Aggregator

kernel-7.0.9-104.fc43

Fedora Security Advisories
50 minutes 55 seconds ago
FEDORA-2026-3f85a4eba7 Packages in this update:
  • kernel-7.0.9-104.fc43
Update description:

The 7.0.9-104/204 kernels contain a fix for a SKBFL_SHARED_FRAG page-cache corruption vulnerability as well as some mitigations for PinTheft

kernel-7.0.9-204.fc44

Fedora Security Advisories
50 minutes 57 seconds ago
FEDORA-2026-57965ac9f7 Packages in this update:
  • kernel-7.0.9-204.fc44
Update description:

The 7.0.9-104/204 kernels contain a fix for a SKBFL_SHARED_FRAG page-cache corruption vulnerability as well as some mitigations for PinTheft

kernel-6.19.14-107.fc42

Fedora Security Advisories
1 hour 31 minutes ago
FEDORA-2026-32ae3b7199 Packages in this update:
  • kernel-6.19.14-107.fc42
Update description:

The 6.19.14-107 update contains a fix for a SKBFL_SHARED_FRAG page-cache corruption vulnerability.

USN-8281-1: Linux kernel vulnerabilities

Ubuntu Security Advisories
1 hour 55 minutes ago
It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Packet sockets; (CVE-2026-31504, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

USN-8280-1: Linux kernel vulnerabilities

Ubuntu Security Advisories
2 hours ago
It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Packet sockets; - TLS protocol; (CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

USN-8279-1: Linux kernel vulnerabilities

Ubuntu Security Advisories
2 hours 7 minutes ago
It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Ethernet bonding driver; - SMB network file system; - Netfilter; - io_uring subsystem; - Packet sockets; - TLS protocol; (CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

USN-8278-1: Linux kernel vulnerabilities

Ubuntu Security Advisories
2 hours 18 minutes ago
It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Cryptographic API; - Compute Acceleration Framework; - Drivers core; - Null block device driver; - Ublk userspace block driver; - Bluetooth drivers; - Counter interface drivers; - DMA engine subsystem; - DPLL subsystem; - GPU drivers; - HID subsystem; - Intel Trace Hub HW tracing drivers; - IIO ADC drivers; - IIO subsystem; - On-Chip Interconnect management framework; - IRQ chip drivers; - Modular ISDN driver; - LED subsystem; - Multiple devices driver; - UACCE accelerator framework; - MMC subsystem; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - NVME drivers; - PHY drivers; - x86 platform drivers; - i.MX PM domains; - SCSI subsystem; - SLIMbus drivers; - SPI subsystem; - TCM subsystem; - W1 Dallas's 1-wire bus driver; - Xen hypervisor drivers; - BTRFS file system; - EFI Variable file system; - exFAT file system; - Ext4 file system; - HFS+ file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - Scheduler infrastructure; - Netfilter; - NFC subsystem; - Tracing infrastructure; - io_uring subsystem; - BPF subsystem; - Perf events; - Floating proportions library; - Memory management; - Bluetooth subsystem; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - L2TP protocol; - MAC80211 subsystem; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - TLS protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - ALSA AC97 driver; - Generic PCM loopback sound driver; - Creative Sound Blaster X-Fi driver; - AMD SoC Alsa drivers; - Texas InstrumentS Audio (ASoC/HDA) drivers; - USB sound devices; - KVM subsystem; (CVE-2024-50004, CVE-2024-58096, CVE-2024-58097, CVE-2025-37926, CVE-2025-38201, CVE-2025-38591, CVE-2025-40039, CVE-2025-40082, CVE-2025-40149, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365, CVE-2025-68725, CVE-2025-68749, CVE-2025-68803, CVE-2025-68823, CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180, CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190, CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194, CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198, CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976, CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980, CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991, CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001, CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010, CVE-2026-23011, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021, CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031, CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037, CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050, CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057, CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062, CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068, CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087, CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107, CVE-2026-23108, CVE-2026-23110, CVE-2026-23113, CVE-2026-23116, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123, CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128, CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135, CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141, CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146, CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156, CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164, CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170, CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178, CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187, CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198, CVE-2026-23200, CVE-2026-23202, CVE-2026-23204, CVE-2026-23205, CVE-2026-23206, CVE-2026-23212, CVE-2026-23213, CVE-2026-23214, CVE-2026-23215, CVE-2026-23216, CVE-2026-23254, CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23260, CVE-2026-23261, CVE-2026-23262, CVE-2026-23264, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

