Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 153 articles for you...
217

Oracle Linux 7 ELSA-2026-50388 Kernel Important Fix CVE-2026-43499

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50388 http://linux.oracle.com/errata/ELSA-2026-50388.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-5.4.17-2136.357.3.2.el7uek.x86_64.rpm kernel-uek-container-5.4.17-2136.357.3.2.el7uek.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.357.3.2.el7uek.x86_64.rpm kernel-uek-debug-5.4.17-2136.357.3.2.el7uek.x86_64.rpm kernel-uek-debug-devel-5.4.17-2136.357.3.2.el7uek.x86_64.rpm kernel-uek-devel-5.4.17-2136.357.3.2.el7uek.x86_64.rpm kernel-uek-doc-5.4.17-2136.357.3.2.el7uek.noarch.rpm kernel-uek-tools-5.4.17-2136.357.3.2.el7uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2136.357.3.2.el7uek.src.rpm Related CVEs: CVE-2026-43499 Description of changes: [5.4.17-2136.357.3.2] - locking/rtmutex: Skip remove_waiter() when waiter is not enqueued (Davidlohr Bueso) [Orabug: 39706958] - rtmutex: Use waiter::task instead of current in remove_waiter() (Keenan Dong) [Orabug: 39706958] {CVE-2026-43499} [5.4.17-2136.357.3.1] - KVM: x86: Fix shadow paging use-after-free due to unexpected role (Paolo Bonzini) [Orabug: 39673892] - KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (Sean Christopherson) [Orabug: 39673892] - KVM: x86/MMU: Recursively zap nested TDP SPs when zapping last/only parent (Ben Gardon) [Orabug: 39673892] - KVM: x86/mmu: Move flush logic from mmu_page_zap_pte() to FNAME(invlpg) (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: pull call to drop_large_spte() into __link_shadow_page() (Paolo Bonzini) [Orabug: 39673892] - KVM: x86/mmu: Passing up the error state of mmu_alloc_shadow_roots() (Like Xu) [Orabug: 39673892] - KVM: MMU: load PDPTRs outside mmu_lock (Paolo Bonzini) [Orabug: 39673892] - KVM: x86/mmu: Check PDPTRs before allocating PAE roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Always pass 0 for@quadrant when gptes are 8 bytes (David Matlack) [Orabug: 39673892] - KVM: x86/mmu: Derive shadow MMU page role from parent (David Matlack) [Orabug: 39673892] - KVM: X86: Remove useless code to set role.gpte_is_8_bytes when role.direct (Lai Jiangshan) [Orabug: 39673892] - KVM: X86: Synchronize the shadow pagetable before link it (Lai Jiangshan) [Orabug: 39673892] - KVM: X86: Fix missed remote tlb flush in rmap_write_protect() (Lai Jiangshan) [Orabug: 39673892] - KVM: x86/mmu: Refactor shadow walk in __direct_map() to reduce indentation (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Stop passing "direct" to mmu_alloc_root() (David Matlack) [Orabug: 39673892] - KVM: x86/mmu: Use a bool for direct (David Matlack) [Orabug: 39673892] - kvm: mmu: Replace unsigned with unsigned int for PTE access (Ben Gardon) [Orabug: 39673892] - KVM: x86/mmu: Ensure MMU pages are available when allocating roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Allocate pae_root and lm_root pages in dedicated helper (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Allocate the lm_root before allocating PAE roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Capture 'mmu' in a local variable when allocating roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Stash 'kvm' in a local variable in kvm_mmu_free_roots() (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Add a helper to consolidate root sp allocation (Sean Christopherson) [Orabug: 39673892] - net/sched: act_pedit: fix action bind logic (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: free pedit keys on bail from offset check (Pedro Tammela) [Orabug: 39680880] - net/sched: fix pedit partial COW leading to page cache corruption (Rajat Gupta) [Orabug: 39680880] {CVE-2026-46331} - net/sched: act_pedit: Parse L3 Header for L4 offset (Max Tottenham) [Orabug: 39680880] - net/sched:act_pedit: