Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 14 articles for you...
172
security advisorycriticalUbuntuUbuntu 22.04 LTS Security Advisory USN-8279-1 Linux Kernel Critical Update
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8279-1 May 19, 2026 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-realtime vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS - linux-fips: Linux kernel with FIPS - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with FIPS - linux-gke: Linux kernel for Google Container Engine (GKE) systems - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-kvm: Linux kernel for cloud environments - linux-nvidia: Linux kernel for NVIDIA systems - linux-nvidia-tegra: Linux kernel for NVIDIA Tegra systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-realtime: Linux kernel for Real-time systems - linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems - linux-hwe-5.15: Linux hardware enablement (HWE) kernel - linux-ibm-5.15: Linux kernel for IBM cloud systems - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms - linux-nvidia-tegra-5.15: Linux kernel for NVIDIA Tegra systems Details: It was discovered that the Linuxkernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Ethernet bonding driver; - SMB network file system; - Netfilter; - io_uring subsystem; - Packet sockets; - TLS protocol; (CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-1060-nvidia-tegra 5.15.0-1060.60 linux-image-5.15.0-1060-nvidia-tegra-rt 5.15.0-1060.60 linux-image-5.15.0-1091-gkeop 5.15.0-1091.99 linux-image-5.15.0-1100-kvm 5.15.0-1100.105 linux-image-5.15.0-1102-ibm 5.15.0-1102.105 linux-image-5.15.0-1102-raspi 5.15.0-1102.105 linux-image-5.15.0-1103-intel-iotg 5.15.0-1103.109 linux-image-5.15.0-1103-nvidia 5.15.0-1103.104 linux-image-5.15.0-1103-nvidia-lowlatency 5.15.0-1103.104 linux-image-5.15.0-1104-gke 5.15.0-1104.110 linux-image-5.15.0-1105-oracle 5.15.0-1105.111 linux-image-5.15.0-1107-realtime 5.15.0-1107.116 Available with Ubuntu Pro linux-image-5.15.0-1108-aws 5.15.0-1108.115 linux-image-5.15.0-1108-aws-64k 5.15.0-1108.115 linux-image-5.15.0-1108-aws-fips 5.15.0-1108.115+fips1 Available with Ubuntu Pro linux-image-5.15.0-1108-gcp 5.15.0-1108.117 linux-image-5.15.0-1108-gcp-fips 5.15.0-1108.117+fips1 Available with Ubuntu Pro linux-image-5.15.0-179-fips 5.15.0-179.189+fips1 Available with Ubuntu Pro linux-image-5.15.0-179-generic 5.15.0-179.189 linux-image-5.15.0-179-generic-64k 5.15.0-179.189 linux-image-5.15.0-179-generic-lpae 5.15.0-179.189 linux-image-aws-5.15 5.15.0.1108.111 linux-image-aws-64k-5.15 5.15.0.1108.111 linux-image-aws-64k-lts-22.04 5.15.0.1108.111 linux-image-aws-fips 5.15.0.1108.104 Available with Ubuntu Pro linux-image-aws-fips-5.15 5.15.0.1108.104 Available with Ubuntu Pro linux-image-aws-lts-22.04 5.15.0.1108.111 linux-image-fips 5.15.0.179.105 Available with Ubuntu Pro linux-image-fips-5.15 5.15.0.179.105 Available with Ubuntu Pro linux-image-gcp-5.15 5.15.0.1108.104 linux-image-gcp-fips 5.15.0.1108.98 Available with Ubuntu Pro linux-image-gcp-fips-5.15 5.15.0.1108.98 Available with Ubuntu Pro linux-image-gcp-lts-22.04 5.15.0.1108.104 linux-image-generic 5.15.0.179.163 linux-image-generic-5.15 5.15.0.179.163 linux-image-generic-64k 5.15.0.179.163 linux-image-generic-64k-5.15 5.15.0.179.163 linux-image-generic-lpae 5.15.0.179.163 linux-image-generic-lpae-5.15 5.15.0.179.163 linux-image-gke 5.15.0.1104.103 linux-image-gke-5.15 5.15.0.1104.103 linux-image-gkeop 5.15.0.1091.90 linux-image-gkeop-5.15 5.15.0.1091.90 linux-image-ibm 5.15.0.1102.98 linux-image-ibm-5.15 5.15.0.1102.98 linux-image-intel-iotg 5.15.0.1103.102 linux-image-intel-iotg-5.15 5.15.0.1103.102 linux-image-kvm 5.15.0.1100.96 linux-image-kvm-5.15 