Critical CVE Fixes for Cockpit, .NET 8.0, Firefox, Flatpak, and UEK Kernel on Oracle Linux
Oracle recently pushed out a comprehensive set of security advisories for Linux versions seven through nine that tackle serious vulnerabilities across core system utilities and popular development frameworks. These releases fix critical weaknesses in the Cockpit management console, Firefox web browser, Flatpak container platform, and .NET runtime while also patching numerous memory handling bugs inside the Unbreakable Enterprise Kernel. System administrators need to apply these updates right away because multiple disclosed CVEs create direct pathways for attackers to execute arbitrary code or steal elevated privileges on vulnerable machines. You should always double check your installed package versions after rebooting to confirm that every security fix actually made it onto x86_64 and aarch64 servers without any leftover conflicts.
ELSA-2026-21700 Important: Oracle Linux 8 cockpit security update
ELSA-2026-21291 Important: Oracle Linux 8 .NET 8.0 security update
ELSA-2026-7292 Important: Oracle Linux 7 freerdp security update
ELSA-2026-21756 Important: Oracle Linux 8 flatpak security update
ELSA-2026-21382 Important: Oracle Linux 8 firefox security update
ELSA-2026-20929 Moderate: Oracle Linux 8 libexif security update
ELSA-2026-50275 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
ELSA-2026-50275 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2026-50275 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update
Critical CVE Fixes for Cockpit, .NET 8.0, Firefox, Flatpak, and UEK Kernel on Oracle Linux
Oracle has released critical security advisories for various versions of Oracle Linux, addressing significant vulnerabilities in key components like Cockpit, .NET 8.0, Firefox, Flatpak, and the Unbreakable Enterprise Kernel. System administrators are urged to promptly apply these updates to mitigate risks associated with multiple disclosed CVEs that could allow attackers to execute arbitrary code or gain elevated privileges on vulnerable systems. The updates include specific RPM packages for x86_64 and aarch64 architectures, along with detailed descriptions of the vulnerabilities and fixes. Administrators should verify the installation of these security fixes after rebooting to ensure their systems are secure