rate limit datapath messages (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: check static offsets a priori (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: remove extra check for key type (Pedro Tammela) [Orabug: 39680880] - net/sched: simplify tcf_pedit_act (Pedro Tammela) [Orabug: 39680880] - net/sched: transition act_pedit to rcu and percpu stats (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: use NLA_POLICY for parsing 'ex' keys (Pedro Tammela) [Orabug: 39680880] [5.4.17-2136.357.3] - net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39619389] {CVE-2026-52943} [5.4.17-2136.357.2] - net: fix fanout UAF in packet_release() via NETDEV_UP race (Yochai Eisenrich) [Orabug: 39250953] {CVE-2026-31504} - x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers (Dan Williams) [Orabug: 39429802] - x86/kaslr: Reduce KASLR entropy on most x86 systems (Balbir Singh) [Orabug: 39429802] - net: tap: NULL pointer derefence in dev_parse_header_protocol when skb-> dev is null (Cezar Bulinaru) [Orabug: 39526882] {CVE-2022-50073} - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39548666] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39548666] - ARM: uek: Disable CONFIG_QCOM_FALKOR_ERRATUM_1003 (Boris Ostrovsky) [Orabug: 39548666] - arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39548666] - arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39548666] - arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39548666] - ip6_tunnel: clear skb2-> cb[] in ip4ip6_err() (Eric Dumazet) [Orabug: 39300926] {CVE-2026-43037} [5.4.17-2136.357.1] - batman-adv: hold claim backbone gateways by reference (Haoze Xie) [Orabug: 39262375] {CVE-2026-31657} - scsi: fcoe: Reject FIP descriptors with zero fip_dlen in CVL walker (Michael Bommarito) [Orabug: 39446045] - scsi: target: iscsi: Fix CRC overread anddouble-free in iscsit_handle_text_cmd() (Michael Bommarito) [Orabug: 39446045] - scsi: target: iscsi: Bound iscsi_encode_text_output() appends to rsp_buf (Michael Bommarito) [Orabug: 39446045] - rds: Drop rds conn in connect worker if not in down state. (Rohit Nair) [Orabug: 39152239] [5.4.17-2136.356.4.1] - smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669] {CVE-2026-46243} [5.4.17-2136.356.4] - tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429147] - tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429147] - tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429147] [5.4.17-2136.356.3] - ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384275,39391459] {CVE-2026-46333} - net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368828,39441326] {CVE-2026-43503,CVE-2026-46300} - net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368828] {CVE-2026-46300} [5.4.17-2136.356.2] - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167617,39368718] {CVE-2026-31402} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985173,39368732] {CVE-2026-23216} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970455,39368774] {CVE-2026-23193} - xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39334580,39367147] {CVE-2026-43284} - x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39218897] {CVE-2025-54518} [5.4.17-2136.356.1] - arm64/kvm: Include linux/random.h in trng.c (Siddh Raman Pant) [Orabug: 39327096] - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) [Orabug: 39174662] - i2c: designware: Handle invalid SMBus block data response length value (Tam Nguyen)[Orabug: 39174662] - i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174662] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 7 security advisory details important kernel updates addressing CVE-2026-43499 mitigating system risks.. Oracle Linux, kernel updates, security fixes, ELSA advisories, CVEs. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Important Oracle
217

