-aws-7.0 7.0.0-1006.6 linux-image-gcp 7.0.0-1005.5 linux-image-gcp-64k 7.0.0-1005.5 linux-image-gcp-64k-7.0 7.0.0-1005.5 linux-image-gcp-7.0 7.0.0-1005.5 linux-image-generic 7.0.0-22.22 linux-image-generic-64k 7.0.0-22.22 linux-image-generic-64k-7.0 7.0.0-22.22 linux-image-generic-64k-hwe-26.04 7.0.0-22.22 linux-image-generic-7.0 7.0.0-22.22 linux-image-generic-hwe-26.04 7.0.0-22.22 linux-image-ibm 7.0.0-1007.7 linux-image-ibm-7.0 7.0.0-1007.7 linux-image-nvidia 7.0.0-1009.9 linux-image-nvidia-64k 7.0.0-1009.9 linux-image-nvidia-64k-7.0 7.0.0-1009.9 linux-image-nvidia-7.0 7.0.0-1009.9 linux-image-oracle 7.0.0-1005.5 linux-image-oracle-64k 7.0.0-1005.5 linux-image-oracle-64k-7.0 7.0.0-1005.5 linux-image-oracle-7.0 7.0.0-1005.5 linux-image-raspi 7.0.0-1011.11 linux-image-raspi-7.0 7.0.0-1011.11 linux-image-raspi-realtime 7.0.0-1011.11 linux-image-raspi-realtime-7.0 7.0.0-1011.11 linux-image-realtime 7.0.0-22.22.1 linux-image-realtime-64k 7.0.0-22.22.1 linux-image-realtime-64k-7.0 7.0.0-22.22.1 linux-image-realtime-64k-hwe-26.04 7.0.0-22.22.1 linux-image-realtime-7.0 7.0.0-22.22.1 linux-image-realtime-hwe-26.04 7.0.0-22.22.1 linux-image-virtual 7.0.0-22.22 linux-image-virtual-7.0 7.0.0-22.22 linux-image-virtual-hwe-26.04 7.0.0-22.22 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8370-1 CVE-2026-43284, CVE-2026-43494, CVE-2026-43500, CVE-2026-43503, CVE-2026-45998, CVE-2026-46000, CVE-2026-46300, CVE-2026-46333, CVE-2026-47326, CVE-2026-47327, CVE-2026-47328, CVE-2026-47329, CVE-2026-47330, CVE-2026-47332, CVE-2026-47333, CVE-2026-47334, CVE-2026-47337 Package Information: https://launchpad.net/ubuntu/+source/linux/7.0.0-22.22 https://launchpad.net/ubuntu/+source/linux-aws/7.0.0-1006.6 https://launchpad.net/ubuntu/+source/linux-gcp/7.0.0-1005.5 https://launchpad.net/ubuntu/+source/linux-ibm/7.0.0-1007.7 https://launchpad.net/ubuntu/+source/linux-nvidia/7.0.0-1009.9 https://launchpad.net/ubuntu/+source/linux-oracle/7.0.0-1005.5 https://launchpad.net/ubuntu/+source/linux-raspi/7.0.0-1011.11 https://launchpad.net/ubuntu/+source/linux-realtime/7.0.0-22.22.1 . Address critical Linux kernel issues affecting Ubuntu 26.04 LTS. Tackle local privilege escalation risks today.. Linux kernel, Ubuntu security, memory leak fixes, privilege escalation, system vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 02, 2026 Critical Ubuntu
99

Urgent Resolution for rxrpc Vulnerabilities in Slackware 15.0 Kernel

New kernel packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] kernel (SSA:2026-152-01) New kernel packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/linux-5.15.209/kernel-generic-5.15.209-i586-1.txz: Upgraded. This update fixes security issues: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing rxrpc: Fix anonymous key handling rxrpc: only handle RESPONSE during service challenge rxrpc: Fix recvmsg() unconditional requeue rxrpc: reject undecryptable rxkad response tickets rxrpc: Fix call removal to use RCU safe deletion rxrpc: Fix key quota calculation for multitoken keys rxrpc: proc: size address buffers for %pISpc output For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-31696 https://www.cve.org/CVERecord?id=CVE-2026-31676 https://www.cve.org/CVERecord?id=CVE-2026-23066 https://www.cve.org/CVERecord?id=CVE-2026-31637 https://www.cve.org/CVERecord?id=CVE-2026-31642 https://www.cve.org/CVERecord?id=CVE-2026-31630 (* Security fix *) patches/packages/linux-5.15.209/kernel-generic-smp-5.15.209_smp-i686-1.txz: Upgraded. This update fixes security issues: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing rxrpc: Fix anonymous key handling rxrpc: only handle RESPONSE during service challenge rxrpc: Fix recvmsg() unconditional requeue rxrpc: reject undecryptable rxkad response tickets rxrpc: Fix call removal to use RCU safe deletion rxrpc: Fix key quota calculation for multitoken keys rxrpc: proc: size address buffers for %pISpc output For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-31696 https://www.cve.org/CVERecord?id=CVE-2026-31676 