5.15.0.1100.96 linux-image-nvidia 5.15.0.1103.103 linux-image-nvidia-5.15 5.15.0.1103.103 linux-image-nvidia-lowlatency 5.15.0.1103.103 linux-image-nvidia-lowlatency-5.15 5.15.0.1103.103 linux-image-nvidia-tegra 5.15.0.1060.60 linux-image-nvidia-tegra-5.15 5.15.0.1060.60 linux-image-nvidia-tegra-rt 5.15.0.1060.60 linux-image-nvidia-tegra-rt-5.15 5.15.0.1060.60 linux-image-oracle-5.15 5.15.0.1105.101 linux-image-oracle-lts-22.04 5.15.0.1105.101 linux-image-raspi 5.15.0.1102.100 linux-image-raspi-5.15 5.15.0.1102.100 linux-image-raspi-nolpae 5.15.0.1102.100 linux-image-realtime 5.15.0.1107.111 Available with Ubuntu Pro linux-image-realtime-5.15 5.15.0.1107.111 Available with Ubuntu Pro linux-image-virtual 5.15.0.179.163 linux-image-virtual-5.15 5.15.0.179.163 Ubuntu 20.04 LTS linux-image-5.15.0-1060-nvidia-tegra 5.15.0-1060.60~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1060-nvidia-tegra-rt 5.15.0-1060.60~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1102-ibm 5.15.0-1102.105~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1103-intel-iotg 5.15.0-1103.109~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1108-aws 5.15.0-1108.115~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-179-generic 5.15.0-179.189~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-179-generic-64k 5.15.0-179.189~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-179-generic-lpae 5.15.0-179.189~20.04.1 Available with Ubuntu Pro linux-image-aws 5.15.0.1108.115~20.04.1 Available with Ubuntu Pro linux-image-aws-5.15 5.15.0.1108.115~20.04.1 Available with Ubuntu Pro linux-image-generic-5.15 5.15.0.179.189~20.04.1 Available with Ubuntu Pro linux-image-generic-64k-5.15 5.15.0.179.189~20.04.1 Available with Ubuntu Pro linux-image-generic-64k-hwe-20.04 5.15.0.179.189~20.04.1 Available with Ubuntu Pro linux-image-generic-hwe-20.04 5.15.0.179.189~20.04.1 Available with Ubuntu Pro linux-image-generic-lpae-5.15 5.15.0.179.189~20.04.1 Available with Ubuntu Pro linux-image-generic-lpae-hwe-20.04 5.15.0.179.189~20.04.1 Available with Ubuntu Pro linux-image-ibm 5.15.0.1102.105~20.04.1 Available with Ubuntu Pro linux-image-ibm-5.15 5.15.0.1102.105~20.04.1 Available with Ubuntu Pro linux-image-intel 5.15.0.1103.109~20.04.1 Available with Ubuntu Pro linux-image-intel-iotg 5.15.0.1103.109~20.04.1 Available with Ubuntu Pro linux-image-intel-iotg-5.15 5.15.0.1103.109~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra 5.15.0.1060.60~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-5.15 5.15.0.1060.60~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-rt 5.15.0.1060.60~20.04.1 Available with Ubuntu Pro linux-image-nvidia-tegra-rt-5.15 5.15.0.1060.60~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04 5.15.0.179.189~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04b 5.15.0.179.189~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04c 5.15.0.179.189~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04d 5.15.0.179.189~20.04.1 Available with Ubuntu Pro linux-image-virtual-5.15 5.15.0.179.189~20.04.1 Available with Ubuntu Pro linux-image-virtual-hwe-20.04 5.15.0.179.189~20.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8279-1 CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351, CVE-2026-31419, CVE-2026-31431, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078 Package Information: https://launchpad.net/ubuntu/+source/linux/5.15.0-179.189 https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1108.115 https://launchpad.net/ubuntu/+source/linux-aws-fips/5.15.0-1108.115+fips1 https://launchpad.net/ubuntu/+source/linux-fips/5.15.0-179.189+fips1 https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1108.117 https://launchpad.net/ubuntu/+source/linux-gcp-fips/5.15.0-1108.117+fips1 