Oracle Linux 8 Kernel Important Threats Advisory ELSA-2026-50374

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50374 http://linux.oracle.com/errata/ELSA-2026-50374.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: aarch64: kernel-uek-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-debug-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-debug-devel-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-devel-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-doc-5.4.17-2136.357.3.1.el8uek.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.357.3.1.el8uek.src.rpm Related CVEs: CVE-2022-50073 CVE-2025-10263 CVE-2026-31504 CVE-2026-31657 CVE-2026-43037 CVE-2026-46331 CVE-2026-52943 CVE-2026-53359 Description of changes: [5.4.17-2136.357.3.1] - KVM: x86: Fix shadow paging use-after-free due to unexpected role (Paolo Bonzini) [Orabug: 39673892] - KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (Sean Christopherson) [Orabug: 39673892] - KVM: x86/MMU: Recursively zap nested TDP SPs when zapping last/only parent (Ben Gardon) [Orabug: 39673892] - KVM: x86/mmu: Move flush logic from mmu_page_zap_pte() to FNAME(invlpg) (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: pull call to drop_large_spte() into __link_shadow_page() (Paolo Bonzini) [Orabug: 39673892] - KVM: x86/mmu: Passing up the error state of mmu_alloc_shadow_roots() (Like Xu) [Orabug: 39673892] - KVM: MMU: load PDPTRs outside mmu_lock (Paolo Bonzini) [Orabug: 39673892] - KVM: x86/mmu: Check PDPTRs before allocating PAE roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Always pass 0 for @quadrant when gptes are 8 bytes (David Matlack) [Orabug: 39673892] - KVM: x86/mmu: Derive shadow MMU page role from parent (David Matlack) [Orabug: 39673892] - KVM: X86: Remove useless code to set role.gpte_is_8_bytes when role.direct (Lai Jiangshan) [Orabug: 39673892] - KVM: X86: Synchronize the shadowpagetable before link it (Lai Jiangshan) [Orabug: 39673892] - KVM: X86: Fix missed remote tlb flush in rmap_write_protect() (Lai Jiangshan) [Orabug: 39673892] - KVM: x86/mmu: Refactor shadow walk in __direct_map() to reduce indentation (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Stop passing "direct" to mmu_alloc_root() (David Matlack) [Orabug: 39673892] - KVM: x86/mmu: Use a bool for direct (David Matlack) [Orabug: 39673892] - kvm: mmu: Replace unsigned with unsigned int for PTE access (Ben Gardon) [Orabug: 39673892] - KVM: x86/mmu: Ensure MMU pages are available when allocating roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Allocate pae_root and lm_root pages in dedicated helper (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Allocate the lm_root before allocating PAE roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Capture 'mmu' in a local variable when allocating roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Stash 'kvm' in a local variable in kvm_mmu_free_roots() (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Add a helper to consolidate root sp allocation (Sean Christopherson) [Orabug: 39673892] - net/sched: act_pedit: fix action bind logic (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: free pedit keys on bail from offset check (Pedro Tammela) [Orabug: 39680880] - net/sched: fix pedit partial COW leading to page cache corruption (Rajat Gupta) [Orabug: 39680880] {CVE-2026-46331} - net/sched: act_pedit: Parse L3 Header for L4 offset (Max Tottenham) [Orabug: 39680880] - net/sched: act_pedit: rate limit datapath messages (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: check static offsets a priori (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: remove extra check for key type (Pedro Tammela) [Orabug: 39680880] - net/sched: simplify tcf_pedit_act (Pedro Tammela) [Orabug: 39680880] - net/sched: transition act_pedit to rcu and percpu stats (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: use NLA_POLICY for parsing 'ex' keys (Pedro Tammela) [Orabug: 39680880] [5.4.17-2136.357.3] - net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39619389] {CVE-2026-52943} [5.4.17-2136.357.2] - net: fix fanout UAF in packet_release() via NETDEV_UP race (Yochai Eisenrich) [Orabug: 39250953] {CVE-2026-31504} - x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers (Dan Williams) [Orabug: 39429802] - x86/kaslr: Reduce KASLR entropy on most x86 systems (Balbir Singh) [Orabug: 39429802] - net: tap: NULL pointer derefence in dev_parse_header_protocol when skb-> dev is null (Cezar Bulinaru) [Orabug: 39526882] {CVE-2022-50073} - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39548666] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39548666] - ARM: uek: Disable CONFIG_QCOM_FALKOR_ERRATUM_1003 (Boris Ostrovsky) [Orabug: 39548666] - arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39548666] - arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39548666] - arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39548666] - ip6_tunnel: clear skb2-> cb[] in ip4ip6_err() (Eric Dumazet) [Orabug: 39300926] {CVE-2026-43037} [5.4.17-2136.357.1] - batman-adv: hold claim backbone gateways by reference (Haoze Xie) [Orabug: 39262375] {CVE-2026-31657} - scsi: fcoe: Reject FIP descriptors with zero fip_dlen in CVL walker (Michael Bommarito) [Orabug: 39446045] - scsi: target: iscsi: Fix CRC overread and double-free in iscsit_handle_text_cmd() (Michael Bommarito) [Orabug: 39446045] - scsi: target: iscsi: Bound iscsi_encode_text_output() appends to rsp_buf (Michael Bommarito) [Orabug: 39446045] - rds: Drop rds conn in connect worker if not in down state. (Rohit Nair) [Orabug: 39152239] [5.4.17-2136.356.4.1] -smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669] {CVE-2026-46243} [5.4.17-2136.356.4] - tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429147] - tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429147] - tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429147] [5.4.17-2136.356.3] - ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384275,39391459] {CVE-2026-46333} - net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368828,39441326] {CVE-2026-43503,CVE-2026-46300} - net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368828] {CVE-2026-46300} [5.4.17-2136.356.2] - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167617,39368718] {CVE-2026-31402} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985173,39368732] {CVE-2026-23216} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970455,39368774] {CVE-2026-23193} - xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39334580,39367147] {CVE-2026-43284} - x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39218897] {CVE-2025-54518} [5.4.17-2136.356.1] - arm64/kvm: Include linux/random.h in trng.c (Siddh Raman Pant) [Orabug: 39327096] - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) [Orabug: 39174662] - i2c: designware: Handle invalid SMBus block data response length value (Tam Nguyen) [Orabug: 39174662] - i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174662] [5.4.17-2136.355.3] - crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250687,39331106] {CVE-2026-43077} - crypto: af_alg - Fix page reassignmentoverflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250687,39331111] {CVE-2026-43078} - crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687] - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250687,39300911] {CVE-2026-43033} - crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] - crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687,39452217] {CVE-2026-46028} - crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39250687,39283868,39292250] {CVE-2026-31431} - crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] {CVE-2026-31431} - crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687] - crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Advisory ELSA-2026-50374 addresses important updates for kernel vulnerabilities, enhancing system security.. Oracle Linux security advisory, kernel updates, ELSA-2026-50374. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 07, 2026 Important Oracle
89