https://www.cve.org/CVERecord?id=CVE-2026-23066 https://www.cve.org/CVERecord?id=CVE-2026-31637 https://www.cve.org/CVERecord?id=CVE-2026-31642 https://www.cve.org/CVERecord?id=CVE-2026-31630 (* Security fix *) patches/packages/linux-5.15.209/kernel-headers-5.15.209_smp-x86-1.txz: Upgraded. patches/packages/linux-5.15.209/kernel-huge-5.15.209-i586-1.txz: Upgraded. This update fixes security issues: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing rxrpc: Fix anonymous key handling rxrpc: only handle RESPONSE during service challenge rxrpc: Fix recvmsg() unconditional requeue rxrpc: reject undecryptable rxkad response tickets rxrpc: Fix call removal to use RCU safe deletion rxrpc: Fix key quota calculation for multitoken keys rxrpc: proc: size address buffers for %pISpc output For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-31696 https://www.cve.org/CVERecord?id=CVE-2026-31676 https://www.cve.org/CVERecord?id=CVE-2026-23066 https://www.cve.org/CVERecord?id=CVE-2026-31637 https://www.cve.org/CVERecord?id=CVE-2026-31642 https://www.cve.org/CVERecord?id=CVE-2026-31630 (* Security fix *) patches/packages/linux-5.15.209/kernel-huge-smp-5.15.209_smp-i686-1.txz: Upgraded. This update fixes security issues: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing rxrpc: Fix anonymous key handling rxrpc: only handle RESPONSE during service challenge rxrpc: Fix recvmsg() unconditional requeue rxrpc: reject undecryptable rxkad response tickets rxrpc: Fix call removal to use RCU safe deletion rxrpc: Fix key quota calculation for multitoken keys rxrpc: proc: size address buffers for %pISpc output For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-31696 https://www.cve.org/CVERecord?id=CVE-2026-31676 https://www.cve.org/CVERecord?id=CVE-2026-23066 https://www.cve.org/CVERecord?id=CVE-2026-31637 https://www.cve.org/CVERecord?id=CVE-2026-31642 https://www.cve.org/CVERecord?id=CVE-2026-31630 (*Security fix *) patches/packages/linux-5.15.209/kernel-modules-5.15.209-i586-1.txz: Upgraded. patches/packages/linux-5.15.209/kernel-modules-smp-5.15.209_smp-i686-1.txz: Upgraded. patches/packages/linux-5.15.209/kernel-source-5.15.209_smp-noarch-1.txz: Upgraded. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.209/kernel-generic-5.15.209-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.209/kernel-generic-smp-5.15.209_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.209/kernel-headers-5.15.209_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.209/kernel-huge-5.15.209-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.209/kernel-huge-smp-5.15.209_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.209/kernel-modules-5.15.209-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.209/kernel-modules-smp-5.15.209_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.209/kernel-source-5.15.209_smp-noarch-1.txz Updated packages for Slackware x86_6415.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/linux-5.15.209/kernel-generic-5.15.209-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/linux-5.15.209/kernel-headers-5.15.209-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/linux-5.15.209/kernel-huge-5.15.209-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/linux-5.15.209/kernel-modules-5.15.209-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/linux-5.15.209/kernel-source-5.15.209-noarch-1.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-6.12.92-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-headers-6.12.92-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-source-6.12.92-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-6.18.x/kernel-generic-6.18.34-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-6.18.x/kernel-headers-6.18.34-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-6.18.x/kernel-source-6.18.34-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-7.0.x/kernel-generic-7.0.11-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-7.0.x/kernel-headers-7.0.11-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/linux-7.0.x/kernel-source-7.0.11-noarch-1.txz