https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1104.110 https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1091.99 https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1102.105 https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1103.109 https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1100.105 https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1103.104 https://launchpad.net/ubuntu/+source/linux-nvidia-tegra/5.15.0-1060.60 https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1105.111 https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1102.105 https://launchpad.net/ubuntu/+source/linux-realtime/5.15.0-1107.116 . Several security flaws in the Linux kernel addressed through Ubuntu's USN-8279-1 update require immediate action for users.. Linux Kernel Security, Ubuntu Security Update, Privilege Escalation Fix, Critical Security Patch. . Severity: Critical. LinuxSecurity.com Team
May 19, 2026
•Critical
Ubuntu
219
security advisoryimportantsudoRocky Linux 9 RLSA-2026-89102 High Security Patch for Sudo Element
Important: sudo security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:12310", "synopsis": "Important: sudo security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for sudo.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.\n\nSecurity Fix(es):\n\n* sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2454714", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2454714", "description": ""}], "cves": [{"name": "CVE-2026-35535", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35535", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.4", "cwe": "CWE-272"}], "references": [], "publishedAt": "2026-05-03T12:03:41.515195Z", "rpms": {"Rocky Linux 9": {"nvras": ["sudo-0:1.9.5p2-15.el9_7.aarch64.rpm", "sudo-0:1.9.5p2-15.el9_7.ppc64le.rpm", "sudo-0:1.9.5p2-15.el9_7.s390x.rpm", "sudo-0:1.9.5p2-15.el9_7.src.rpm", "sudo-0:1.9.5p2-15.el9_7.x86_64.rpm", "sudo-debuginfo-0:1.9.5p2-15.el9_7.aarch64.rpm", "sudo-debuginfo-0:1.9.5p2-15.el9_7.ppc64le.rpm", "sudo-debuginfo-0:1.9.5p2-15.el9_7.s390x.rpm", "sudo-debuginfo-0:1.9.5p2-15.el9_7.x86_64.rpm", "sudo-debugsource-0:1.9.5p2-15.el9_7.aarch64.rpm", "sudo-debugsource-0:1.9.5p2-15.el9_7.ppc64le.rpm","sudo-debugsource-0:1.9.5p2-15.el9_7.s390x.rpm", "sudo-debugsource-0:1.9.5p2-15.el9_7.x86_64.rpm", "sudo-python-plugin-0:1.9.5p2-15.el9_7.aarch64.rpm", "sudo-python-plugin-0:1.9.5p2-15.el9_7.ppc64le.rpm", "sudo-python-plugin-0:1.9.5p2-15.el9_7.s390x.rpm", "sudo-python-plugin-0:1.9.5p2-15.el9_7.x86_64.rpm", "sudo-python-plugin-debuginfo-0:1.9.5p2-15.el9_7.aarch64.rpm", "sudo-python-plugin-debuginfo-0:1.9.5p2-15.el9_7.ppc64le.rpm", "sudo-python-plugin-debuginfo-0:1.9.5p2-15.el9_7.s390x.rpm", "sudo-python-plugin-debuginfo-0:1.9.5p2-15.el9_7.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rocky Linux 9 receives an important sudo update for privilege escalation issues. Learn more about the security fix.. Rocky Linux Security Patch,Sudo Privilege Update,Sudo Security Issues. . Severity: Important. LinuxSecurity.com Team
May 03, 2026
•Important
Rocky Linux
219
security advisoryimportantsudoRocky Linux 10 RLSA-2026-20348 ssh Important Flaw CVE-2026-35545
