Aggregator

It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Ethernet bonding driver; - SMB network file system; - Netfilter; - io_uring subsystem; - Packet sockets; - TLS protocol; (CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Cryptographic API; - Compute Acceleration Framework; - Drivers core; - Null block device driver; - Ublk userspace block driver; - Bluetooth drivers; - Counter interface drivers; - DMA engine subsystem; - DPLL subsystem; - GPU drivers; - HID subsystem; - Intel Trace Hub HW tracing drivers; - IIO ADC drivers; - IIO subsystem; - On-Chip Interconnect management framework; - IRQ chip drivers; - Modular ISDN driver; - LED subsystem; - Multiple devices driver; - UACCE accelerator framework; - MMC subsystem; - Ethernet bonding driver; - Network drivers; - Mellanox network drivers; - NVME drivers; - PHY drivers; - x86 platform drivers; - i.MX PM domains; - SCSI subsystem; - SLIMbus drivers; - SPI subsystem; - TCM subsystem; - W1 Dallas's 1-wire bus driver; - Xen hypervisor drivers; - BTRFS file system; - EFI Variable file system; - exFAT file system; - Ext4 file system; - HFS+ file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - Scheduler infrastructure; - Netfilter; - NFC subsystem; - Tracing infrastructure; - io_uring subsystem; - BPF subsystem; - Perf events; - Floating proportions library; - Memory management; - Bluetooth subsystem; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - L2TP protocol; - MAC80211 subsystem; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - TLS protocol; - Unix domain sockets; - VMware vSockets driver; - Wireless networking; - ALSA AC97 driver; - Generic PCM loopback sound driver; - Creative Sound Blaster X-Fi driver; - AMD SoC Alsa drivers; - Texas InstrumentS Audio (ASoC/HDA) drivers; - USB sound devices; - KVM subsystem; (CVE-2024-50004, CVE-2024-58096, CVE-2024-58097, CVE-2025-37926, CVE-2025-38201, CVE-2025-38591, CVE-2025-40039, CVE-2025-40082, CVE-2025-40149, CVE-2025-68351, CVE-2025-68358, CVE-2025-68365, CVE-2025-68725, CVE-2025-68749, CVE-2025-68803, CVE-2025-68823, CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180, CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190, CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194, CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198, CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976, CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980, CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991, CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001, CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010, CVE-2026-23011, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021, CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031, CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037, CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050, CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057, CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062, CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068, CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087, CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107, CVE-2026-23108, CVE-2026-23110, CVE-2026-23113, CVE-2026-23116, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123, CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128, CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135, CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141, CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146, CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156, CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164, CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170, CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178, CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187, CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198, CVE-2026-23200, CVE-2026-23202, CVE-2026-23204, CVE-2026-23205, CVE-2026-23206, CVE-2026-23212, CVE-2026-23213, CVE-2026-23214, CVE-2026-23215, CVE-2026-23216, CVE-2026-23254, CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23260, CVE-2026-23261, CVE-2026-23262, CVE-2026-23264, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - S390 architecture; - Cryptographic API; - GPU drivers; - Ethernet bonding driver; - Network file system (NFS) server daemon; - Distributed Switch Architecture; - Netfilter; - Control group (cgroup); - Kernel kexec() syscall; - Memory management; - MAC80211 subsystem; - Multipath TCP; - Packet sockets; - TLS protocol; - Unix domain sockets; (CVE-2025-71088, CVE-2025-71090, CVE-2025-71127, CVE-2025-71134, CVE-2025-71139, CVE-2025-71141, CVE-2025-71142, CVE-2025-71144, CVE-2025-71152, CVE-2025-71155, CVE-2026-23274, CVE-2026-23351, CVE-2026-23394, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078)

FEDORA-2026-16c8693020 Packages in this update:

• linux-firmware-20260519-1.fc43

Update description:

Update to 20260519:

• ASoC: tas2783: Add Firmware files for tas2783A projects
• add firmware for MT7927 WiFi device
• Add HP ISH firmware for Intel Panther Lake systems
• ti: Add PCM6240 firmware with multiple audio profiles support
• qcom: add CDSP firmware for shikra platform
• amdgpu: updates for various ASICs
• qcom: update ADSP firmware for x1e80100 platform
• qcom: Add cdsp1r.jsn for sa8775p platform
• Add firmware for Lontium LT9611C
• xe: Update GUC to v70.65.0 for LNL, BMG, PTL
• rtl_bt: Add missing rtl8761a_config.bin for RTL8761AU
• Add Dell ISH firmware 581.7783.0 for Intel Panther Lake systems.
• qcom: update ADSP firmware for x1e80100 platform
• linux-firmware:Add firmware for Lontium LT7911EXC bridge
• qcom/x1e80100/dell: mark that qcom/NOTICE.txt is applicable too
• qcom: Update CDSP firmware for Kaanapali platform
• qcom: vpu: add Gen2 firmware binary for Agatti
• amdgpu: DMCUB updates for various ASICs
• Add firmware file for Intel BlazarIGfp2/BlazarIW/ScorpiusGfp2
• Update firmware file for Intel BlazarI/BlazarU/BlazarU-HrPGfP/Scorpius core
• qcom: Update ADSP firmware for Glymur platform
• mediatek MT7925: update bluetooth firmware to 20260414153243
• update firmware for MT7925 WiFi device
• Revert "Update firmware file for Intel Quasar core"
• qcom: Add gpdspr.jsn for qcs8300 platform
• ath12k: QCC2072 hw1.0: add to WLAN.COL.1.0.c2-00074-QCACOLSWPL_V1_TO_SILICONZ-1
• ath12k: QCC2072 hw1.0: add board-2.bin
• ath12k: IPQ5424 hw1.0: add to WLAN.WBE.1.6-01275-QCAHKSWPL_SILICONZ-1
• ath12k: IPQ5424 hw1.0: add board-2.bin
• qcom: Update ADSP firmware for Kaanapali platform
• cirrus: cs35l56: Add firmware for Cirrus Amps for some Lenovo laptops (17aa235c 17aa235d)
• QCA: Update Bluetooth WCN6856 firmware 2.1.0-00665 to 2.1.0-00666
• amdgpu: DMCUB updates for DCN36
• Update AMD cpu microcode
• powervr: update Imagination Rogue firmware images
• qcom: Update ADSP firmware for Kaanapali platform
• i915: Xe3LPD DMC v2.34
• i915: Xe3LPD_3002 DMC v2.29
• qcom: Update ADSP firmware for QCM6490 platform
• firmware/amdgpu: Update DMCUB fw to Release 0.1.55.0
• mediatek: vpu: drop old sym link

FEDORA-2026-2b07c67f06 Packages in this update:

• linux-firmware-20260519-1.fc44

Update description:

Update to 20260519:

• ASoC: tas2783: Add Firmware files for tas2783A projects
• add firmware for MT7927 WiFi device
• Add HP ISH firmware for Intel Panther Lake systems
• ti: Add PCM6240 firmware with multiple audio profiles support
• qcom: add CDSP firmware for shikra platform
• amdgpu: updates for various ASICs
• qcom: update ADSP firmware for x1e80100 platform
• qcom: Add cdsp1r.jsn for sa8775p platform
• Add firmware for Lontium LT9611C
• xe: Update GUC to v70.65.0 for LNL, BMG, PTL
• rtl_bt: Add missing rtl8761a_config.bin for RTL8761AU
• Add Dell ISH firmware 581.7783.0 for Intel Panther Lake systems.
• qcom: update ADSP firmware for x1e80100 platform
• linux-firmware:Add firmware for Lontium LT7911EXC bridge
• qcom/x1e80100/dell: mark that qcom/NOTICE.txt is applicable too
• qcom: Update CDSP firmware for Kaanapali platform
• qcom: vpu: add Gen2 firmware binary for Agatti
• amdgpu: DMCUB updates for various ASICs
• Add firmware file for Intel BlazarIGfp2/BlazarIW/ScorpiusGfp2
• Update firmware file for Intel BlazarI/BlazarU/BlazarU-HrPGfP/Scorpius core
• qcom: Update ADSP firmware for Glymur platform
• mediatek MT7925: update bluetooth firmware to 20260414153243
• update firmware for MT7925 WiFi device
• Revert "Update firmware file for Intel Quasar core"
• qcom: Add gpdspr.jsn for qcs8300 platform
• ath12k: QCC2072 hw1.0: add to WLAN.COL.1.0.c2-00074-QCACOLSWPL_V1_TO_SILICONZ-1
• ath12k: QCC2072 hw1.0: add board-2.bin
• ath12k: IPQ5424 hw1.0: add to WLAN.WBE.1.6-01275-QCAHKSWPL_SILICONZ-1
• ath12k: IPQ5424 hw1.0: add board-2.bin
• qcom: Update ADSP firmware for Kaanapali platform
• cirrus: cs35l56: Add firmware for Cirrus Amps for some Lenovo laptops (17aa235c 17aa235d)
• QCA: Update Bluetooth WCN6856 firmware 2.1.0-00665 to 2.1.0-00666
• amdgpu: DMCUB updates for DCN36
• Update AMD cpu microcode
• powervr: update Imagination Rogue firmware images
• qcom: Update ADSP firmware for Kaanapali platform
• i915: Xe3LPD DMC v2.34
• i915: Xe3LPD_3002 DMC v2.29
• qcom: Update ADSP firmware for QCM6490 platform
• firmware/amdgpu: Update DMCUB fw to Release 0.1.55.0
• mediatek: vpu: drop old sym link

FEDORA-2026-49dc95b509 Packages in this update:

• evince-48.1-2.fc42

Update description:

Fix command injection CVE-2026-46529

FEDORA-2026-aea94fcc1c Packages in this update:

• evince-48.1-5.fc44

Update description:

Fix command injection CVE-2026-46529

FEDORA-2026-d29bd1ad07 Packages in this update:

• evince-48.1-2.fc43

Update description:

Fix command injection CVE-2026-46529

It was discovered that Highlight.js used plain JavaScript objects for internal language name lookups, making them susceptible to prototype pollution attacks. An attacker could use this to cause a denial of service or unexpected application behaviour.

FEDORA-2026-93281f2f96 Packages in this update:

• rrdtool-1.9.0-8.fc42

Update description:

This is an update backporting some safety checks from the rrdtool-1.10.0.

FEDORA-2026-111ad9560f Packages in this update:

• rrdtool-1.9.0-8.fc43

Update description:

This is an update backporting some safety checks from the rrdtool-1.10.0.

FEDORA-2026-87a8048005 Packages in this update:

• rrdtool-1.9.0-11.fc44

Update description:

This is an update backporting some safety checks from the rrdtool-1.10.0.

FEDORA-2026-37298d3095 Packages in this update:

• libsoup3-3.6.6-3.fc43

Update description:

Patch for CVE-2026-5119

FEDORA-EPEL-2026-f6cbd2d252 Packages in this update:

• rust-astral_async_http_range_reader-0.11.0-2.el10_3
• rust-astral_async_zip-0.0.18~rc4-2.el10_3
• rust-astral-tokio-tar-0.6.2-1.el10_3
• uv-0.11.15-1.el10_3

Update description:

Update uv to 0.11.5, fixing GHSA-3cv2-h65g-fgmm and GHSA-4gg8-gxpx-9rph.

FEDORA-2026-f8487121bd Packages in this update:

• python-uv-build-0.11.15-1.fc43
• rust-astral_async_http_range_reader-0.11.0-2.fc43
• rust-astral_async_zip-0.0.18~rc4-2.fc43
• rust-astral-tokio-tar-0.6.2-1.fc43
• uv-0.11.15-1.fc43

Update description:

Update uv and python-uv-build to 0.11.5, fixing GHSA-3cv2-h65g-fgmm and GHSA-4gg8-gxpx-9rph.