Updated packages for Slackware x86_64-current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-generic-6.18.34-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-headers-6.18.34-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-source-6.18.34-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/testing/packages/linux-7.0.x/kernel-generic-7.0.11-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/testing/packages/linux-7.0.x/kernel-headers-7.0.11-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/testing/packages/linux-7.0.x/kernel-source-7.0.11-noarch-1.txz MD5 signatures: +-------------+ Slackware 15.0 packages: 0087a3143a15048e6ba145f2a084191d kernel-generic-5.15.209-i586-1.txz 61b381a97c64d49ae6df95c218749380 kernel-generic-smp-5.15.209_smp-i686-1.txz 5619040f39e7e941b5496c54cf7cbee6 kernel-headers-5.15.209_smp-x86-1.txz 4ca45f7cc6ca2f3ba83a0ecb95a8a8a6 kernel-huge-5.15.209-i586-1.txz b83be05421f475a23ef8f03bdeda5f78 kernel-huge-smp-5.15.209_smp-i686-1.txz 4a10e71a859bb91d2afecad49d115cf1 kernel-modules-5.15.209-i586-1.txz e6c5e1f1aa0f6065c9b291b28040970d kernel-modules-smp-5.15.209_smp-i686-1.txz 30f9fa767297bca0150fdb6fd09ed842 kernel-source-5.15.209_smp-noarch-1.txz Slackware x86_64 15.0 packages: a4dfa657205a1604a7304375dcc447ef kernel-generic-5.15.209-x86_64-1.txz ec28794ae0823c076bb446fb92056e88 kernel-headers-5.15.209-x86-1.txz af313da2ce014d5696164f7a900afb61 kernel-huge-5.15.209-x86_64-1.txz 79dab68b6ff91292360784a89a275512 kernel-modules-5.15.209-x86_64-1.txz d21fb99c8a00aeee290c1dec6050d783 kernel-source-5.15.209-noarch-1.txz Slackware -current packages: 1e786beda07ffc5e75865efb27eda603 kernel-firmware-20260529_d953ad8-noarch-1.txz e3e59a5f0ca8fdcbea2b35580c14fef1 kernel-generic-6.12.92-i686-1.txz 2e86867ab7888573637062568a89236a kernel-headers-6.12.92-x86-1.txz 1ea8aeaaa7a1fd5438d06be1ce82de69 kernel-source-6.12.92-noarch-1.txz 0da6557abf8fc3a4672ffa0d4e29b704 kernel-generic-6.18.34-i686-1.txz a1c2fda540370f8641fe411158673ff2 kernel-headers-6.18.34-x86-1.txz 89dcca6a8f587653b131e344e8f292a8 kernel-source-6.18.34-noarch-1.txz 4d69cd5a69cf01010b2c703e19215802 kernel-generic-7.0.11-i686-1.txz 1c194dfcbd015aa8b21c3e8b9acf385b kernel-headers-7.0.11-x86-1.txz d804983f50a917f0d302fb3e5d1996ef kernel-source-7.0.11-noarch-1.txz Slackware x86_64 -current packages: 1e786beda07ffc5e75865efb27eda603 kernel-firmware-20260529_d953ad8-noarch-1.txz 58878534d2b789e986f521f960605856 kernel-generic-6.18.34-x86_64-1.txz 04867dfa23926a9d626a9731a1beb035 kernel-headers-6.18.34-x86-1.txz 21cfe4f290df8d8bd87cbd4c66024d60 kernel-source-6.18.34-noarch-1.txz f66140c36afa287308d6f56def01e64b kernel-generic-7.0.11-x86_64-1.txz e00d3dfdf5e137dfb8d83b4c19313cad kernel-headers-7.0.11-x86-1.txz 2018ef751d6873adc9c4ff06810d2f68 kernel-source-7.0.11-noarch-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg kernel-*.txz If you are using an initrd, you'll need to rebuild it. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 15.0): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 5.15.209-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 15.0): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 5.15.209 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 5.15.209-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 5.15.209 as theversion. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition. +-----+ . New kernel packages for Slackware 15.0 address critical security risks with enhanced rxrpc functionalities.. Slackware kernel fix, rxrpc security, Linux kernel vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 01, 2026 Critical Slackware
172

Ubuntu 22.04 8289-2 Linux-Nvidia Kernel Privilege Escalation Fix