Important: sudo security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:10758", "synopsis": "Important: sudo security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for sudo.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.\n\nSecurity Fix(es):\n\n* sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2454714", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2454714", "description": ""}], "cves": [{"name": "CVE-2026-35535", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35535", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.4", "cwe": "CWE-272"}], "references": [], "publishedAt": "2026-04-28T12:06:44.835475Z", "rpms": {"Rocky Linux 10": {"nvras": ["sudo-0:1.9.15-10.p5.el10_1.src.rpm", "sudo-python-plugin-debuginfo-0:1.9.15-10.p5.el10_1.aarch64.rpm", "sudo-python-plugin-0:1.9.15-10.p5.el10_1.ppc64le.rpm", "sudo-debugsource-0:1.9.15-10.p5.el10_1.ppc64le.rpm", "sudo-debuginfo-0:1.9.15-10.p5.el10_1.x86_64.rpm", "sudo-debuginfo-0:1.9.15-10.p5.el10_1.s390x.rpm", "sudo-python-plugin-0:1.9.15-10.p5.el10_1.aarch64.rpm", "sudo-debugsource-0:1.9.15-10.p5.el10_1.s390x.rpm", "sudo-python-plugin-0:1.9.15-10.p5.el10_1.x86_64.rpm","sudo-python-plugin-0:1.9.15-10.p5.el10_1.s390x.rpm", "sudo-debugsource-0:1.9.15-10.p5.el10_1.aarch64.rpm", "sudo-python-plugin-debuginfo-0:1.9.15-10.p5.el10_1.ppc64le.rpm", "sudo-0:1.9.15-10.p5.el10_1.x86_64.rpm", "sudo-python-plugin-debuginfo-0:1.9.15-10.p5.el10_1.x86_64.rpm", "sudo-debuginfo-0:1.9.15-10.p5.el10_1.aarch64.rpm", "sudo-debugsource-0:1.9.15-10.p5.el10_1.x86_64.rpm", "sudo-python-plugin-debuginfo-0:1.9.15-10.p5.el10_1.s390x.rpm", "sudo-0:1.9.15-10.p5.el10_1.aarch64.rpm", "sudo-0:1.9.15-10.p5.el10_1.ppc64le.rpm", "sudo-debuginfo-0:1.9.15-10.p5.el10_1.ppc64le.rpm", "sudo-0:1.9.15-10.p5.el10_1.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Update available for sudo on Rocky Linux addressing important privilege escalation issue. Action required to improve security.. Rocky Linux 10, Sudo Update, Privilege Escalation Fix. . Severity: Important. LinuxSecurity.com Team
Apr 28, 2026
•Important
Rocky Linux
219
security advisoryimportantsudoRocky Linux version 10 team Immediate Safety Update RLSA-2026-21371
Important: sudo security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:10758", "synopsis": "Important: sudo security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for sudo.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.\n\nSecurity Fix(es):\n\n* sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2454714", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2454714", "description": ""}], "cves": [{"name": "CVE-2026-35535", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35535", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.4", "cwe": "CWE-272"}], "references": [], "publishedAt": "2026-04-28T12:06:44.835475Z", "rpms": {"Rocky Linux 10": {"nvras": ["sudo-0:1.9.15-10.p5.el10_1.src.rpm", "sudo-python-plugin-debuginfo-0:1.9.15-10.p5.el10_1.aarch64.rpm", "sudo-python-plugin-0:1.9.15-10.p5.el10_1.ppc64le.rpm", "sudo-debugsource-0:1.9.15-10.p5.el10_1.ppc64le.rpm", "sudo-debuginfo-0:1.9.15-10.p5.el10_1.x86_64.rpm", "sudo-debuginfo-0:1.9.15-10.p5.el10_1.s390x.rpm", "sudo-python-plugin-0:1.9.15-10.p5.el10_1.aarch64.rpm", "sudo-debugsource-0:1.9.15-10.p5.el10_1.s390x.rpm", "sudo-python-plugin-0:1.9.15-10.p5.el10_1.x86_64.rpm","sudo-python-plugin-0:1.9.15-10.p5.el10_1.s390x.rpm", "sudo-debugsource-0:1.9.15-10.p5.el10_1.aarch64.rpm", "sudo-python-plugin-debuginfo-0:1.9.15-10.p5.el10_1.ppc64le.rpm", "sudo-0:1.9.15-10.p5.el10_1.x86_64.rpm", "sudo-python-plugin-debuginfo-0:1.9.15-10.p5.el10_1.x86_64.rpm", "sudo-debuginfo-0:1.9.15-10.p5.el10_1.aarch64.rpm", "sudo-debugsource-0:1.9.15-10.p5.el10_1.x86_64.rpm", "sudo-python-plugin-debuginfo-0:1.9.15-10.p5.el10_1.s390x.rpm", "sudo-0:1.9.15-10.p5.el10_1.aarch64.rpm", "sudo-0:1.9.15-10.p5.el10_1.ppc64le.rpm", "sudo-debuginfo-0:1.9.15-10.p5.el10_1.ppc64le.rpm", "sudo-0:1.9.15-10.p5.el10_1.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important sudo update for Rocky Linux 10 addresses privilege escalation issue. Ensure timely patch to protect your system effectively.. Rocky Linux 10 sudo security patch, privilege escalation fix, Important advisory. . Severity: Important. LinuxSecurity.com Team