USN-8277-1: Linux kernel vulnerabilities

Ubuntu Security Advisories
2 hours 30 minutes ago
It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - S390 architecture; - Cryptographic API; - GPU drivers; - Ethernet bonding driver; - Network file system (NFS) server daemon; - Distributed Switch Architecture; - Netfilter; - Control group (cgroup); - Kernel kexec() syscall; - Memory management; - MAC80211 subsystem; - Multipath TCP; - Packet sockets; - TLS protocol; - Unix domain sockets; (CVE-2025-71088, CVE-2025-71090, CVE-2025-71127, CVE-2025-71134, CVE-2025-71139, CVE-2025-71141, CVE-2025-71142, CVE-2025-71144, CVE-2025-71152, CVE-2025-71155, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

linux-firmware-20260519-1.fc43

Fedora Security Advisories
4 hours 43 minutes ago
FEDORA-2026-16c8693020 Packages in this update:
  • linux-firmware-20260519-1.fc43
Update description:

Update to 20260519:

  • ASoC: tas2783: Add Firmware files for tas2783A projects
  • add firmware for MT7927 WiFi device
  • Add HP ISH firmware for Intel Panther Lake systems
  • ti: Add PCM6240 firmware with multiple audio profiles support
  • qcom: add CDSP firmware for shikra platform
  • amdgpu: updates for various ASICs
  • qcom: update ADSP firmware for x1e80100 platform
  • qcom: Add cdsp1r.jsn for sa8775p platform
  • Add firmware for Lontium LT9611C
  • xe: Update GUC to v70.65.0 for LNL, BMG, PTL
  • rtl_bt: Add missing rtl8761a_config.bin for RTL8761AU
  • Add Dell ISH firmware 581.7783.0 for Intel Panther Lake systems.
  • qcom: update ADSP firmware for x1e80100 platform
  • linux-firmware:Add firmware for Lontium LT7911EXC bridge
  • qcom/x1e80100/dell: mark that qcom/NOTICE.txt is applicable too
  • qcom: Update CDSP firmware for Kaanapali platform
  • qcom: vpu: add Gen2 firmware binary for Agatti
  • amdgpu: DMCUB updates for various ASICs
  • Add firmware file for Intel BlazarIGfp2/BlazarIW/ScorpiusGfp2
  • Update firmware file for Intel BlazarI/BlazarU/BlazarU-HrPGfP/Scorpius core
  • qcom: Update ADSP firmware for Glymur platform
  • mediatek MT7925: update bluetooth firmware to 20260414153243
  • update firmware for MT7925 WiFi device
  • Revert "Update firmware file for Intel Quasar core"
  • qcom: Add gpdspr.jsn for qcs8300 platform
  • ath12k: QCC2072 hw1.0: add to WLAN.COL.1.0.c2-00074-QCACOLSWPL_V1_TO_SILICONZ-1
  • ath12k: QCC2072 hw1.0: add board-2.bin
  • ath12k: IPQ5424 hw1.0: add to WLAN.WBE.1.6-01275-QCAHKSWPL_SILICONZ-1
  • ath12k: IPQ5424 hw1.0: add board-2.bin
  • qcom: Update ADSP firmware for Kaanapali platform
  • cirrus: cs35l56: Add firmware for Cirrus Amps for some Lenovo laptops (17aa235c 17aa235d)
  • QCA: Update Bluetooth WCN6856 firmware 2.1.0-00665 to 2.1.0-00666
  • amdgpu: DMCUB updates for DCN36
  • Update AMD cpu microcode
  • powervr: update Imagination Rogue firmware images
  • qcom: Update ADSP firmware for Kaanapali platform
  • i915: Xe3LPD DMC v2.34
  • i915: Xe3LPD_3002 DMC v2.29
  • qcom: Update ADSP firmware for QCM6490 platform
  • firmware/amdgpu: Update DMCUB fw to Release 0.1.55.0
  • mediatek: vpu: drop old sym link

linux-firmware-20260519-1.fc44

Fedora Security Advisories
4 hours 43 minutes ago
FEDORA-2026-2b07c67f06 Packages in this update:
  • linux-firmware-20260519-1.fc44
Update description:

Update to 20260519:

