An update that solves one vulnerability can now be installed.. # Security update for dracut Announcement ID: SUSE-SU-2026:2721-1 Release Date: 2026-07-01T13:15:53Z Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for dracut fixes the following issue * CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: * Update to version 055+suse.402.g2720eea: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2721=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2721=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patchSUSE-SLE-Micro-5.5-2026-2721=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2721=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2721=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2721=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * openSUSE Leap 15.5 (aarch64 i586 ppc64le s390x x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-tools-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * dracut-extra-055+suse.402.g2720eea-150500.3.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * SUSELinux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6893.html * https://bugzilla.suse.com/show_bug.cgi?id=1268322 . An important update for openSUSE addresses a critical command injection issue in dracut, enhancing system security.. dracut update, openSUSE patch, command injection risk, root access fix. . LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for dracut Announcement ID: SUSE-SU-2026:2721-1 Release Date: 2026-07-01T13:15:53Z Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for dracut fixes the following issue * CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: * Update to version 055+suse.402.g2720eea: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2721=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2721=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patchSUSE-SLE-Micro-5.5-2026-2721=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2721=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2721=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2721=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * openSUSE Leap 15.5 (aarch64 i586 ppc64le s390x x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-tools-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * dracut-extra-055+suse.402.g2720eea-150500.3.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * SUSELinux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * dracut-fips-055+suse.402.g2720eea-150500.3.41.1 * dracut-debugsource-055+suse.402.g2720eea-150500.3.41.1 * dracut-debuginfo-055+suse.402.g2720eea-150500.3.41.1 * dracut-mkinitrd-deprecated-055+suse.402.g2720eea-150500.3.41.1 * dracut-055+suse.402.g2720eea-150500.3.41.1 * dracut-ima-055+suse.402.g2720eea-150500.3.41.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6893.html * https://bugzilla.suse.com/show_bug.cgi?id=1268322 . A security update for dracut on SUSE addresses important vulnerabilities related to root access issues.. dracut security update, SUSE vulnerability fix, root command injection, important patch SUSE, Linux security advisory. . LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for dracut Announcement ID: SUSE-SU-2026:22358-1 Release Date: 2026-06-24T21:37:46Z Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for dracut fixes the following issue * CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: * Update to version 059+suse.722.gdd9d67ff5: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-1067=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-1067=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * dracut-tools-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-ima-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-extra-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-fips-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-debugsource-059+suse.722.gdd9d67ff5-160000.1.1 *dracut-debuginfo-059+suse.722.gdd9d67ff5-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * dracut-tools-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-ima-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-extra-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-fips-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-debugsource-059+suse.722.gdd9d67ff5-160000.1.1 * dracut-debuginfo-059+suse.722.gdd9d67ff5-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6893.html * https://bugzilla.suse.com/show_bug.cgi?id=1268322 . Important security update for dracut addressing root code execution through DHCP options command injection in SUSE.. SUSE Security Update, Dracut Vulnerability, Command Injection Fix. . LinuxSecurity.com Team
