Linux Kernel Team Rushes Out Seven New Stable Releases with Critical Security Patches

By

Seven New Stable Kernels Released

Greg Kroah-Hartman, the Linux kernel maintainer, announced the release of seven new stable kernels on Thursday: 7.0.3, 6.18.26, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254. The most significant update addresses a critical security vulnerability in the AEAD socket subsystem, affecting multiple kernel series.

Urgent Upgrade Required for Most Users

While the 7.0.3 and 6.18.26 kernels contain fixes exclusively for Xen hypervisor users, the remaining five kernels include backported patches for the recently disclosed AEAD socket vulnerability. Kroah-Hartman strongly advises all users of those kernel series to upgrade immediately.

"Users of the 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254 kernels must upgrade as soon as possible to protect their systems," said Kroah-Hartman in the release announcement.

Background: The AEAD Socket Vulnerability

The AEAD (Authenticated Encryption with Associated Data) socket vulnerability is a recently uncovered security flaw that could allow attackers to compromise system integrity. The vulnerability affects how Linux handles certain encryption operations within the network stack, potentially enabling privilege escalation or denial-of-service attacks.

Security researchers have not yet disclosed full technical details, but the kernel team acted swiftly to produce backported patches for older but widely used stable series. The vulnerability underscores the ongoing challenge of maintaining security across multiple kernel versions.

What This Means for System Administrators

This release significantly impacts organizations running Linux servers, desktops, or embedded systems. Systems using kernel versions 6.12.x, 6.6.x, 6.1.x, 5.15.x, or 5.10.x should be updated to the new point releases without delay.

For Xen users, the 7.0.3 and 6.18.26 kernels address specific Xen-related issues, though they do not contain the AEAD fix. Administrators running Xen should weigh their own risk assessment and apply updates as needed.

Recommended action: Check your current kernel version with uname -r and update to the appropriate new stable release via your distribution's package manager or kernel.org.

Additional Resources

• Background on the AEAD vulnerability
• Immediate steps for system administrators
• Official kernel releases at kernel.org

Related Articles

• Streamlining Kubernetes Secret Management with Vault Secrets Operator (VSO)
• How Microsoft's MDASH AI System Discovered Critical Windows RCE Flaws: A Step-by-Step Breakdown
• Uncovering Trapdoor: The Massive Android Ad Fraud Operation
• Ubuntu Suffers Major DDoS Attack: Snap Store, Websites, and Launchpad Hit
• Sweet Security Unveils Sweet Attack: Continuous Agentic AI Red Teaming for Modern Cloud Threats
• Meta’s Enhanced End-to-End Encrypted Backup System: Explained
• Breaking: Cybersecurity Consultant Demand Hits Record High as Global Cybercrime Damages Exceed $10 Trillion
• DirtyDecrypt Exploit Code Released: Critical Linux Kernel LPE Vulnerability Now Weaponized