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8289-2 May 25, 2026 linux-nvidia-6.8 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-nvidia-6.8: Linux kernel for NVIDIA systems Details: It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Cryptographic API; - Compute Acceleration Framework; - Drivers core; - Null block device driver; - Ublk userspace block driver; - Bluetooth drivers; - Counter interface drivers; - DMA engine subsystem; - DPLL subsystem; - GPU drivers; - HID subsystem; - Intel Trace Hub HW tracing drivers; - IIO ADC drivers; - IIO subsystem; - On-Chip Interconnect management framework; - IRQ chip drivers; - Modular ISDN driver; - LED subsystem; - Multiple devices driver; - UACCE accelerator framework; - MMC subsystem; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - NVME drivers; - PHY drivers; - x86 platform drivers; - i.MX PM domains; - SCSI subsystem; - SLIMbus drivers; - SPI subsystem; - TCM subsystem; - W1 Dallas's 1-wire bus driver; - Xen hypervisor drivers; - BTRFS file system; - EFI Variable file system; - exFAT file system; - Ext4 file system; - HFS+ file system; - Networkfile system (NFS) client; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - Scheduler infrastructure; - Netfilter; - NFC subsystem; - Tracing infrastructure; - io_uring subsystem; - BPF subsystem; - Perf events; - Floating proportions library; - Memory management; - Bluetooth subsystem; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - L2TP protocol; - MAC80211 subsystem; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - TLS protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - ALSA AC97 driver; - Generic PCM loopback sound driver; - Creative Sound Blaster X-Fi driver; - AMD SoC Alsa drivers; - Texas InstrumentS Audio (ASoC/HDA) drivers; - USB sound devices; - KVM subsystem; (CVE-2024-50004, CVE-2024-58096, CVE-2024-58097, CVE-2025-37926, CVE-2025-38201, CVE-2025-38591, CVE-2025-40039, CVE-2025-40082, CVE-2025-40149, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365, CVE-2025-68725, CVE-2025-68749, CVE-2025-68803, CVE-2025-68823, CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180, CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190, CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194, CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198, CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976, CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980, CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991, CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001, CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010, CVE-2026-23011, CVE-2026-23019, CVE-2026-23020,CVE-2026-23021, CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031, CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037, CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050, CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057, CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062, CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068, CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087, CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107, CVE-2026-23108, CVE-2026-23110, CVE-2026-23113, CVE-2026-23116, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123, CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128, CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135, CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141, CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146, CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156, CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164, CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170, CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178, CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187, CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198, CVE-2026-23200, CVE-2026-23204, CVE-2026-23205, CVE-2026-23206, CVE-2026-23212, CVE-2026-23213, CVE-2026-23214, CVE-2026-23215, CVE-2026-23216, CVE-2026-23254, CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23260, CVE-2026-23261, CVE-2026-23262, CVE-2026-23264, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078) Updateinstructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-6.8.0-1054-nvidia 6.8.0-1054.57~22.04.1 linux-image-6.8.0-1054-nvidia-64k 6.8.0-1054.57~22.04.1 linux-image-nvidia-6.8 6.8.0-1054.57~22.04.1 linux-image-nvidia-64k-6.8 6.8.0-1054.57~22.04.1 linux-image-nvidia-64k-hwe-22.04 6.8.0-1054.57~22.04.1 linux-image-nvidia-hwe-22.04 6.8.0-1054.57~22.