Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 57 articles for you...
217

Oracle Linux 9 ELSA-2026-25925 valkey Important Updates

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-25925 http://linux.oracle.com/errata/ELSA-2026-25925.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: valkey-8.0.9-1.el9_8.x86_64.rpm valkey-devel-8.0.9-1.el9_8.x86_64.rpm aarch64: valkey-8.0.9-1.el9_8.aarch64.rpm valkey-devel-8.0.9-1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/valkey-8.0.9-1.el9_8.src.rpm Related CVEs: CVE-2026-23479 CVE-2026-23631 CVE-2026-25243 Description of changes: [8.0.9-1] - Rebase to 8.0.9 for CVE-2026-23479 CVE-2026-25243 CVE-2026-23631 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Important Security Advisory for Oracle Linux 9, update valkey for multiple CVEs. Details within advisory.. Oracle Linux, ELSA-2026-25925, valkey update, Important advisory, Linux security. . LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Oracle
219

Rocky Linux 9 Valkey Important Remote Code Exec RLSA-2026-25925

Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:25925", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* redis: use-after-free in unblock client flow may allow remote code execution (CVE-2026-23479)\n\n* redis: Remote code execution via use-after-free in Lua scripting (CVE-2026-23631)\n\n* redis: RESTORE invalid memory access may allow remote code execution (CVE-2026-25243)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2466780", "sourceBy":"Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466780", "description": ""}, {"ticket": "2466788", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466788", "description": ""}, {"ticket": "2466828", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466828", "description": ""}], "cves": [{"name": "CVE-2026-23479", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23479", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-416"}, {"name": "CVE-2026-23631", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23631", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2026-25243", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25243", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-122"}], "references": [], "publishedAt": "2026-06-17T12:03:08.073041Z", "rpms": {"Rocky Linux 9": {"nvras": ["valkey-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-0:8.0.9-1.el9_8.s390x.rpm", "valkey-0:8.0.9-1.el9_8.src.rpm", "valkey-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-devel-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-devel-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-devel-0:8.0.9-1.el9_8.s390x.rpm", "valkey-devel-0:8.0.9-1.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Update for valkey addresses critical securityflaws in Rocky Linux 9 with solutions to prevent remote attacks and vulnerabilities.. Rocky Linux security update, valkey patch, Redis security fix, Linux application vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Jun 17, 2026 Rocky Linux
219

Rocky Linux 9 Valkey Vital Remote Code Execution Advisories RLSA-2026-25925

Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:25925", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* redis: use-after-free in unblock client flow may allow remote code execution (CVE-2026-23479)\n\n* redis: Remote code execution via use-after-free in Lua scripting (CVE-2026-23631)\n\n* redis: RESTORE invalid memory access may allow remote code execution (CVE-2026-25243)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2466780", "sourceBy":"Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466780", "description": ""}, {"ticket": "2466788", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466788", "description": ""}, {"ticket": "2466828", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466828", "description": ""}], "cves": [{"name": "CVE-2026-23479", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23479", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-416"}, {"name": "CVE-2026-23631", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23631", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2026-25243", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25243", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-122"}], "references": [], "publishedAt": "2026-06-17T12:03:08.073041Z", "rpms": {"Rocky Linux 9": {"nvras": ["valkey-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-0:8.0.9-1.el9_8.s390x.rpm", "valkey-0:8.0.9-1.el9_8.src.rpm", "valkey-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-devel-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-devel-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-devel-0:8.0.9-1.el9_8.s390x.rpm", "valkey-devel-0:8.0.9-1.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important security updates for Valkey in RockyLinux 9 addressing multiple issues and enhancing system integrity.. Rocky Linux Valkey security update important remote code execution. . LinuxSecurity.com Team

Calendar%202 Jun 17, 2026 Rocky Linux
219

Rocky Linux RLSA-2026-25925 Valkey Important Remote Code Execution

Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:25925", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* redis: use-after-free in unblock client flow may allow remote code execution (CVE-2026-23479)\n\n* redis: Remote code execution via use-after-free in Lua scripting (CVE-2026-23631)\n\n* redis: RESTORE invalid memory access may allow remote code execution (CVE-2026-25243)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2466780", "sourceBy":"Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466780", "description": ""}, {"ticket": "2466788", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466788", "description": ""}, {"ticket": "2466828", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466828", "description": ""}], "cves": [{"name": "CVE-2026-23479", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23479", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-416"}, {"name": "CVE-2026-23631", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23631", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2026-25243", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25243", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-122"}], "references": [], "publishedAt": "2026-06-17T12:03:08.073041Z", "rpms": {"Rocky Linux 9": {"nvras": ["valkey-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-0:8.0.9-1.el9_8.s390x.rpm", "valkey-0:8.0.9-1.el9_8.src.rpm", "valkey-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-devel-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-devel-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-devel-0:8.0.9-1.el9_8.s390x.rpm", "valkey-devel-0:8.0.9-1.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A critical valkey security update for Rocky Linuxaddresses key issues leading to remote code execution risks.. Rocky Linux Security Update, valkey remote code execution, redis vulnerabilities, important security patch, CVSS scores. . LinuxSecurity.com Team