An update that solves two vulnerabilities can now be installed.. # Security update for libheif Announcement ID: SUSE-SU-2026:2681-1 Release Date: 2026-06-29T13:27:52Z Rating: moderate References: * bsc#1261658 * bsc#1265878 Cross-References: * CVE-2026-32282 * CVE-2026-32814 CVSS scores: * CVE-2026-32282 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-32282 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-32282 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-32814 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-32814 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-32814 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 An update that solves two vulnerabilities can now be installed. ## Description: This update for libheif fixes the following issues * CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658). * CVE-2026-32814: Uninitialized Heap Memory Information Leak via Failed Grid Tiles (bsc#1265878). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2681=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * libheif-devel-1.12.0-150400.3.20.1 * libheif-debugsource-1.12.0-150400.3.20.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.20.1 * libheif1-debuginfo-1.12.0-150400.3.20.1 * gdk-pixbuf-loader-libheif-1.12.0-150400.3.20.1 * libheif1-1.12.0-150400.3.20.1 * openSUSE Leap 15.4 (x86_64) * libheif1-32bit-debuginfo-1.12.0-150400.3.20.1 * libheif1-32bit-1.12.0-150400.3.20.1 * openSUSE Leap 15.4 (aarch64_ilp32) *libheif1-64bit-debuginfo-1.12.0-150400.3.20.1 * libheif1-64bit-1.12.0-150400.3.20.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32282.html * https://www.suse.com/security/cve/CVE-2026-32814.html * https://bugzilla.suse.com/show_bug.cgi?id=1261658 * https://bugzilla.suse.com/show_bug.cgi?id=1265878 . # Security update for libheif Announcement ID: SUSE-SU-2026:2681-1 Release Date: 2026-06-29T13:27:52. update, solves, vulnerabilities, installed, security, libheif, announ. . LinuxSecurity.com Team
Important: dracut security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:26532", "synopsis": "Important: dracut security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for dracut.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The dracut packages contain an event-driven initial RAM file system (initramfs) generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kernel at boot time and initializes the system, so it can read and boot from the root partition.\n\nSecurity Fix(es):\n\n* dracut: dracut: Root code execution via DHCP options command injection (CVE-2026-6893)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2459963", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2459963", "description": ""}], "cves": [{"name": "CVE-2026-6893", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6893", "cvss3ScoringVector": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-78"}], "references": [], "publishedAt": "2026-06-19T06:04:41.448408Z", "rpms": {"Rocky Linux 10": {"nvras": ["dracut-debugsource-0:107-7.el10_2.s390x.rpm", "dracut-squash-0:107-7.el10_2.s390x.rpm", "dracut-0:107-7.el10_2.s390x.rpm", "dracut-debugsource-0:107-7.el10_2.ppc64le.rpm", "dracut-debuginfo-0:107-7.el10_2.s390x.rpm", "dracut-config-generic-0:107-7.el10_2.x86_64.rpm", "dracut-0:107-7.el10_2.x86_64.rpm", "dracut-config-rescue-0:107-7.el10_2.x86_64.rpm", "dracut-caps-0:107-7.el10_2.aarch64.rpm", "dracut-debugsource-0:107-7.el10_2.aarch64.rpm","dracut-caps-0:107-7.el10_2.s390x.rpm", "dracut-caps-0:107-7.el10_2.x86_64.rpm", "dracut-network-0:107-7.el10_2.ppc64le.rpm", "dracut-live-0:107-7.el10_2.s390x.rpm", "dracut-network-0:107-7.el10_2.x86_64.rpm", "dracut-debuginfo-0:107-7.el10_2.aarch64.rpm", "dracut-tools-0:107-7.el10_2.ppc64le.rpm", "dracut-0:107-7.el10_2.aarch64.rpm", "dracut-config-rescue-0:107-7.el10_2.ppc64le.rpm", "dracut-config-rescue-0:107-7.el10_2.s390x.rpm", "dracut-config-generic-0:107-7.el10_2.ppc64le.rpm", "dracut-tools-0:107-7.el10_2.x86_64.rpm", "dracut-squash-0:107-7.el10_2.aarch64.rpm", "dracut-debugsource-0:107-7.el10_2