Fedora 43 freerdp Critical Remote Desktop Exploits Fixed 2026-78a12ffec8

Update to 3.27.1 It fixes CVE-2026-55191, CVE-2026-55192, CVE-2026-55193, CVE-2026-55194, CVE-2026-55648 and CVE-2026-55827.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-78a12ffec8 2026-07-04 01:06:18.979228+00:00 -------------------------------------------------------------------------------- Name : freerdp Product : Fedora 43 Version : 3.27.1 Release : 1.fc43 URL : http://www.freerdp.com/ Summary : Free implementation of the Remote Desktop Protocol (RDP) Description : The xfreerdp & wlfreerdp Remote Desktop Protocol (RDP) clients from the FreeRDP project. xfreerdp & wlfreerdp can connect to RDP servers such as Microsoft Windows machines, xrdp and VirtualBox. -------------------------------------------------------------------------------- Update Information: Update to 3.27.1 It fixes CVE-2026-55191, CVE-2026-55192, CVE-2026-55193, CVE-2026-55194, CVE-2026-55648 and CVE-2026-55827. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 18 2026 Ondrej Holy - 2:3.27.1-1 - Update to 3.27.1 (CVE-2026-55191, CVE-2026-55192, CVE-2026-55193, CVE-2026-55194, CVE-2026-55648, CVE-2026-55827) Resolves: rhbz#2488900 * Fri Jun 12 2026 Yaakov Selkowitz - 2:3.26.0-8 - Rebuilt for openssl 4.0 * Mon Jun 8 2026 František Zatloukal - 2:3.26.0-7 - Rebuilt for icu 78.3 * Thu Jun 4 2026 Ondrej Holy - 2:3.26.0-6 - Enable uriparser support on RHEL * Tue May 26 2026 Yaakov Selkowitz - 2:3.26.0-5 - Drop multilib-rpm-config usage on RHEL -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-78a12ffec8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More detailson the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Critical updates for FreeRDP address multiple exploits, ensuring Fedora 43 users are secured against potential threats.. Fedora security patch, FreeRDP update, remote desktop vulnerability, Fedora 43 security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 03, 2026 Critical Fedora
217

