Red Hat Linux Kernel Vulnerabilities Prompt Broad Update Advisory
The Canadian Centre for Cyber Security issued two notices warning that Red Hat had published multiple security advisories for vulnerabilities affecting several products, with a particular focus on Linux kernel updates. The affected offerings include Red Hat CodeReady Linux Builder, Red Hat Enterprise Linux, Red Hat Enterprise Linux Server, and Red Hat Enterprise Linux for Real Time across multiple versions and platforms.
The first notice, AV26-318, covered Red Hat advisories released between March 30 and April 5, while the second, AV26-341, covered advisories published between April 6 and 12. In both cases, the Cyber Centre urged users and administrators to review the referenced Red Hat advisories and apply the necessary updates to address the disclosed vulnerabilities.
Timeline
Apr 27, 2026
Canadian Centre for Cyber Security issues notice AV26-392
On 2026-04-27, the Canadian Centre for Cyber Security published advisory AV26-392, urging users and administrators to review Red Hat security advisories issued between 2026-04-20 and 2026-04-26 and apply the necessary updates.
Apr 20, 2026
Canadian Centre for Cyber Security issues notice AV26-369
On 2026-04-20, the Canadian Centre for Cyber Security published advisory AV26-369, urging users and administrators to review Red Hat security advisories issued between 2026-04-13 and 2026-04-19 and apply the necessary updates.
Apr 13, 2026
Canadian Centre for Cyber Security issues notice AV26-341
On 2026-04-13, the Canadian Centre for Cyber Security published advisory AV26-341, recommending that users and administrators review the referenced Red Hat advisories and apply updates.
Apr 7, 2026
Canadian Centre for Cyber Security issues notice AV26-318
On 2026-04-07, the Canadian Centre for Cyber Security published advisory AV26-318, urging users and administrators to review Red Hat's recent security advisories and apply the necessary updates.
Apr 6, 2026
Red Hat publishes another round of security advisories
Between 2026-04-06 and 2026-04-12, Red Hat issued additional security advisories addressing vulnerabilities in multiple products, again including Linux kernel updates for several Red Hat offerings across multiple versions and platforms.
Mar 30, 2026
Red Hat publishes security advisories for multiple products
Between 2026-03-30 and 2026-04-05, Red Hat released security advisories covering vulnerabilities in multiple products, including Linux kernel updates for Red Hat CodeReady Linux Builder, Red Hat Enterprise Linux, Red Hat Enterprise Linux Server, and Red Hat Enterprise Linux for Real Time across multiple versions and platforms.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Organizations
Affected Products
Sources
Related Stories
Canadian Cyber Centre Advisories Highlight Linux Kernel and Other Vendor Patch Updates
The Canadian Centre for Cyber Security issued multiple advisories urging organizations to apply vendor patches released between **February 16–22, 2026**, including updates addressing **Linux kernel vulnerabilities** impacting **Ubuntu** (16.04 LTS through 25.10) and **Red Hat** platforms (including *RHEL* and related offerings). The advisories emphasize routine but potentially high-impact exposure from unpatched kernel flaws across widely deployed enterprise and server environments, and direct administrators to review upstream vendor notices and deploy the corresponding updates. Separate Cyber Centre advisories also flagged patch requirements outside the Linux kernel: Microsoft released an update for **Microsoft Edge Stable** to remediate vulnerabilities in versions prior to `145.0.3800.70`, IBM published security advisories covering multiple products (including *Aspera Enterprise WebApps*, *Cloud Pak System*, *Storage Defender*, and others), and CISA issued ICS advisories for vulnerabilities across several industrial and IoT/OT products (including **Delta Electronics**, **GE Vernova**, **Honeywell CCTV**, **Siemens Simcenter**, and others) with recommended mitigations and updates where available. A Linux 7.0 release-candidate feature article is not a security advisory and does not materially relate to the patch/vulnerability notices in the other items.
1 months ago
Coordinated Vendor Patch Advisories for Enterprise Software and Linux Kernel
The Canadian Centre for Cyber Security issued multiple **alerts and advisories** urging organizations to apply vendor patches for newly disclosed vulnerabilities across widely deployed enterprise platforms, including **Splunk** (Enterprise, Cloud Platform, Universal Forwarder, and *DB Connect* prior to `4.2.0`), **GitHub Enterprise Server** (patched releases `3.19.2`, `3.18.5`, `3.17.11`, `3.16.14`, `3.15.18`, `3.14.23`), **Jenkins** (Weekly `2.550` and prior; LTS `2.541.1` and prior), and **Atlassian** products (**Bamboo**, **Confluence**, and **Crowd** Data Center/Server across multiple versions). The advisories are framed as patch-and-mitigate guidance rather than incident reporting, emphasizing rapid update adoption to reduce exposure. Additional vendor guidance highlighted kernel-level risk and security tooling exposure. **Tenable** released a critical update for **Tenable Security Center** (`6.7.2` and prior) via stand-alone patches, and **Red Hat** published multiple advisories (Feb 9–15) including **Linux kernel** fixes across several RHEL-related offerings (e.g., *Red Hat Enterprise Linux* and *CodeReady Linux Builder*). Separately, F5 tracked a **Linux kernel vulnerability** identified as **CVE-2025-22026** in its product advisory, reinforcing the need to prioritize kernel patching where affected components are present.
1 months ago
Multiple Vulnerabilities Disclosed in Red Hat Hardened Images RPMs
dCERT issued advisories for **multiple vulnerabilities** affecting **Red Hat Hardened Images RPMs**, identifying the issue in notices `2026-1205` and `2026-1246`. The advisories indicate that security flaws were found in RPM packages used within Red Hat hardened container images, potentially exposing systems that rely on those images to a range of risks depending on the affected packages and deployed workloads. The publication of two separate dCERT notices suggests ongoing or updated vendor guidance around the same product area, and organizations using Red Hat hardened images should review the referenced advisories, determine which RPMs and image versions are affected, and prioritize remediation through updated packages or rebuilt images. Security teams should also verify downstream dependencies in container registries and production environments to ensure vulnerable image layers are replaced.
5 days ago