Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 6,139 articles for you...
89
security advisorysecurity issuefedoraFedora 43kernel Important CVE-2025-10263 Fix for aarch64 CPUs
The 7.0.12-101/201 updates contain fixes for CVE-2025-10263. This CVE, while important, only impacts specific aarch64 CPUs.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-75fcc75b5f 2026-06-12 01:07:40.519563+00:00 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 43 Version : 7.0.12 Release : 101.fc43 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 7.0.12-101/201 updates contain fixes for CVE-2025-10263. This CVE, while important, only impacts specific aarch64 CPUs. -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 10 2026 Justin M. Forbes [7.0.12-1] - New config setting for ARM64 Erratum (Justin M. Forbes) - arm64: errata: Mitigate TLBI errata on NVIDIA Olympus CPU (Shanker Donthineni) - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) - arm64: cputype: Add C1-Premium definitions (Mark Rutland) - arm64: cputype: Add C1-Ultra definitions (Mark Rutland) -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-75fcc75b5f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 11, 2026
•Important
Fedora
89
security advisoryfedoraimportantFedora 44 Kernel Significant aarch64 Processor Patch CVE-2025-10263
The 7.0.12-101/201 updates contain fixes for CVE-2025-10263. This CVE, while important, only impacts specific aarch64 CPUs.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-8b619eef6f 2026-06-12 00:58:37.608056+00:00 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 44 Version : 7.0.12 Release : 201.fc44 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 7.0.12-101/201 updates contain fixes for CVE-2025-10263. This CVE, while important, only impacts specific aarch64 CPUs. -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 10 2026 Justin M. Forbes [7.0.12-1] - New config setting for ARM64 Erratum (Justin M. Forbes) - arm64: errata: Mitigate TLBI errata on NVIDIA Olympus CPU (Shanker Donthineni) - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) - arm64: cputype: Add C1-Premium definitions (Mark Rutland) - arm64: cputype: Add C1-Ultra definitions (Mark Rutland) -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-8b619eef6f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 11, 2026
•Important
Fedora
100
security advisorysecurity issueSuSESUSE Linux Enterprise Micro Important Kernel Security Advisory 2026-2331-1
An update that solves 13 vulnerabilities can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2331-1 Release Date: 2026-06-10T08:40:38Z Rating: important References: * bsc#1261700 * bsc#1263790 * bsc#1263995 * bsc#1264093 * bsc#1264551 * bsc#1266001 * bsc#1266009 * bsc#1266238 * bsc#1266711 * bsc#1266901 * bsc#1266969 * bsc#1267205 * bsc#1267220 Cross-References: * CVE-2026-31405 * CVE-2026-31629 * CVE-2026-31758 * CVE-2026-43037 * CVE-2026-43206 * CVE-2026-43499 * CVE-2026-43501 * CVE-2026-45852 * CVE-2026-45970 * CVE-2026-46021 * CVE-2026-46043 * CVE-2026-46113 * CVE-2026-46243 CVSS scores: * CVE-2026-31405 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31405 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31405 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31629 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31629 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31629 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43499 ( SUSE ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45852 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46021 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46021 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46043 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46043 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46043 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46113 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-46113 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46113 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE LinuxEnterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 13 vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables (bsc#1261700). * CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093). * CVE-2026-43037: ip6_tunnel: clear skb2-> cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551). * CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266009). * CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205). * CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220). * CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901). * CVE-2026-46113: KVM: x86/mmu: Add helper to convert SPTE value to its shadow page (bsc#1266969). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (bsc#1266238). The following non security issues were fixed: * arm64: tlb: Allow XZR argument to TLBI ops (git-fixes). * arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE LinuxEnterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2331=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2331=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2331=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2331=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.170.1 * kernel-rt-debugsource-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.170.1 * kernel-rt-debugsource-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.170.1 * kernel-rt-debugsource-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.170.1 * kernel-rt-debugsource-5.14.21-150400.15.170.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.170.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31405.html * https://www.suse.com/security/cve/CVE-2026-31629.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-43037.html *https://www.suse.com/security/cve/CVE-2026-43206.html * https://www.suse.com/security/cve/CVE-2026-43499.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-45852.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-46021.html * https://www.suse.com/security/cve/CVE-2026-46043.html * https://www.suse.com/security/cve/CVE-2026-46113.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://bugzilla.suse.com/show_bug.cgi?id=1261700 * https://bugzilla.suse.com/show_bug.cgi?id=1263790 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264093 * https://bugzilla.suse.com/show_bug.cgi?id=1264551 * https://bugzilla.suse.com/show_bug.cgi?id=1266001 * https://bugzilla.suse.com/show_bug.cgi?id=1266009 * https://bugzilla.suse.com/show_bug.cgi?id=1266238 * https://bugzilla.suse.com/show_bug.cgi?id=1266711 * https://bugzilla.suse.com/show_bug.cgi?id=1266901 * https://bugzilla.suse.com/show_bug.cgi?id=1266969 * https://bugzilla.suse.com/show_bug.cgi?id=1267205 * https://bugzilla.suse.com/show_bug.cgi?id=1267220 . SUSE fixes 13 important kernel vulnerabilities with a new security update, impacting various enterprise micro versions.. Linux Kernel Security SUSE Update. . Severity: Important. LinuxSecurity.com Team