Oracle Linux Firefox Important Advisory ELSA-2026-21378

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-21378 http://linux.oracle.com/errata/ELSA-2026-21378.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-140.12.0-1.0.1.el9_8.x86_64.rpm firefox-x11-140.12.0-1.0.1.el9_8.x86_64.rpm aarch64: firefox-140.12.0-1.0.1.el9_8.aarch64.rpm firefox-x11-140.12.0-1.0.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/firefox-140.12.0-1.0.1.el9_8.src.rpm Related CVEs: CVE-2026-8388 CVE-2026-8391 CVE-2026-8401 CVE-2026-8946 CVE-2026-8947 CVE-2026-8950 CVE-2026-8953 CVE-2026-8954 CVE-2026-8955 CVE-2026-8956 CVE-2026-8957 CVE-2026-8958 CVE-2026-8961 CVE-2026-8962 CVE-2026-8968 CVE-2026-8970 CVE-2026-8974 CVE-2026-8975 Description of changes: [140.12.0-1.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [140.12.0] - Add debranding patches (Mustafa Gezen) - Add OpenELA default preferences (Louis Abel) [140.12.0-1] - Update to 140.12.0 ESR [140.11.0-1] - Update to 140.11.0 ESR [140.10.2-1] - Update to 140.10.2 ESR [140.10.1-1] - Update to 140.10.1 ESR _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux ELSA-2026-21378 details critical updates for Firefox addressing multiple issues noted in the advisories.. Oracle Linux Firefox Update Advisory Important. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important Oracle
217

Oracle Linux 9 Firefox Important Security Advisory ELSA-2026-19370

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-19370 http://linux.oracle.com/errata/ELSA-2026-19370.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: firefox-140.12.0-1.0.1.el9_8.x86_64.rpm firefox-x11-140.12.0-1.0.1.el9_8.x86_64.rpm aarch64: firefox-140.12.0-1.0.1.el9_8.aarch64.rpm firefox-x11-140.12.0-1.0.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/firefox-140.12.0-1.0.1.el9_8.src.rpm Related CVEs: CVE-2026-7320 CVE-2026-7321 CVE-2026-7322 CVE-2026-7323 Description of changes: [140.12.0-1.0.1] - Fix firefox-oracle-default-prefs.js for new nss [Orabug: 37079773] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [140.12.0] - Add debranding patches (Mustafa Gezen) - Add OpenELA default preferences (Louis Abel) [140.12.0-1] - Update to 140.12.0 ESR [140.11.0-1] - Update to 140.11.0 ESR [140.10.2-1] - Update to 140.10.2 ESR [140.10.1-1] - Update to 140.10.1 ESR _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Important updates for Oracle Linux 9 address vulnerabilities in Firefox to enhance security and stability.. Oracle Linux 9 updates, Firefox Security Fixes, Important Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important Oracle
217