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8289-2 https://ubuntu.com/security/notices/USN-8289-1 CVE-2024-50004, CVE-2024-58096, CVE-2024-58097, CVE-2025-37926, CVE-2025-38201, CVE-2025-38591, CVE-2025-40039, CVE-2025-40082, CVE-2025-40149, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365, CVE-2025-68725, CVE-2025-68749, CVE-2025-68803, CVE-2025-68823, CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180, CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190, CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194, CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198, CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976, CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980, CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991, CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001, CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010, CVE-2026-23011, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021, CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031, CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037, CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050, CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057, CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062, CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068, CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087, CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107, CVE-2026-23108, CVE-2026-23110, CVE-2026-23113, CVE-2026-23116, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123, CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128, CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135, CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141, CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146, CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156, CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164, CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170, CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178, CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187, CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198, CVE-2026-23200, CVE-2026-23204, CVE-2026-23205, CVE-2026-23206, CVE-2026-23212, CVE-2026-23213, CVE-2026-23214, CVE-2026-23215, CVE-2026-23216, CVE-2026-23254,CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23260, CVE-2026-23261, CVE-2026-23262, CVE-2026-23264, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394, CVE-2026-31419, CVE-2026-31431, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078 Package Information: https://launchpad.net/ubuntu/+source/linux-nvidia-6.8/6.8.0-1054.57~22.04.1 . Several critical security issues impacting Ubuntu 22.04 LTS Linux kernel for NVIDIA systems resolved with this update. . Linux Security Update, Ubuntu Kernel Patch, NVIDIA Linux Kernel. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 25, 2026 Important Ubuntu
100

SUSE Linux Micro Kernel Important Security Update 2026-21673-1

An update that solves two vulnerabilities can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21673-1 Release Date: 2026-05-15T09:50:08Z Rating: important References: * bsc#1264013 * bsc#1265209 Cross-References: * CVE-2025-54518 * CVE-2026-46300 CVSS scores: * CVE-2025-54518 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-54518 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-54518 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-46300 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46300 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache (bsc#1264013). * CVE-2026-46300: net: skbuff: propagate shared-frag marker through pskb_copy() (bsc#1265209). The following non security issue was fixed: * io-wq: check that the predecessor is hashed in