Calendar%202 Jun 17, 2026 Rocky Linux
219

Rocky Linux 9 RLSA-2026-25925 Valkey Important Remote Code Execution

Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:25925", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* redis: use-after-free in unblock client flow may allow remote code execution (CVE-2026-23479)\n\n* redis: Remote code execution via use-after-free in Lua scripting (CVE-2026-23631)\n\n* redis: RESTORE invalid memory access may allow remote code execution (CVE-2026-25243)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2466780", "sourceBy":"Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466780", "description": ""}, {"ticket": "2466788", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466788", "description": ""}, {"ticket": "2466828", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466828", "description": ""}], "cves": [{"name": "CVE-2026-23479", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23479", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-416"}, {"name": "CVE-2026-23631", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23631", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2026-25243", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25243", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-122"}], "references": [], "publishedAt": "2026-06-17T12:03:08.073041Z", "rpms": {"Rocky Linux 9": {"nvras": ["valkey-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-0:8.0.9-1.el9_8.s390x.rpm", "valkey-0:8.0.9-1.el9_8.src.rpm", "valkey-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-devel-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-devel-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-devel-0:8.0.9-1.el9_8.s390x.rpm", "valkey-devel-0:8.0.9-1.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Critical security update for Rocky Linux's Valkeyaddresses important issues leading to remote code execution risks.. Rocky Linux, Valkey, security update, remote code execution, CVSS. . LinuxSecurity.com Team

Calendar%202 Jun 17, 2026 Rocky Linux
219

Rocky Linux valkey Important Remote Code Execution Vuln RLSA-2026-25925

Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:25925", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* redis: use-after-free in unblock client flow may allow remote code execution (CVE-2026-23479)\n\n* redis: Remote code execution via use-after-free in Lua scripting (CVE-2026-23631)\n\n* redis: RESTORE invalid memory access may allow remote code execution (CVE-2026-25243)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2466780", "sourceBy":"Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466780", "description": ""}, {"ticket": "2466788", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466788", "description": ""}, {"ticket": "2466828", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466828", "description": ""}], "cves": [{"name": "CVE-2026-23479", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23479", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-416"}, {"name": "CVE-2026-23631", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23631", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2026-25243", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25243", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-122"}], "references": [], "publishedAt": "2026-06-17T12:03:08.073041Z", "rpms": {"Rocky Linux 9": {"nvras": ["valkey-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-0:8.0.9-1.el9_8.s390x.rpm", "valkey-0:8.0.9-1.el9_8.src.rpm", "valkey-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-devel-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-devel-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-devel-0:8.0.9-1.el9_8.s390x.rpm", "valkey-devel-0:8.0.9-1.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rocky Linux updates for valkey address criticalremote code execution flaws with an important severity. Stay secured by applying updates.. Rocky Linux, valkey, security updates, remote code execution, important fixes. . LinuxSecurity.com Team

Calendar%202 Jun 17, 2026 Rocky Linux
219

Rocky Linux valkey Important Remote Code Execution RLSA-2026-25925

Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:25925", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* redis: use-after-free in unblock client flow may allow remote code execution (CVE-2026-23479)\n\n* redis: Remote code execution via use-after-free in Lua scripting (CVE-2026-23631)\n\n* redis: RESTORE invalid memory access may allow remote code execution (CVE-2026-25243)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2466780", "sourceBy":"Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466780", "description": ""}, {"ticket": "2466788", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466788", "description": ""}, {"ticket": "2466828", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466828", "description": ""}], "cves": [{"name": "CVE-2026-23479", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23479", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-416"}, {"name": "CVE-2026-23631", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23631", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2026-25243", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25243", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-122"}], "references": [], "publishedAt": "2026-06-17T12:03:08.073041Z", "rpms": {"Rocky Linux 9": {"nvras": ["valkey-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-0:8.0.9-1.el9_8.s390x.rpm", "valkey-0:8.0.9-1.el9_8.src.rpm", "valkey-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-devel-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-devel-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-devel-0:8.0.9-1.el9_8.s390x.rpm", "valkey-devel-0:8.0.9-1.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Valkey security update for Rocky Linux resolvescritical issues. Learn about key fixes and measures.. Rocky Linux valkey update remote code execution important. . LinuxSecurity.com Team

Calendar%202 Jun 17, 2026 Rocky Linux
219

Rocky Linux 9 Valkey Significant Off-site Code Execution RLSA-2026-25925

Important: valkey security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:25925", "synopsis": "Important: valkey security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for valkey.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also.\n\nSecurity Fix(es):\n\n* redis: use-after-free in unblock client flow may allow remote code execution (CVE-2026-23479)\n\n* redis: Remote code execution via use-after-free in Lua scripting (CVE-2026-23631)\n\n* redis: RESTORE invalid memory access may allow remote code execution (CVE-2026-25243)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2466780", "sourceBy":"Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466780", "description": ""}, {"ticket": "2466788", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466788", "description": ""}, {"ticket": "2466828", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2466828", "description": ""}], "cves": [{"name": "CVE-2026-23479", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23479", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-416"}, {"name": "CVE-2026-23631", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23631", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-416"}, {"name": "CVE-2026-25243", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25243", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-122"}], "references": [], "publishedAt": "2026-06-17T12:03:08.073041Z", "rpms": {"Rocky Linux 9": {"nvras": ["valkey-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-0:8.0.9-1.el9_8.s390x.rpm", "valkey-0:8.0.9-1.el9_8.src.rpm", "valkey-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debuginfo-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.s390x.rpm", "valkey-debugsource-0:8.0.9-1.el9_8.x86_64.rpm", "valkey-devel-0:8.0.9-1.el9_8.aarch64.rpm", "valkey-devel-0:8.0.9-1.el9_8.ppc64le.rpm", "valkey-devel-0:8.0.9-1.el9_8.s390x.rpm", "valkey-devel-0:8.0.9-1.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Valkey security update for Rocky Linux addressesmultiple important remote code execution risks. Update recommended.. valkey update, remote code execution, Rocky Linux security, security advisory, CVSS scoring. . LinuxSecurity.com Team

Calendar%202 Jun 17, 2026 Rocky Linux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here