.x86_64.rpm", "dracut-squash-0:107-7.el10_2.x86_64.rpm", "dracut-debuginfo-0:107-7.el10_2.ppc64le.rpm", "dracut-config-generic-0:107-7.el10_2.aarch64.rpm", "dracut-live-0:107-7.el10_2.aarch64.rpm", "dracut-0:107-7.el10_2.src.rpm", "dracut-network-0:107-7.el10_2.aarch64.rpm", "dracut-live-0:107-7.el10_2.x86_64.rpm", "dracut-live-0:107-7.el10_2.ppc64le.rpm", "dracut-config-generic-0:107-7.el10_2.s390x.rpm", "dracut-squash-0:107-7.el10_2.ppc64le.rpm", "dracut-debuginfo-0:107-7.el10_2.x86_64.rpm", "dracut-config-rescue-0:107-7.el10_2.aarch64.rpm", "dracut-network-0:107-7.el10_2.s390x.rpm", "dracut-tools-0:107-7.el10_2.aarch64.rpm", "dracut-0:107-7.el10_2.ppc64le.rpm", "dracut-caps-0:107-7.el10_2.ppc64le.rpm", "dracut-tools-0:107-7.el10_2.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Dracut security update for Rocky Linux addresses a critical command injection flaw with root access risk.. Rocky Linux Dracut Update, Security Advisory, Command Injection, Linux Sysadmin, Security Patching. . LinuxSecurity.com Team
Moderate: yggdrasil-worker-package-manager security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:25999", "synopsis": "Moderate: yggdrasil-worker-package-manager security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for yggdrasil-worker-package-manager.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "yggdrasil-worker-package-manager is a simple package manager yggd worker. It knows how to install and remove packages, add, remove, enable and disable repositories, and does rudimentary detection of the host it is running on to guess the package manager to use. It only installs packages that match one of the provided allow-pattern regular expressions.\n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2456336", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336", "description": ""}], "cves": [{"name": "CVE-2026-32282", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32282", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-367"}], "references": [], "publishedAt": "2026-06-19T06:04:41.448408Z", "rpms": {"Rocky Linux 10": {"nvras": ["yggdrasil-worker-package-manager-debugsource-0:0.2.3-7.el10_2.aarch64.rpm", "yggdrasil-worker-package-manager-debuginfo-0:0.2.3-7.el10_2.ppc64le.rpm", "yggdrasil-worker-package-manager-0:0.2.3-7.el10_2.src.rpm", "yggdrasil-worker-package-manager-debuginfo-0:0.2.3-7.el10_2.aarch64.rpm","yggdrasil-worker-package-manager-0:0.2.3-7.el10_2.x86_64.rpm", "yggdrasil-worker-package-manager-0:0.2.3-7.el10_2.ppc64le.rpm", "yggdrasil-worker-package-manager-debugsource-0:0.2.3-7.el10_2.x86_64.rpm", "yggdrasil-worker-package-manager-debugsource-0:0.2.3-7.el10_2.s390x.rpm", "yggdrasil-worker-package-manager-debuginfo-0:0.2.3-7.el10_2.s390x.rpm", "yggdrasil-worker-package-manager-0:0.2.3-7.el10_2.aarch64.rpm", "yggdrasil-worker-package-manager-debugsource-0:0.2.3-7.el10_2.ppc64le.rpm", "yggdrasil-worker-package-manager-debuginfo-0:0.2.3-7.el10_2.x86_64.rpm", "yggdrasil-worker-package-manager-0:0.2.3-7.el10_2.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. yggdrasil-worker-package-manager in Rocky Linux 10 has a moderate security update addressing root access issue.. Rocky Linux yggdrasil worker security update moderate root access. . LinuxSecurity.com Team
Moderate: yggdrasil-worker-package-manager security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:25999", "synopsis": "Moderate: yggdrasil-worker-package-manager security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for yggdrasil-worker-package-manager.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "yggdrasil-worker-package-manager is a simple package manager yggd worker. It knows how to install and remove packages, add, remove, enable and disable repositories, and does rudimentary detection of the host it is running on to guess the package manager to use. It only installs packages that match one of the provided allow-pattern regular expressions.