Apr 28, 2026
•Important
Rocky Linux
100
security advisorymoderateSuSESUSE Linux Micro 6.2 Advisory 2026-20758-1 CVE-2024-24853 Moderate Risk
An update that solves two vulnerabilities and has three fixes can now be installed.. # Security update for ucode-intel Announcement ID: SUSE-SU-2026:20758-1 Release Date: 2026-03-19T09:31:38Z Rating: moderate References: * bsc#1229129 * bsc#1230400 * bsc#1249138 * bsc#1253319 * bsc#1258046 Cross-References: * CVE-2024-24853 * CVE-2025-31648 CVSS scores: * CVE-2024-24853 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-24853 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H * CVE-2025-31648 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-31648 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N * CVE-2025-31648 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-31648 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities and has three fixes can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20260210 release (bsc#1258046): * CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access (bsc#1229129). * CVE-2025-31648: Improper handling of values in the microcode flow for some Intel Processor Family may allow an escalation of privilege (bsc#1258046). * Intel CPU Microcode was updated to the 20251111 release (bsc#1253319): * Update for functional issues. * switch the supplements to use supplements +kernel to allow moving a installation to Intel hardware (bsc#1249138) * Intel CPU Microcode was updated to the 20241029 release (bsc#1230400): * Update for functional issues. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-415=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * ucode-intel-20260210-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24853.html * https://www.suse.com/security/cve/CVE-2025-31648.html * https://bugzilla.suse.com/show_bug.cgi?id=1229129 * https://bugzilla.suse.com/show_bug.cgi?id=1230400 * https://bugzilla.suse.com/show_bug.cgi?id=1249138 * https://bugzilla.suse.com/show_bug.cgi?id=1253319 * https://bugzilla.suse.com/show_bug.cgi?id=1258046 . SUSE updates ucode-intel to resolve two issues including escalation of privilege. Reboot recommended post-installation.. SUSE Micro Update, Intel Microcode Fix, Privilege Escalation. . LinuxSecurity.com Team
Mar 24, 2026
SuSE
100
security advisorySuSEimportantSUSE Linux Micro 6.0 ucode-intel Important Escalation Issues 20522-1
An update that solves two vulnerabilities can now be installed.. # Security update for ucode-intel Announcement ID: SUSE-SU-2026:20522-1 Release Date: 2026-02-26T10:48:45Z Rating: important References: * bsc#1229129 * bsc#1258046 Cross-References: * CVE-2024-24853 * CVE-2025-31648 CVSS scores: * CVE-2024-24853 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-24853 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H * CVE-2025-31648 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-31648 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N * CVE-2025-31648 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-31648 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20260210 release (bsc#1258046): * CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access (bsc#1229129). * CVE-2025-31648: Improper handling of values in the microcode flow for some Intel Processor Family may allow an escalation of privilege (bsc#1258046). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-598=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * ucode-intel-20260210-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24853.html * https://www.suse.com/security/cve/CVE-2025-31648.html * https://bugzilla.suse.com/show_bug.cgi?id=1229129 * https://bugzilla.suse.com/show_bug.cgi?id=1258046 . SUSE's ucode-intel update addresses critical issues to ensure system security and stability. Reboot is required post-installation.. SUSE ucode-intel update, Intel CPU Microcode, privilege escalation fix. . Severity: Important. LinuxSecurity.com Team
