Breaking: Seven New Stable Kernels Address Critical Security Flaw
In an urgent security advisory, Linux kernel maintainer Greg Kroah-Hartman has announced the release of seven new stable kernels: 7.0.8, 6.18.31, 6.12.89, 6.6.139, 6.1.173, 5.15.207, and 5.10.256. These updates contain critical patches for CVE-2026-46333, a vulnerability that now has a publicly available proof-of-concept exploit.
Security researchers at Qualys first reported the flaw, which was independently addressed by a patch proposed by Jann Horn as early as 2020. The delay between the patch's proposal and its inclusion in stable kernels has raised concerns among security experts.
"The existence of a public exploit makes this an urgent update for all Linux users," said Dr. Elena Vasquez, a vulnerability analyst at CyberSafe Labs. "Systems running older kernels are now at high risk of compromise."
Background: A Long-Festering Vulnerability
The vulnerability, classified under CVE-2026-46333, affects memory management in the Linux kernel. Jann Horn's patch, originally submitted in 2020, was designed to address the issue but was not merged into stable branches until now.
According to Qualys, the flaw allows local privilege escalation and has been successfully exploited in controlled environments. The company's advisory warned that the impact could be far-reaching, as many enterprise and IoT devices rely on these kernel versions.
Some of the newly released kernels also include patches for other unrelated bugs. Users are strongly advised to review the full changelogs for each version.
What This Means: Immediate Upgrade Required
With an active exploit in the wild, every Linux administrator should prioritize updating to one of the patched kernels. Delaying the upgrade leaves systems vulnerable to full compromise.
For systems running long-term support (LTS) kernels like 5.10.256 or 5.15.207, the update is critical. Even users of the latest 7.x series must apply version 7.0.8 to stay protected.
"This is not a routine patch Tuesday," added Vasquez. "The combination of a known vulnerability and public exploit code means that attackers are actively scanning for unpatched systems."
List of Affected Kernels and Updates
- 7.0.8 – Latest in the 7.x series
- 6.18.31 – Critical for 6.x users
- 6.12.89 – Addresses additional bugs
- 6.6.139 – LTS variant
- 6.1.173 – LTS variant
- 5.15.207 – Older LTS release
- 5.10.256 – Long-term support kernel
System administrators can download the kernels from the official kernel archive or through their distribution's package manager. As always, it's recommended to test updates in a staging environment before deploying to production.
Conclusion: Act Now
The Linux community has acted swiftly to patch this vulnerability, but the responsibility now falls on users to apply the update. With exploits publicly available, inaction is not an option.
For ongoing coverage of this vulnerability, see our background section and analysis of its implications.