Jun 10, 2026
•Important
SuSE
100
security advisorysecurity issueimportantopenSUSE Kernel Important Security Fix June 2026-2332-1
An update that solves eight vulnerabilities can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2332-1 Release Date: 2026-06-10T08:41:19Z Rating: important References: * bsc#1263790 * bsc#1263995 * bsc#1264551 * bsc#1266001 * bsc#1266009 * bsc#1266238 * bsc#1266711 * bsc#1266901 Cross-References: * CVE-2026-31629 * CVE-2026-43037 * CVE-2026-43206 * CVE-2026-43499 * CVE-2026-43501 * CVE-2026-45852 * CVE-2026-46043 * CVE-2026-46243 CVSS scores: * CVE-2026-31629 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31629 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31629 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43499 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45852 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46043 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46043 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46043 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves eight vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790). * CVE-2026-43037: ip6_tunnel: clear skb2-> cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551). * CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266009). * CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711). * CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (bsc#1266238). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2332=1 * SUSE Linux Enterprise Micro 5.5 zypper in-t patch SUSE-SLE-Micro-5.5-2026-2332=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * dlm-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.143.1 * kernel-syms-rt-5.14.21-150500.13.143.1 * gfs2-kmp-rt-5.14.21-150500.13.143.1 * kernel-rt-debugsource-5.14.21-150500.13.143.1 * kernel-rt-extra-5.14.21-150500.13.143.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.143.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.143.1 * ocfs2-kmp-rt-5.14.21-150500.13.143.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-livepatch-5.14.21-150500.13.143.1 * kernel-rt_debug-vdso-5.14.21-150500.13.143.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-devel-5.14.21-150500.13.143.1 * kselftests-kmp-rt-5.14.21-150500.13.143.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-optional-5.14.21-150500.13.143.1 * dlm-kmp-rt-5.14.21-150500.13.143.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * cluster-md-kmp-rt-5.14.21-150500.13.143.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt_debug-devel-5.14.21-150500.13.143.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.143.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.143.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * reiserfs-kmp-rt-5.14.21-150500.13.143.1 * kernel-rt-vdso-5.14.21-150500.13.143.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.143.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.143.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.143.1 * kernel-rt_debug-5.14.21-150500.13.143.1 * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.143.1 * kernel-devel-rt-5.14.21-150500.13.143.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.143.1 *kernel-devel-rt-5.14.21-150500.13.143.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.143.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-debugsource-5.14.21-150500.13.143.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31629.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43206.html * https://www.suse.com/security/cve/CVE-2026-43499.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-45852.html * https://www.suse.com/security/cve/CVE-2026-46043.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://bugzilla.suse.com/show_bug.cgi?id=1263790 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264551 * https://bugzilla.suse.com/show_bug.cgi?id=1266001 * https://bugzilla.suse.com/show_bug.cgi?id=1266009 * https://bugzilla.suse.com/show_bug.cgi?id=1266238 * https://bugzilla.suse.com/show_bug.cgi?id=1266711 * https://bugzilla.suse.com/show_bug.cgi?id=1266901 . Fix eight issues with the important SUSE kernel security update. Ensure your system is secured with this latest patch.. SUSE, openSUSE, kernel update, security patch, important vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Jun 10, 2026
•Important
SuSE
202
security advisoryDoSpatchopenSUSE Kernel Important Fixed Buffer Overflow Advisory 2026-2332-1