Feb 27, 2026
•Important
SuSE
100
security advisorySuSEimportantSUSE 12 GA Intel Firmware Key Vulnerability Resolution SUSE-SU-2026-0735-2
An update that solves two vulnerabilities can now be installed.. # Security update for ucode-intel Announcement ID: SUSE-SU-2026:0670-1 Release Date: 2026-02-26T15:21:41Z Rating: important References: * bsc#1229129 * bsc#1258046 Cross-References: * CVE-2024-24853 * CVE-2025-31648 CVSS scores: * CVE-2024-24853 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-24853 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H * CVE-2025-31648 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-31648 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N * CVE-2025-31648 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-31648 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE An update that solves two vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20260210 release (bsc#1258046) * CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1229129) * CVE-2025-31648: Improper handling of values in the microcode flow for some Intel Processor Family may allow an escalation of privilege. (bsc#1258046) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommendedinstallation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-670=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-670=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64) * microcode_ctl-1.17-102.83.90.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * microcode_ctl-1.17-102.83.90.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24853.html * https://www.suse.com/security/cve/CVE-2025-31648.html * https://bugzilla.suse.com/show_bug.cgi?id=1229129 * https://bugzilla.suse.com/show_bug.cgi?id=1258046 . Critical security update for SUSE addressing important Intel microcode issues and potential privilege escalations now available.. SUSE Update, Intel Microcode, Important Fix, Security Patch, Privilege Escalation. . Severity: Important. LinuxSecurity.com Team
Feb 26, 2026
•Important
SuSE
203
security advisorylocal accessescalationMageia 9 Microcode Update Critical Escalation Fix MGASA-2026-0043
MGASA-2026-0043 - Updated microcode packages fix security vulnerabilities. MGASA-2026-0043 - Updated microcode packages fix security vulnerabilities Publication date: 18 Feb 2026 URL: https://advisories.mageia.org/MGASA-2026-0043.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-24853, CVE-2025-31648 Description: The updated package updates AMD CPUs microcodes and fixes security vulnerabilities in Intel CPUs microcodes: Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2024-24853) Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present with special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (low), integrity (low) and availability (none) impacts. (CVE-2025-31648) References: - https://bugs.mageia.org/show_bug.cgi?id=35130 - https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20260210-rev1 - https://www.cve.org/CVERecord?id=CVE-2024-24853 - https://www.cve.org/CVERecord?id=CVE-2025-31648 SRPMS: - 9/nonfree/microcode-0.20260210-1.mga9.nonfree . Mageia updates microcode packages addressing security issues in Intel CPUs, critical for system integrity and access escalation.. Mageia Microcode Update, CPU Security Fix, Intel Privilege Escalation, AMD Microcode, Mageia Security Advisory. . Severity: Critical. LinuxSecurity.com Team
Feb 18, 2026
•Critical
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!