\n\nSecurity Fix(es):\n\n* golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2456336", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336", "description": ""}], "cves": [{"name": "CVE-2026-32282", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32282", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-367"}], "references": [], "publishedAt": "2026-06-19T06:04:41.448408Z", "rpms": {"Rocky Linux 10": {"nvras": ["yggdrasil-worker-package-manager-debugsource-0:0.2.3-7.el10_2.aarch64.rpm", "yggdrasil-worker-package-manager-debuginfo-0:0.2.3-7.el10_2.ppc64le.rpm", "yggdrasil-worker-package-manager-0:0.2.3-7.el10_2.src.rpm", "yggdrasil-worker-package-manager-debuginfo-0:0.2.3-7.el10_2.aarch64.rpm","yggdrasil-worker-package-manager-0:0.2.3-7.el10_2.x86_64.rpm", "yggdrasil-worker-package-manager-0:0.2.3-7.el10_2.ppc64le.rpm", "yggdrasil-worker-package-manager-debugsource-0:0.2.3-7.el10_2.x86_64.rpm", "yggdrasil-worker-package-manager-debugsource-0:0.2.3-7.el10_2.s390x.rpm", "yggdrasil-worker-package-manager-debuginfo-0:0.2.3-7.el10_2.s390x.rpm", "yggdrasil-worker-package-manager-0:0.2.3-7.el10_2.aarch64.rpm", "yggdrasil-worker-package-manager-debugsource-0:0.2.3-7.el10_2.ppc64le.rpm", "yggdrasil-worker-package-manager-debuginfo-0:0.2.3-7.el10_2.x86_64.rpm", "yggdrasil-worker-package-manager-0:0.2.3-7.el10_2.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A security update for yggdrasil-worker-package-manager on Rocky Linux addresses a moderate risk issue affecting the package manager.. yggdrasil package update, Rocky Linux security, package manager vulnerabilities, yggdrasil-worker-manager, Rocky Linux RLSA-2026. . LinuxSecurity.com Team
Important: dracut security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:26532", "synopsis": "Important: dracut security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for dracut.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The dracut packages contain an event-driven initial RAM file system (initramfs) generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kernel at boot time and initializes the system, so it can read and boot from the root partition.\n\nSecurity Fix(es):\n\n* dracut: dracut: Root code execution via DHCP options command injection (CVE-2026-6893)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2459963", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2459963", "description": ""}], "cves": [{"name": "CVE-2026-6893", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6893", "cvss3ScoringVector": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-78"}], "references": [], "publishedAt": "2026-06-19T06:04:41.448408Z", "rpms": {"Rocky Linux 10": {"nvras": ["dracut-debugsource-0:107-7.el10_2.s390x.rpm", "dracut-squash-0:107-7.el10_2.s390x.rpm", "dracut-0:107-7.el10_2.s390x.rpm", "dracut-debugsource-0:107-7.el10_2.ppc64le.rpm", "dracut-debuginfo-0:107-7.el10_2.s390x.rpm", "dracut-config-generic-0:107-7.el10_2.x86_64.rpm", "dracut-0:107-7.el10_2.x86_64.rpm", "dracut-config-rescue-0:107-7.el10_2.x86_64.rpm", "dracut-caps-0:107-7.el10_2.aarch64.rpm", "dracut-debugsource-0:107-7.el10_2.aarch64.rpm","dracut-caps-0:107-7.el10_2.s390x.rpm", "dracut-caps-0:107-7.el10_2.x86_64.rpm", "dracut-network-0:107-7.el10_2.ppc64le.rpm", "dracut-live-0:107-7.el10_2.s390x.rpm", "dracut-network-0:107-7.el10_2.x86_64.rpm", "dracut-debuginfo-0:107-7.el10_2.aarch64.rpm", "dracut-tools-0:107-7.el10_2.ppc64le.rpm", "dracut-0:107-7.el10_2.aarch64.rpm", "dracut-config-rescue-0:107-7.el10_2.ppc64le.rpm", "dracut-config-rescue-0:107-7.el10_2.s390x.rpm", "dracut-config-generic-0:107-7.el10_2.ppc64le.rpm", "dracut-tools-0:107-7.el10_2.x86_64.rpm", "dracut-squash-0:107-7.el10_2.aarch64.rpm", "dracut-debugsource-0:107-7.el10_2.x86_64.rpm", "dracut-squash-0:107-7.el10_2.x86_64.rpm", "dracut-debuginfo-0:107-7.el10_2.ppc64le.rpm", "dracut-config-generic-0:107-7.el10_2.aarch64.rpm", "dracut-live-0:107-7.el10_2.aarch64.rpm", "dracut-0:107-7.el10_2.src.rpm", "dracut-network-0:107-7.el10_2.aarch64.rpm", "dracut-live-0:107-7.el10_2.x86_64.rpm", "dracut-live-0:107-7.el10_2.ppc64le.rpm", "dracut-config-generic-0:107-7.el10_2.s390x.rpm", "dracut-squash-0:107-7.el10_2.ppc64le.rpm", "dracut-debuginfo-0:107-7.el10_2.x86_64.rpm", "dracut-config-rescue-0:107-7.el10_2.aarch64.rpm", "dracut-network-0:107-7.el10_2.s390x.rpm", "dracut-tools-0:107-7.el10_2.aarch64.rpm", "dracut-0:107-7.el10_2.ppc64le.rpm", "dracut-caps-0:107-7.el10_2.ppc64le.rpm", "dracut-tools-0:107-7.el10_2.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important security update for dracut on Rocky Linux addresses potential root code execution issues via command injection.. Rocky Linux dracut security important. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.