An update that solves eight vulnerabilities can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:2332-1 Release Date: 2026-06-10T08:41:19Z Rating: important References: * bsc#1263790 * bsc#1263995 * bsc#1264551 * bsc#1266001 * bsc#1266009 * bsc#1266238 * bsc#1266711 * bsc#1266901 Cross-References: * CVE-2026-31629 * CVE-2026-43037 * CVE-2026-43206 * CVE-2026-43499 * CVE-2026-43501 * CVE-2026-45852 * CVE-2026-46043 * CVE-2026-46243 CVSS scores: * CVE-2026-31629 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31629 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31629 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43499 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45852 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46043 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46043 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46043 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves eight vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790). * CVE-2026-43037: ip6_tunnel: clear skb2-> cb in ip4ip6_err() (bsc#1263995). * CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551). * CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266009). * CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711). * CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (bsc#1266238). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2332=1 * SUSE Linux Enterprise Micro 5.5 zypper in-t patch SUSE-SLE-Micro-5.5-2026-2332=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * dlm-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.143.1 * kernel-syms-rt-5.14.21-150500.13.143.1 * gfs2-kmp-rt-5.14.21-150500.13.143.1 * kernel-rt-debugsource-5.14.21-150500.13.143.1 * kernel-rt-extra-5.14.21-150500.13.143.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.143.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.143.1 * ocfs2-kmp-rt-5.14.21-150500.13.143.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-livepatch-5.14.21-150500.13.143.1 * kernel-rt_debug-vdso-5.14.21-150500.13.143.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-devel-5.14.21-150500.13.143.1 * kselftests-kmp-rt-5.14.21-150500.13.143.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-optional-5.14.21-150500.13.143.1 * dlm-kmp-rt-5.14.21-150500.13.143.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * cluster-md-kmp-rt-5.14.21-150500.13.143.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt_debug-devel-5.14.21-150500.13.143.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.143.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.143.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.143.1 * reiserfs-kmp-rt-5.14.21-150500.13.143.1 * kernel-rt-vdso-5.14.21-150500.13.143.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.143.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.143.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.143.1 * kernel-rt_debug-5.14.21-150500.13.143.1 * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.143.1 * kernel-devel-rt-5.14.21-150500.13.143.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.143.1 *kernel-devel-rt-5.14.21-150500.13.143.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.143.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.143.1 * kernel-rt-debugsource-5.14.21-150500.13.143.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31629.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43206.html * https://www.suse.com/security/cve/CVE-2026-43499.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-45852.html * https://www.suse.com/security/cve/CVE-2026-46043.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://bugzilla.suse.com/show_bug.cgi?id=1263790 * https://bugzilla.suse.com/show_bug.cgi?id=1263995 * https://bugzilla.suse.com/show_bug.cgi?id=1264551 * https://bugzilla.suse.com/show_bug.cgi?id=1266001 * https://bugzilla.suse.com/show_bug.cgi?id=1266009 * https://bugzilla.suse.com/show_bug.cgi?id=1266238 * https://bugzilla.suse.com/show_bug.cgi?id=1266711 * https://bugzilla.suse.com/show_bug.cgi?id=1266901 . Eight vulnerabilities in the SUSE Linux kernel have been fixed with this important update, detailing the necessary actions.. openSUSE kernel security update important patch. . Severity: Important. LinuxSecurity.com Team
Jun 10, 2026
•Important
OpenSUSE
217
security advisorycriticalimportantOracle Linux 9 ELSA-2026-50304 Major Kernel Security Update Available
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50304 http://linux.oracle.com/errata/ELSA-2026-50304.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-uek-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-core-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-debug-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-debug-core-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-devel-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-doc-6.12.0-203.76.7.3.el9uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-modules-core-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.3.el9uek.x86_64.rpm kernel-uek-tools-6.12.0-203.76.7.3.el9uek.x86_64.rpm aarch64: kernel-uek-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-core-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-debug-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-debug-core-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-devel-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-doc-6.12.0-203.76.7.3.el9uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-modules-core-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek-tools-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek64k-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek64k-core-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek64k-devel-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek64k-modules-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-203.76.7.3.el9uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-203.76.7.3.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-6.12.0-203.76.7.3.el9uek.src.rpm Related CVEs: CVE-2025-10263 Description of changes: [6.12.0-203.76.7.3] - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017589] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39017589] - arm64: tlb: allow XZR argumentto TLBI ops (Mark Rutland) [Orabug: 39017589] - arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39017589] - arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39017589] [6.12.0-203.76.7.2] - kabi: update FIPS kABI files (Saeed Mirzamohammadi) [Orabug: 39489008] - KEYS: Reserve key usage values (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: keep FIPS MPI helpers private (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: keep FIPS compression helpers private (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: keep FIPS helper library symbols private (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: tcrypt - clamp num_mb to