Xshell Ssh

2026-05-03 19:46:14

Linux Kernel Maintainer Releases Critical Security Updates Across Multiple Stable Branches

Greg Kroah-Hartman released seven stable kernels, two with Xen fixes and five backporting critical AEAD socket vulnerability patches. Users of affected series should upgrade immediately.

Xshell Ssh · Cybersecurity

A Wave of New Stable Kernel Releases

Greg Kroah-Hartman, the maintainer of the Linux stable kernel tree, has announced the release of seven new stable kernels: 7.0.3, 6.18.26, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254. These updates address a range of issues, with a special focus on a recently disclosed vulnerability that affects the AEAD socket subsystem. While two of these releases are limited to Xen-specific fixes, the remaining five carry critical backported patches that all users should apply promptly.

Linux Kernel Maintainer Releases Critical Security Updates Across Multiple Stable Branches
Source: lwn.net

Overview of the Seven New Kernels

The table below summarizes the kernel versions and their primary focus areas. For a deeper dive into each series, follow the inline links.

  • 7.0.3 – Contains fixes needed only for Xen users. Learn more about Xen-specific updates.
  • 6.18.26 – Also limited to Xen-related patches. See the Xen fixes section.
  • 6.12.85 – Includes backported fixes for the AEAD socket vulnerability.
  • 6.6.137 – Same AEAD vulnerability fixes applied.
  • 6.1.170 – AEAD vulnerability patched.
  • 5.15.204 – AEAD security fix included.
  • 5.10.254 – AEAD vulnerability backported.

The AEAD Socket Vulnerability Explained

AEAD (Authenticated Encryption with Associated Data) is a cryptographic primitive used extensively in the Linux kernel to ensure data integrity and confidentiality. A security flaw was recently disclosed in the AEAD socket implementation, which could potentially allow an attacker to execute arbitrary code or cause system crashes by sending specially crafted packets. The vulnerability affects multiple kernel versions, and the maintainers have moved quickly to produce backported patches for long-term stable releases.

The five kernels that include AEAD fixes—6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254—are derived from the mainline stable branches that cover a wide range of deployments, from modern servers to embedded systems. Administrators running any of these kernel series should treat this update as critical and plan for an immediate upgrade.

Xen-Specific Updates in 7.0.3 and 6.18.26

Two of the new releases, versions 7.0.3 and 6.18.26, are exclusively targeted at users of the Xen hypervisor. These kernels contain patches that resolve issues related to Xen domain management, memory handling, and event channel communication. While they do not address the AEAD vulnerability, they are still important for any Linux system running as a Xen guest or domain 0 operator.

If your environment does not rely on Xen, you can safely skip these two releases. However, for Xen users, upgrading ensures continued stability and security within the virtualization layer.

Urgent Upgrade Recommendation

In his announcement, Kroah-Hartman explicitly advises all users of the other kernel series to upgrade to the latest stable version. This is particularly urgent for those affected by the AEAD vulnerability, as proof-of-concept exploit code may soon become publicly available. Even if you are not aware of an immediate threat, patching proactively reduces the attack surface and keeps your systems in line with best practices.

To apply the update:

  1. Check your current kernel version with uname -r.
  2. Download the appropriate kernel source or binary package from your distribution’s repositories or the kernel.org archive.
  3. Test the update in a staging environment if possible.
  4. Reboot into the new kernel and verify that your applications and drivers function as expected.

Long-Term Support Considerations

Among the releases, 5.15.204, 5.10.254, and 6.1.170 are part of the Long-Term Support (LTS) series, which receive backported security fixes for several years. Maintaining these kernels is essential for enterprises that require stability without frequent major upgrades. The inclusion of AEAD patches in LTS branches underscores the seriousness of the vulnerability and the commitment of the kernel development community to support older stable tree users.

For users on the 6.6 and 6.12 series, these stable updates also contain a collection of other bug fixes and hardware support improvements. Always review the full changelog before deploying.

Conclusion

The release of these seven stable kernels is a clear signal that security remains a top priority for the Linux kernel project. Whether you manage a small homelab or a large data center, taking the time to upgrade now can prevent headaches later. Keep an eye on the kernel.org website and subscribe to the linux-stable mailing list for future announcements.

More Stories

Partner Publications

Coinbase Investment Arm Selects Superstate for Tokenized Stablecoin Credit Fund LaunchPython 3.14.0rc2 Released Early; Third Release Candidate Added for Final 2025 Debut10 Game-Changing Facts About OpenAI’s GPT-5.5 and NVIDIA’s Codex RevolutionThe CEO-Worker Pay Gap in 2025: 10 Shocking Facts About Income InequalityBreaking: Internal Search Failures Drive Users to Google — New Analysis Exposes the 'Site Search Paradox'