io_wq_remove_pending() (git- fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-429=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * kernel-devel-6.4.0-44.1 * kernel-source-6.4.0-44.1 *kernel-macros-6.4.0-44.1 * SUSE Linux Micro 6.0 (aarch64 nosrc s390x x86_64) * kernel-default-6.4.0-44.1 * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * kernel-default-debuginfo-6.4.0-44.1 * kernel-default-debugsource-6.4.0-44.1 * SUSE Linux Micro 6.0 (aarch64 x86_64) * kernel-default-base-6.4.0-44.1.21.21 * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-default-livepatch-6.4.0-44.1 * SUSE Linux Micro 6.0 (nosrc x86_64) * kernel-kvmsmall-6.4.0-44.1 * SUSE Linux Micro 6.0 (x86_64) * kernel-kvmsmall-debugsource-6.4.0-44.1 * kernel-kvmsmall-debuginfo-6.4.0-44.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54518.html * https://www.suse.com/security/cve/CVE-2026-46300.html * https://bugzilla.suse.com/show_bug.cgi?id=1264013 * https://bugzilla.suse.com/show_bug.cgi?id=1265209 . Install important kernel update for SUSE Linux Micro 6.0 addressing two known issues with significant risks.. SUSE Linux Micro, kernel update, security patch, important kernel issue. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 19, 2026 Important SuSE
172

Ubuntu 18.04 16.04 Azure Kernel Critical System Compromise USN-8112-3

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8112-3 March 24, 2026 linux-azure, linux-azure-4.15 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - MMC subsystem; - Network drivers; - USB Device Class drivers; - BTRFS file system; - HFS+ file system; - XFRM subsystem; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Simplified Mandatory Access Control Kernel framework; (CVE-2021-47599, CVE-2022-48875, CVE-2022-49267, CVE-2024-47659, CVE-2024-49927, CVE-2024-56548, CVE-2024-56581, CVE-2024-56593, CVE-2025-21704, CVE-2025-40215) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS linux-image-4.15.0-1197-azure 4.15.0-1197.212 Available with Ubuntu Pro linux-image-azure-4.15 4.15.0.1197.165 Available with Ubuntu Pro linux-image-azure-lts-18.04 4.15.0.1197.165 Available with Ubuntu Pro Ubuntu 16.04 LTS linux-image-4.15.0-1197-azure 4.15.0-1197.212~16.04.1 Available with Ubuntu Pro linux-image-azure 4.15.0.1197.212~16.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computerto make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8112-3 https://ubuntu.com/security/notices/USN-8112-2 https://ubuntu.com/security/notices/USN-8112-1 CVE-2021-47599, CVE-2022-48875, CVE-2022-49267, CVE-2024-47659, CVE-2024-49927, CVE-2024-56548, CVE-2024-56581, CVE-2024-56593, CVE-2025-21704, CVE-2025-40215 . Critical updates for Ubuntu security issues in linux-azure kernel impact Azure systems; update recommended.. Ubuntu security update, linux-azure kernel, system compromise, Azure vulnerability, kernel issues. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Mar 24, 2026 Critical Ubuntu
172

Ubuntu 24.04 LTS Linux Kernel Critical Exploitation Issues USN-8094-3

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8094-3 March 23, 2026 linux-realtime-6.17 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-realtime-6.17: Linux kernel for Real-time systems Details: Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information (kernel memory), local privilege escalation, or possibly escape a container. (LP: #2143853) It was discovered that some AMD Zen 5 processors supporting RDSEED instruction did not properly handle entropy, potentially resulting in the consumption of insufficiently random values. A local attacker could possibly use this issue to influence the values returned by the RDSEED instruction causing loss of confidentiality and integrity. (CVE-2025-62626) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Compute Acceleration Framework; - ATM drivers; - Network block device driver; - Bluetooth drivers; - Data acquisition framework and drivers; - Hardware crypto device drivers; - Device frequency scaling framework; - Intel Stratix 10 firmware drivers; - GPIO subsystem; - GPU drivers; - Microsoft