Red Hat and Ubuntu Ship Coordinated Linux Kernel Security Updates
Major Linux distributions released synchronized kernel updates addressing memory safety, networking, and file system vulnerabilities with moderate severity ratings.
Red Hat, Ubuntu, and other major Linux distributions have released coordinated kernel security updates addressing vulnerabilities in memory management, networking subsystems, and file systems. The updates carry moderate severity ratings and are recommended for all production systems.
Red Hat Enterprise Linux Updates
Red Hat released kernel updates for RHEL 9 and RHEL 10 Extended Update Support, addressing multiple CVEs:
- CVE-2025-39806: HID multitouch slab out-of-bounds access fix
- CVE-2025-39840: Audit subsystem out-of-bounds read correction
- CVE-2025-39883: Memory failure handling VM_BUG fix
- CVE-2025-40240: SCTP NULL dereference prevention
Red Hat Product Security rated these updates as having Moderate security impact.
Ubuntu Security Updates
Ubuntu released USN-7922-4, addressing vulnerabilities in multiple kernel subsystems:
- Cryptographic API: Security improvements to crypto operations
- Network drivers: Fixes for InfiniBand and general networking
- File systems: AFS and F2FS security corrections
- Memory management: Hardening against memory-related attacks
- Netfilter: Firewall subsystem security fixes
The updates apply to Ubuntu 20.04 LTS and 18.04 LTS, including Raspberry Pi kernel variants.
SUSE Linux Updates
SUSE released kernel live patches for SUSE Linux Enterprise 15 SP5, enabling security fixes without system reboots. Live patching is particularly valuable for production systems requiring high availability.
Coordinated Disclosure
The synchronized release across distributions reflects the collaborative nature of Linux kernel security. The kernel security team works with distribution maintainers to ensure patches are available simultaneously, preventing attackers from exploiting the disclosure window.
Update Recommendations
System administrators should:
- Review changelogs: Assess which CVEs affect your specific workloads
- Test in staging: Validate kernel updates before production deployment
- Schedule maintenance: Plan reboots for systems not using live patching
- Monitor for issues: Watch for unexpected behavior after updates
Kernel CVE Volume
With 8-9 new kernel CVEs appearing daily, prioritization is essential. These moderate-severity updates address real vulnerabilities but don't require emergency patching. Organizations should incorporate them into regular maintenance cycles within 30 days of release.
Related Articles
Cloudflare 2026 Threat Report: 230 Billion Daily Blocked Threats and the Rise of Credential Attacks
Cloudflare has published its inaugural annual threat report revealing the company blocks over 230 billion threats daily across 20% of global web traffic. DDoS attacks doubled year-over-year to 47.1 million incidents, with the largest reaching a record 31.4 Tbps, while bots now account for 94% of all login attempts.
HashiCorp Patches Consul Arbitrary File Read Vulnerability in Kubernetes Auth
HashiCorp has released emergency patches for Consul to address CVE-2026-2808, a medium-severity vulnerability allowing arbitrary file reads when Kubernetes authentication is enabled. The fix also adds HTTP server timeouts to prevent Slowloris denial-of-service attacks against Consul agent endpoints.
Let's Encrypt Now Issues Six-Day Certificates and IP Address Certificates via Certbot
Let's Encrypt and the EFF have announced support for six-day (160-hour) certificates and IP address certificates through Certbot 5.3 and 5.4. The ultra-short-lived certificates reduce the impact window of compromised keys by design, while IP address certificates enable HTTPS for services identified by address rather than hostname.