avoid divide-by-zero (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: tcrypt - stop ahash speed tests when setkey fails (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: add x86 GHASH CLMUL to FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: add fixed-time AES to FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - fips: add scatterwalk to FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: avoid auto-load for arch specific impls (Saeed Mirzamohammadi) [Orabug: 39489008] - arm64/crypto: wire up FIPS aliases and helpers (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: share alg registry between FIPS and base kernel (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: keep crypto_user out of the FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: tcrypt - skip retest in FIPS mode (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: skip redundant FIPS self-module signature check (Saeed Mirzamohammadi) [Orabug: 39489008] - scripts: fail cleanly on arm64 boot image formats (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto/hkdf: Skip tests with keys too short in FIPS mode (Saeed Mirzamohammadi) [Orabug: 39489008] - uek-rpm: build module symvers before fips140.ko (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: add crc64_rocksoft_generic to the FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: add keywrap to the FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: add cts to the FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: convert kdf_sp800108 to CRYPTO_API() (Saeed Mirzamohammadi) [Orabug: 39489008] - fips: drop ansi_cprng and revert ansi_cprng FIPS hooks (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto/testmgr: mark xxhash64 as fips disallowed (Saeed Mirzamohammadi) [Orabug: 39489008] - Revert "fips: add xxhash64-generic to FIPS module" (Saeed Mirzamohammadi) [Orabug: 39489008] - asm-generic/vmlinux.lds.h: remove unreachable FIPS140 branch (Saeed Mirzamohammadi) [Orabug: 39489008] - btrfs: switch to library APIs for checksums (Eric Biggers) [Orabug: 39489008] - lib/crypto: blake2b: Add BLAKE2b library functions (Eric Biggers) [Orabug: 39489008] - byteorder: Add le64_to_cpu_array() and cpu_to_le64_array() (Eric Biggers) [Orabug: 39489008] _______________________________________________ El-errata mailing list
Jun 10, 2026
•Important
Oracle
217
security advisoryupdateimportantOracle Linux Important Kernel Update ELSA-2026-50304 CVE-2025-10263
The following updated rpms for have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50304 http://linux.oracle.com/errata/ELSA-2026-50304.html The following updated rpms for have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-uek-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-core-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-devel-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-doc-6.12.0-203.76.7.3.el10uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-modules-core-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-tools-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-debug-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-debug-core-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.3.el10uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.3.el10uek.x86_64.rpm aarch64: kernel-uek-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-core-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-devel-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-doc-6.12.0-203.76.7.3.el10uek.noarch.rpm kernel-uek-modules-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-modules-core-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-tools-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-debug-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-debug-core-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek64k-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek64k-core-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek64k-devel-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek64k-modules-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-203.76.7.3.el10uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-203.76.7.3.el10uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/kernel-uek-6.12.0-203.76.7.3.el10uek.src.rpm Related CVEs: CVE-2025-10263 Description of changes: [6.12.0-203.76.7.3] - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017589] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (MarkRutland) [Orabug: 39017589] - arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39017589] - arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39017589] - arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39017589] [6.12.0-203.76.7.2] - kabi: update FIPS kABI files (Saeed Mirzamohammadi) [Orabug: 39489008] - KEYS: Reserve key usage values (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: keep FIPS MPI helpers private (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: keep FIPS compression helpers private (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: keep FIPS helper library symbols private (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: tcrypt - clamp num_mb to avoid divide-by-zero (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: tcrypt - stop ahash speed tests when setkey fails (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: add x86 GHASH CLMUL to FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: add fixed-time AES to FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - fips: add scatterwalk to FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: avoid auto-load for arch specific impls (Saeed Mirzamohammadi) [Orabug: 39489008] - arm64/crypto: wire up FIPS aliases and helpers (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: share alg registry between FIPS and base kernel (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: keep crypto_user out of the FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: tcrypt - skip retest in FIPS mode (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: skip redundant FIPS self-module signature check (Saeed