Hyper-V drivers; - CoreSight HW tracing drivers; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; -Input Device (Tablet) drivers; - IOMMU subsystem; - IRQ chip drivers; - Macintosh device drivers; - Multiple devices driver; - MOST (Media Oriented Systems Transport) drivers; - MTD block device drivers; - Network drivers; - Mellanox network drivers; - Texas Instruments network drivers; - Ethernet team driver; - MediaTek network drivers; - NVME drivers; - Pin controllers subsystem; - x86 platform drivers; - Voltage and Current Regulator drivers; - Real Time Clock drivers; - S/390 drivers; - SCSI subsystem; - Texas Instruments SoC drivers; - SPI subsystem; - Media Oriented Systems Transport (MOST) driver; - Realtek RTL8723BS SDIO drivers; - TCM subsystem; - UFS subsystem; - DesignWare USB3 driver; - USB Gadget drivers; - Renesas USBHS Controller drivers; - USB Mass Storage drivers; - USB Type-C Connector System Software Interface driver; - Backlight driver; - Framebuffer layer; - AFS file system; - BFS file system; - BTRFS file system; - EROFS file system; - Ext4 file system; - FAT file system; - GFS2 file system; - Journaling layer for block devices (JBD2); - File systems infrastructure; - Network file system (NFS) client; - NTFS3 file system; - OCFS2 file system; - SMB network file system; - XFS file system; - BPF subsystem; - MediaTek SoC drivers; - Bluetooth subsystem; - io_uring subsystem; - Locking primitives; - Scheduler infrastructure; - Timer subsystem; - Tracing infrastructure; - Kexec HandOver (KHO); - Memory management; - Ceph Core library; - Networking core; - Devlink API; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Open vSwitch; - Network traffic control; - VMware vSockets driver; - eXpress Data Path; - Integrity Measurement Architecture(IMA) framework; - Simplified Mandatory Access Control Kernel framework; - FireWire sound drivers; - HD-audio driver; - Turtle Beach WavefrontALSA driver; - SoundWire (SDCA) ASoC drivers; (CVE-2025-40246, CVE-2025-40247, CVE-2025-40248, CVE-2025-40249, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40255, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40260, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40265, CVE-2025-40266, CVE-2025-40290, CVE-2025-40345, CVE-2025-68212, CVE-2025-68213, CVE-2025-68214, CVE-2025-68215, CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68221, CVE-2025-68222, CVE-2025-68223, CVE-2025-68225, CVE-2025-68227, CVE-2025-68228, CVE-2025-68229, CVE-2025-68230, CVE-2025-68231, CVE-2025-68232, CVE-2025-68233, CVE-2025-68234, CVE-2025-68235, CVE-2025-68236, CVE-2025-68237, CVE-2025-68238, CVE-2025-68254, CVE-2025-68255, CVE-2025-68256, CVE-2025-68257, CVE-2025-68258, CVE-2025-68259, CVE-2025-68261, CVE-2025-68262, CVE-2025-68263, CVE-2025-68264, CVE-2025-68265, CVE-2025-68266, CVE-2025-68281, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68292, CVE-2025-68293, CVE-2025-68294, CVE-2025-68295, CVE-2025-68296, CVE-2025-68297, CVE-2025-68298, CVE-2025-68299, CVE-2025-68300, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68304, CVE-2025-68305, CVE-2025-68306, CVE-2025-68307, CVE-2025-68308, CVE-2025-68323, CVE-2025-68324, CVE-2025-68325, CVE-2025-68326, CVE-2025-68327, CVE-2025-68328, CVE-2025-68329, CVE-2025-68330, CVE-2025-68331, CVE-2025-68332, CVE-2025-68333, CVE-2025-68334, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337, CVE-2025-68338, CVE-2025-68339, CVE-2025-68340, CVE-2025-68341, CVE-2025-68342, CVE-2025-68343, CVE-2025-68344, CVE-2025-68345, CVE-2025-68346, CVE-2025-68347, CVE-2025-68348, CVE-2025-68349, CVE-2025-68352, CVE-2025-68354, CVE-2025-68356, CVE-2025-68358, CVE-2025-68359, CVE-2025-68360, CVE-2025-68361, CVE-2025-68362, CVE-2025-68363, CVE-2025-68364, CVE-2025-68366,CVE-2025-68367, CVE-2025-68369, CVE-2025-68370, CVE-2025-68371, CVE-2025-68372, CVE-2025-68373, CVE-2025-68374, CVE-2025-68375, CVE-2025-68376, CVE-2025-68378, CVE-2025-68379, CVE-2025-68380, CVE-2025-68724, CVE-2025-68726, CVE-2025-68727, CVE-2025-68728, CVE-2025-68729, CVE-2025-68730, CVE-2025-68732, CVE-2025-68733, CVE-2025-68735, CVE-2025-68738, CVE-2025-68739, CVE-2025-68740, CVE-2025-68741, CVE-2025-68742, CVE-2025-68743, CVE-2025-68744, CVE-2025-68746, CVE-2025-68747, CVE-2025-68748, CVE-2025-68749, CVE-2025-68751, CVE-2025-68752, CVE-2025-68753, CVE-2025-68754, CVE-2025-68755, CVE-2025-68756, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68760, CVE-2025-68762, CVE-2025-68763, CVE-2025-68764, CVE-2025-68765, CVE-2025-68766, CVE-2025-71128) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.17.0-1008-realtime 