FEDORA-2026-0b1aaac651 Packages in this update:

• python-uv-build-0.11.15-1.fc44
• rust-astral_async_http_range_reader-0.11.0-2.fc44
• rust-astral_async_zip-0.0.18~rc4-2.fc44
• rust-astral-tokio-tar-0.6.2-1.fc44
• uv-0.11.15-1.fc44

Update description:

Update uv and python-uv-build to 0.11.5, fixing GHSA-3cv2-h65g-fgmm and GHSA-4gg8-gxpx-9rph.

FEDORA-2026-588c639071 Packages in this update:

• python-uv-build-0.11.15-1.fc45
• rust-astral_async_http_range_reader-0.11.0-2.fc45
• rust-astral_async_zip-0.0.18~rc4-2.fc45
• uv-0.11.15-1.fc45

Update description:

Update uv and python-uv-build to 0.11.5, fixing ee GHSA-3cv2-h65g-fgmm and GHSA-4gg8-gxpx-9rph.

FEDORA-2026-63ab4e8283 Packages in this update:

• perl-Imager-1.031-1.fc44

Update description:

Imager 1.031 - GIF: fix a heap buffer overflow with attacker controlled data CVE-2026-8454 Imager 1.030 - addtag(): store non-"int" numbers as strings - addtag: improve the regexp used to decide if a value can be stored as an int. - API: i_tags_get_int() - now fails if the value is stored as a string and is out of range for an int.

Version:next-20260519 (linux-next) Released:2026-05-19

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-2640) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU drivers; - HID subsystem; - Intel Trace Hub HW tracing drivers; - IIO ADC drivers; - IRQ chip drivers; - Modular ISDN driver; - LED subsystem; - UACCE accelerator framework; - Ethernet bonding driver; - Network drivers; - STMicroelectronics network drivers; - Ethernet team driver; - NVME drivers; - PHY drivers; - SLIMbus drivers; - W1 Dallas's 1-wire bus driver; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NTFS3 file system; - SMB network file system; - NFC subsystem; - BPF subsystem; - IRQ subsystem; - Memory management; - Bluetooth subsystem; - CAN network layer; - Networking core; - IPv4 networking; - IPv6 networking; - L2TP protocol; - NET/ROM layer; - Network traffic control; - SCTP protocol; - TLS protocol; - XFRM subsystem; - Creative Sound Blaster X-Fi driver; - USB sound devices; (CVE-2023-53421, CVE-2023-53520, CVE-2023-53662, CVE-2023-54207, CVE-2025-38057, CVE-2025-38125, CVE-2025-38232, CVE-2025-38408, CVE-2025-38591, CVE-2025-40149, CVE-2025-40164, CVE-2025-68211, CVE-2025-68340, CVE-2025-68365, CVE-2025-68725, CVE-2025-68817, CVE-2025-71162, CVE-2025-71163, CVE-2025-71185, CVE-2025-71186, CVE-2025-71188, CVE-2025-71190, CVE-2025-71191, CVE-2025-71194, CVE-2025-71196, CVE-2025-71197, CVE-2025-71199, CVE-2026-22997, CVE-2026-22998, CVE-2026-22999, CVE-2026-23001, CVE-2026-23003, CVE-2026-23011, CVE-2026-23026, CVE-2026-23033, CVE-2026-23037, CVE-2026-23038, CVE-2026-23049, CVE-2026-23056, CVE-2026-23058, CVE-2026-23061, CVE-2026-23063, CVE-2026-23064, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075, CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23087, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23093, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23103, CVE-2026-23105, CVE-2026-23108, CVE-2026-23112, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23124, CVE-2026-23125, CVE-2026-23128, CVE-2026-23133, CVE-2026-23145, CVE-2026-23146, CVE-2026-23150, CVE-2026-23164, CVE-2026-23167, CVE-2026-23170, CVE-2026-23209, CVE-2026-23273)