Linux Kernel Team Rushes Out Seven New Stable Releases with Critical Security Patches

By

Seven New Stable Kernels Released

Greg Kroah-Hartman, the Linux kernel maintainer, announced the release of seven new stable kernels on Thursday: 7.0.3, 6.18.26, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254. The most significant update addresses a critical security vulnerability in the AEAD socket subsystem, affecting multiple kernel series.

Urgent Upgrade Required for Most Users

While the 7.0.3 and 6.18.26 kernels contain fixes exclusively for Xen hypervisor users, the remaining five kernels include backported patches for the recently disclosed AEAD socket vulnerability. Kroah-Hartman strongly advises all users of those kernel series to upgrade immediately.

"Users of the 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254 kernels must upgrade as soon as possible to protect their systems," said Kroah-Hartman in the release announcement.

Background: The AEAD Socket Vulnerability

The AEAD (Authenticated Encryption with Associated Data) socket vulnerability is a recently uncovered security flaw that could allow attackers to compromise system integrity. The vulnerability affects how Linux handles certain encryption operations within the network stack, potentially enabling privilege escalation or denial-of-service attacks.

Security researchers have not yet disclosed full technical details, but the kernel team acted swiftly to produce backported patches for older but widely used stable series. The vulnerability underscores the ongoing challenge of maintaining security across multiple kernel versions.

What This Means for System Administrators

This release significantly impacts organizations running Linux servers, desktops, or embedded systems. Systems using kernel versions 6.12.x, 6.6.x, 6.1.x, 5.15.x, or 5.10.x should be updated to the new point releases without delay.

For Xen users, the 7.0.3 and 6.18.26 kernels address specific Xen-related issues, though they do not contain the AEAD fix. Administrators running Xen should weigh their own risk assessment and apply updates as needed.

Recommended action: Check your current kernel version with uname -r and update to the appropriate new stable release via your distribution's package manager or kernel.org.

Additional Resources

• Background on the AEAD vulnerability
• Immediate steps for system administrators
• Official kernel releases at kernel.org

Related Articles

• Breaking: New Access Model Targets Windows Credential Crisis — Boundary and Vault Offer Identity-Based Solution
• Defending Against Edge Decay: A Practical Guide to Securing the Perimeter in Modern Attacks
• AI-Assisted Vulnerability Detection: Mozilla's Mythos Finds 271 Firefox Flaws with Minimal False Positives
• Fragnesia: New Linux Kernel Flaw Enables Full System Compromise via Privilege Escalation
• Kaseya Urges MSPs to Overhaul Backup Strategies Amid Rising Ransomware Threats
• Critical 'Copy Fail' Linux Bug Grants Root Access to Any User – AI-Powered Discovery
• Securing Your Supply Chain: A Deep Dive into the OpenAI TanStack Incident
• ACSC Warns of ClickFix Campaign Spreading Vidar Stealer – What You Need to Know