6.17.0-1008.9~24.04.1 Available with Ubuntu Pro linux-image-realtime-6.17 6.17.0-1008.9~24.04.1 Available with Ubuntu Pro linux-image-realtime-hwe-24.04 6.17.0-1008.9~24.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8094-3 https://ubuntu.com/security/notices/USN-8094-2 https://ubuntu.com/security/notices/USN-8094-1 https://launchpad.net/bugs/2143853 CVE-2025-40246, CVE-2025-40247, CVE-2025-40248, CVE-2025-40249, CVE-2025-40250, CVE-2025-40251, CVE-2025-40252, CVE-2025-40253, CVE-2025-40254, CVE-2025-40255, CVE-2025-40257, CVE-2025-40258, CVE-2025-40259, CVE-2025-40260, CVE-2025-40261, CVE-2025-40262, CVE-2025-40263, CVE-2025-40264, CVE-2025-40265, CVE-2025-40266, CVE-2025-40290, CVE-2025-40345, CVE-2025-62626, CVE-2025-68212, CVE-2025-68213, CVE-2025-68214, CVE-2025-68215, CVE-2025-68217, CVE-2025-68218, CVE-2025-68219, CVE-2025-68220, CVE-2025-68221, CVE-2025-68222, CVE-2025-68223, CVE-2025-68225, CVE-2025-68227, CVE-2025-68228, CVE-2025-68229, CVE-2025-68230, CVE-2025-68231, CVE-2025-68232, CVE-2025-68233, CVE-2025-68234, CVE-2025-68235, CVE-2025-68236, CVE-2025-68237, CVE-2025-68238, CVE-2025-68254, CVE-2025-68255, CVE-2025-68256, CVE-2025-68257, CVE-2025-68258, CVE-2025-68259, CVE-2025-68261, CVE-2025-68262, CVE-2025-68263, CVE-2025-68264, CVE-2025-68265, CVE-2025-68266, CVE-2025-68281, CVE-2025-68282, CVE-2025-68283, CVE-2025-68284, CVE-2025-68285, CVE-2025-68286, CVE-2025-68287, CVE-2025-68288, CVE-2025-68289, CVE-2025-68290, CVE-2025-68292, CVE-2025-68293, CVE-2025-68294, CVE-2025-68295, CVE-2025-68296, CVE-2025-68297, CVE-2025-68298, CVE-2025-68299, CVE-2025-68300, CVE-2025-68301, CVE-2025-68302, CVE-2025-68303, CVE-2025-68304, CVE-2025-68305, CVE-2025-68306, CVE-2025-68307, CVE-2025-68308, CVE-2025-68323, CVE-2025-68324, CVE-2025-68325, CVE-2025-68326, CVE-2025-68327, CVE-2025-68328, CVE-2025-68329, CVE-2025-68330, CVE-2025-68331, CVE-2025-68332, CVE-2025-68333, CVE-2025-68334, CVE-2025-68335, CVE-2025-68336, CVE-2025-68337, CVE-2025-68338, CVE-2025-68339, CVE-2025-68340, CVE-2025-68341, CVE-2025-68342, CVE-2025-68343, CVE-2025-68344, CVE-2025-68345, CVE-2025-68346, CVE-2025-68347, CVE-2025-68348, CVE-2025-68349, CVE-2025-68352, CVE-2025-68354, CVE-2025-68356, CVE-2025-68358, CVE-2025-68359, CVE-2025-68360, CVE-2025-68361, CVE-2025-68362, CVE-2025-68363, CVE-2025-68364, CVE-2025-68366, CVE-2025-68367, CVE-2025-68369,CVE-2025-68370, CVE-2025-68371, CVE-2025-68372, CVE-2025-68373, CVE-2025-68374, CVE-2025-68375, CVE-2025-68376, CVE-2025-68378, CVE-2025-68379, CVE-2025-68380, CVE-2025-68724, CVE-2025-68726, CVE-2025-68727, CVE-2025-68728, CVE-2025-68729, CVE-2025-68730, CVE-2025-68732, CVE-2025-68733, CVE-2025-68735, CVE-2025-68738, CVE-2025-68739, CVE-2025-68740, CVE-2025-68741, CVE-2025-68742, CVE-2025-68743, CVE-2025-68744, CVE-2025-68746, CVE-2025-68747, CVE-2025-68748, CVE-2025-68749, CVE-2025-68751, CVE-2025-68752, CVE-2025-68753, CVE-2025-68754, CVE-2025-68755, CVE-2025-68756, CVE-2025-68757, CVE-2025-68758, CVE-2025-68759, CVE-2025-68760, CVE-2025-68762, CVE-2025-68763, CVE-2025-68764, CVE-2025-68765, CVE-2025-68766, CVE-2025-71128 Package Information: . Multiple critical issues in Ubuntu 24.04 LTS Linux kernel resolved. Important updates required for system security and stability.. Ubuntu kernel issues, Linux real-time vulnerabilities, Ubuntu security updates. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Mar 23, 2026 Critical Ubuntu
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200