Oracle Linux 9 Tigervnc Important Security Advisory ELSA-2026-29844

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-29844 http://linux.oracle.com/errata/ELSA-2026-29844.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: tigervnc-1.15.0-7.el9_8.2.x86_64.rpm tigervnc-icons-1.15.0-7.el9_8.2.noarch.rpm tigervnc-license-1.15.0-7.el9_8.2.noarch.rpm tigervnc-selinux-1.15.0-7.el9_8.2.noarch.rpm tigervnc-server-1.15.0-7.el9_8.2.x86_64.rpm tigervnc-server-minimal-1.15.0-7.el9_8.2.x86_64.rpm tigervnc-server-module-1.15.0-7.el9_8.2.x86_64.rpm aarch64: tigervnc-1.15.0-7.el9_8.2.aarch64.rpm tigervnc-icons-1.15.0-7.el9_8.2.noarch.rpm tigervnc-license-1.15.0-7.el9_8.2.noarch.rpm tigervnc-selinux-1.15.0-7.el9_8.2.noarch.rpm tigervnc-server-1.15.0-7.el9_8.2.aarch64.rpm tigervnc-server-minimal-1.15.0-7.el9_8.2.aarch64.rpm tigervnc-server-module-1.15.0-7.el9_8.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/tigervnc-1.15.0-7.el9_8.2.src.rpm Related CVEs: CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264 Description of changes: [1.15.0-7.2] - Rebuild for updated xorg-x11-server Resolves: RHEL-184003 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Advisory ELSA-2026-29844 updates for Tigervnc resolve critical security issues for improved safety.. Oracle Linux Advisory,Tigervnc Updates,Security Fixes,Oracle Vulnerability,Important Security Patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Oracle
172

Ubuntu MySQL Important DoS Vulnerabilities USN-8457-1 CVE-2026-46862

Several security issues were fixed in MySQL.. ========================================================================== Ubuntu Security Notice USN-8457-1 June 22, 2026 mysql-8.0, mysql-8.4 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in MySQL. Software Description: - mysql-8.4: MySQL database - mysql-8.0: MySQL database Details: It was discovered that MySQL Router incorrectly handled repeated TLS protocol upgrade requests. An unauthenticated remote attacker could possibly use this issue to cause MySQL Router to crash, resulting in a denial of service. (CVE-2026-46862) It was discovered that MySQL Server incorrectly handled connection authentication. An unauthenticated remote attacker could possibly use this issue to cause MySQL to crash, resulting in a denial of service. (CVE-2026-46863) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS mysql-server 8.4.10-0ubuntu0.26.04.1 Ubuntu 25.10 mysql-server 8.4.10-0ubuntu0.25.10.1 Ubuntu 24.04 LTS mysql-server-8.0 8.0.46-0ubuntu0.24.04.3 Ubuntu 22.04 LTS mysql-server-8.0 8.0.46-0ubuntu0.22.04.3 This update may use a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8457-1 CVE-2026-46862, CVE-2026-46863 Package Information: https://launchpad.net/ubuntu/+source/mysql-8.4/8.4.10-0ubuntu0.26.04.1 https://launchpad.net/ubuntu/+source/mysql-8.4/8.4.10-0ubuntu0.25.10.1 https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.46-0ubuntu0.24.04.3 https://launchpad.net/ubuntu/+source/mysql-8.0/8.0.46-0ubuntu0.22.04.3 . Significant updatesfor MySQL on Ubuntu resolve critical issues. Threats include remote crash vulnerabilities. Secure now!. Ubuntu MySQL update critical threats denial of service. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 22, 2026 Important Ubuntu
202

openSUSE Leap 16.0 google-guest-agent Critical Authorization Flaw 20761-1

An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for google-guest-agent ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20761-1 Rating: important References: * bsc#1260264 Cross-References: * CVE-2026-33186 CVSS scores: * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for google-guest-agent fixes the following issue - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260264). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-757=1 Package List: - openSUSE Leap 16.0: google-guest-agent-20250506.01-160000.2.1 References: * https://www.suse.com/security/cve/CVE-2026-33186.html . Important update for openSUSE fixing authorization bypass in google-guest-agent with CVE-2026-33186. Patch recommended.. openSUSE security update, google-guest-agent patch, important vulnerabilities, authorization bypass issue. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 19, 2026 Important OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200