Linux Kernel Team Rushes Out Seven New Stable Releases with Critical Security Patches

By

Seven New Stable Kernels Released

Greg Kroah-Hartman, the Linux kernel maintainer, announced the release of seven new stable kernels on Thursday: 7.0.3, 6.18.26, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254. The most significant update addresses a critical security vulnerability in the AEAD socket subsystem, affecting multiple kernel series.

Urgent Upgrade Required for Most Users

While the 7.0.3 and 6.18.26 kernels contain fixes exclusively for Xen hypervisor users, the remaining five kernels include backported patches for the recently disclosed AEAD socket vulnerability. Kroah-Hartman strongly advises all users of those kernel series to upgrade immediately.

"Users of the 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254 kernels must upgrade as soon as possible to protect their systems," said Kroah-Hartman in the release announcement.

Background: The AEAD Socket Vulnerability

The AEAD (Authenticated Encryption with Associated Data) socket vulnerability is a recently uncovered security flaw that could allow attackers to compromise system integrity. The vulnerability affects how Linux handles certain encryption operations within the network stack, potentially enabling privilege escalation or denial-of-service attacks.

Security researchers have not yet disclosed full technical details, but the kernel team acted swiftly to produce backported patches for older but widely used stable series. The vulnerability underscores the ongoing challenge of maintaining security across multiple kernel versions.

What This Means for System Administrators

This release significantly impacts organizations running Linux servers, desktops, or embedded systems. Systems using kernel versions 6.12.x, 6.6.x, 6.1.x, 5.15.x, or 5.10.x should be updated to the new point releases without delay.

For Xen users, the 7.0.3 and 6.18.26 kernels address specific Xen-related issues, though they do not contain the AEAD fix. Administrators running Xen should weigh their own risk assessment and apply updates as needed.

Recommended action: Check your current kernel version with uname -r and update to the appropriate new stable release via your distribution's package manager or kernel.org.

Additional Resources

• Background on the AEAD vulnerability
• Immediate steps for system administrators
• Official kernel releases at kernel.org

Related Articles

• Defending Against UNC6692's Social Engineering-Driven Malware Deployment
• 8 Key Insights Into Russia's Router Hijacking Campaign Targeting Microsoft Office Tokens
• Urgent: Cisco Catalyst SD-WAN Controller Under Active Zero-Day Attack – Critical Auth Bypass Allows Full Device Takeover
• How to Save Up to $500 on MacBook Pro Laptops
• Turla Evolves Kazuar Backdoor into Stealthy Peer-to-Peer Botnet for Long-Term Network Access
• Scattered Spider Leader Admits to $8M Crypto Theft, Faces Decades in Prison
• Emergency Patch Alert: Critical Zero-Day in cPanel Actively Exploited Amid Major Breaches
• A Practical Guide to Surviving a Cyberattack on Canvas During Finals