  • ASoC: tas2783: Add Firmware files for tas2783A projects
  • add firmware for MT7927 WiFi device
  • Add HP ISH firmware for Intel Panther Lake systems
  • ti: Add PCM6240 firmware with multiple audio profiles support
  • qcom: add CDSP firmware for shikra platform
  • amdgpu: updates for various ASICs
  • qcom: update ADSP firmware for x1e80100 platform
  • qcom: Add cdsp1r.jsn for sa8775p platform
  • Add firmware for Lontium LT9611C
  • xe: Update GUC to v70.65.0 for LNL, BMG, PTL
  • rtl_bt: Add missing rtl8761a_config.bin for RTL8761AU
  • Add Dell ISH firmware 581.7783.0 for Intel Panther Lake systems.
  • qcom: update ADSP firmware for x1e80100 platform
  • linux-firmware:Add firmware for Lontium LT7911EXC bridge
  • qcom/x1e80100/dell: mark that qcom/NOTICE.txt is applicable too
  • qcom: Update CDSP firmware for Kaanapali platform
  • qcom: vpu: add Gen2 firmware binary for Agatti
  • amdgpu: DMCUB updates for various ASICs
  • Add firmware file for Intel BlazarIGfp2/BlazarIW/ScorpiusGfp2
  • Update firmware file for Intel BlazarI/BlazarU/BlazarU-HrPGfP/Scorpius core
  • qcom: Update ADSP firmware for Glymur platform
  • mediatek MT7925: update bluetooth firmware to 20260414153243
  • update firmware for MT7925 WiFi device
  • Revert "Update firmware file for Intel Quasar core"
  • qcom: Add gpdspr.jsn for qcs8300 platform
  • ath12k: QCC2072 hw1.0: add to WLAN.COL.1.0.c2-00074-QCACOLSWPL_V1_TO_SILICONZ-1
  • ath12k: QCC2072 hw1.0: add board-2.bin
  • ath12k: IPQ5424 hw1.0: add to WLAN.WBE.1.6-01275-QCAHKSWPL_SILICONZ-1
  • ath12k: IPQ5424 hw1.0: add board-2.bin
  • qcom: Update ADSP firmware for Kaanapali platform
  • cirrus: cs35l56: Add firmware for Cirrus Amps for some Lenovo laptops (17aa235c 17aa235d)
  • QCA: Update Bluetooth WCN6856 firmware 2.1.0-00665 to 2.1.0-00666
  • amdgpu: DMCUB updates for DCN36
  • Update AMD cpu microcode
  • powervr: update Imagination Rogue firmware images
  • qcom: Update ADSP firmware for Kaanapali platform
  • i915: Xe3LPD DMC v2.34
  • i915: Xe3LPD_3002 DMC v2.29
  • qcom: Update ADSP firmware for QCM6490 platform
  • firmware/amdgpu: Update DMCUB fw to Release 0.1.55.0
  • mediatek: vpu: drop old sym link

USN-8276-1: Highlight.js vulnerability

Ubuntu Security Advisories
6 hours 12 minutes ago
It was discovered that Highlight.js used plain JavaScript objects for internal language name lookups, making them susceptible to prototype pollution attacks. An attacker could use this to cause a denial of service or unexpected application behaviour.

rrdtool-1.9.0-8.fc42

Fedora Security Advisories
6 hours 40 minutes ago
FEDORA-2026-93281f2f96 Packages in this update:
  • rrdtool-1.9.0-8.fc42
Update description:

This is an update backporting some safety checks from the rrdtool-1.10.0.

rrdtool-1.9.0-8.fc43

Fedora Security Advisories
6 hours 42 minutes ago
FEDORA-2026-111ad9560f Packages in this update:
  • rrdtool-1.9.0-8.fc43
Update description:

This is an update backporting some safety checks from the rrdtool-1.10.0.

rrdtool-1.9.0-11.fc44

Fedora Security Advisories
6 hours 42 minutes ago
FEDORA-2026-87a8048005 Packages in this update:
  • rrdtool-1.9.0-11.fc44
Update description:

This is an update backporting some safety checks from the rrdtool-1.10.0.

python-uv-build-0.11.15-1.fc43 rust-astral-tokio-tar-0.6.2-1.fc43 rust-astral_async_http_range_reader-0.11.0-2.fc43 rust-astral_async_zip-0.0.18~rc4-2.fc43 uv-0.11.15-1.fc43

Fedora Security Advisories
8 hours 17 minutes ago
FEDORA-2026-f8487121bd Packages in this update:
  • python-uv-build-0.11.15-1.fc43
  • rust-astral_async_http_range_reader-0.11.0-2.fc43
  • rust-astral_async_zip-0.0.18~rc4-2.fc43
  • rust-astral-tokio-tar-0.6.2-1.fc43
  • uv-0.11.15-1.fc43
Update description:

Update uv and python-uv-build to 0.11.5, fixing GHSA-3cv2-h65g-fgmm and GHSA-4gg8-gxpx-9rph.