Mirzamohammadi) [Orabug: 39489008] - scripts: fail cleanly on arm64 boot image formats (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto/hkdf: Skip tests with keys too short in FIPS mode (Saeed Mirzamohammadi) [Orabug: 39489008] - uek-rpm: build module symvers before fips140.ko (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: addcrc64_rocksoft_generic to the FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: add keywrap to the FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: add cts to the FIPS module (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto: convert kdf_sp800108 to CRYPTO_API() (Saeed Mirzamohammadi) [Orabug: 39489008] - fips: drop ansi_cprng and revert ansi_cprng FIPS hooks (Saeed Mirzamohammadi) [Orabug: 39489008] - crypto/testmgr: mark xxhash64 as fips disallowed (Saeed Mirzamohammadi) [Orabug: 39489008] - Revert "fips: add xxhash64-generic to FIPS module" (Saeed Mirzamohammadi) [Orabug: 39489008] - asm-generic/vmlinux.lds.h: remove unreachable FIPS140 branch (Saeed Mirzamohammadi) [Orabug: 39489008] - btrfs: switch to library APIs for checksums (Eric Biggers) [Orabug: 39489008] - lib/crypto: blake2b: Add BLAKE2b library functions (Eric Biggers) [Orabug: 39489008] - byteorder: Add le64_to_cpu_array() and cpu_to_le64_array() (Eric Biggers) [Orabug: 39489008] _______________________________________________ El-errata mailing list
Jun 10, 2026
•Important
Oracle
217
security advisoryimportantkernelOracle Linux 7 Kernel Important Security Fix ELSA-2026-50306
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50306 http://linux.oracle.com/errata/ELSA-2026-50306.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-5.4.17-2136.356.4.2.el7uek.x86_64.rpm kernel-uek-container-5.4.17-2136.356.4.2.el7uek.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.356.4.2.el7uek.x86_64.rpm kernel-uek-debug-5.4.17-2136.356.4.2.el7uek.x86_64.rpm kernel-uek-debug-devel-5.4.17-2136.356.4.2.el7uek.x86_64.rpm kernel-uek-devel-5.4.17-2136.356.4.2.el7uek.x86_64.rpm kernel-uek-doc-5.4.17-2136.356.4.2.el7uek.noarch.rpm kernel-uek-tools-5.4.17-2136.356.4.2.el7uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2136.356.4.2.el7uek.src.rpm Related CVEs: CVE-2025-10263 Description of changes: [5.4.17-2136.356.4.2] - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39017592] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39017592] - ARM: uek: Disable CONFIG_QCOM_FALKOR_ERRATUM_1003 (Boris Ostrovsky) [Orabug: 39017592] - arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39017592] - arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39017592] - arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39017592] [5.4.17-2136.356.4.1] - smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669] [5.4.17-2136.356.4] - tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429147] - tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429147] - tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429147] [5.4.17-2136.356.3] - ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384275,39391459] {CVE-2026-46333} - net: skbuff: propagateshared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368828,39441326] {CVE-2026-43503,CVE-2026-46300} - net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368828] {CVE-2026-46300} [5.4.17-2136.356.2] - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167617,39368718] {CVE-2026-31402} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985173,39368732] {CVE-2026-23216} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970455,39368774] {CVE-2026-23193} - xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39334580,39367147] {CVE-2026-43284} - x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39218897] {CVE-2025-54518} [5.4.17-2136.356.1] - arm64/kvm: Include linux/random.h in trng.c (Siddh Raman Pant) [Orabug: 39327096] - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) [Orabug: 39174662] - i2c: designware: Handle invalid SMBus block data response length value (Tam Nguyen) [Orabug: 39174662] - i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174662] [5.4.17-2136.355.3] - crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250687,39331106] {CVE-2026-43077} - crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250687,39331111] {CVE-2026-43078} - crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687] - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250687,39300911] {CVE-2026-43033} - crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] - crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687,39452217] {CVE-2026-46028} - crypto: algif_aead -Revert to operating out-of-place (Herbert Xu) [Orabug: 39250687,39283868,39292250] {CVE-2026-31431} - crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] {CVE-2026-31431} - crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687] - crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687] [5.4.17-2136.355.2] - Revert "rds: Drop rds conn in connect worker if not in down state." (Alok Tiwari) [Orabug: 39253770] - x86/CPU: Fix FPDSS on Zen1 (Siddh Raman Pant) [Orabug: 39241225,39273723] {CVE-2026-31628} - SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (Joshua Rogers) [Orabug: 38852342] {CVE-2025-71120} [5.4.17-2136.355.1] - net/sched: Enforce that teql can only be used as root qdisc (Jamal Hadi Salim) [Orabug: 38930950] {CVE-2026-23074} [5.4.17-2136.354.4] - macvlan: fix possible UAF in macvlan_forward_source() (Eric Dumazet) [Orabug: 38887731] {CVE-2026-23001} - macvlan: Use 'hash' iterators to simplify code (Christophe Jaillet) [Orabug: 38887731] {CVE-2026-23001} - macvlan: Add nodst option to macvlan type source (Jethro Beekman) [Orabug: 38887731] {CVE-2026-23001} - macvlan: observe an RCU grace period in macvlan_common_newlink() error path (Eric Dumazet) [Orabug: 38970510,39188399] {CVE-2026-23209,CVE-2026-23273} - macvlan: fix error recovery in macvlan_common_newlink() (Eric Dumazet) [Orabug: 38970510] {CVE-2026-23209} _______________________________________________ El-errata mailing list
Jun 10, 2026
•Important
Oracle
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!