AlmaLinux has rolled out a series of critical security updates for various software packages, including the kernel, Firefox, AIDE, and mod_http2, addressing significant vulnerabilities that could lead to memory leaks, denial-of-service attacks, and sandbox escapes. These updates apply to both AlmaLinux 9 and 10 and have been assigned various severity levels, with most categorized as important.

Key security fixes include:

- Kernel (CVE-2025-22058, CVE-2025-37914): Addressing memory leaks and potential denial-of-service scenarios.
- Firefox (CVE-2025-9182, CVE-2025-9179, CVE-2025-9180): Fixes for denial-of-service issues, sandbox escapes, and memory safety vulnerabilities.
- AIDE (CVE-2025-54389): Correcting improper output neutralization that could allow bypassing of security measures.
- mod_http2 (CVE-2025-49630): Resolving issues related to untrusted input leading to assertion failures in the Apache HTTP2 module.

The updates were released on August 27, 2025, and users are encouraged to apply these patches promptly to safeguard their systems. AlmaLinux provides full details and references for each update via their errata pages.

In addition to applying these updates, it is advisable for users to stay engaged with the AlmaLinux community for ongoing support and information regarding future security announcements. Regular monitoring of system security and updates is essential to maintain a secure operating environment, and users should consider setting up automated notifications for new patches and updates.

For ongoing improvements, users are encouraged to explore the AlmaLinux community chat for discussions about best practices in system administration, security configurations, and leveraging AlmaLinux features effectively

Firefox, AIDE, mod_http2, Kernel updates for AlmaLinux

AlmaLinux has released several security updates for various packages, including kernel, firefox, aide, and mod_http2. The updates fix important vulnerabilities such as memory leaks, denial-of-service attacks, and sandbox escapes in kernel (CVE-2025-22058, CVE-2025-37914), firefox (CVE-2025-9182, CVE-2025-9179, CVE-2025-9180), aide (CVE-2025-54389), and mod_http2 (CVE-2025-49630). The updates are available for AlmaLinux 9 and 10.

ALSA-2025:14420: kernel security update (Important)
ALSA-2025:14416: firefox security update (Important)
ALSA-2025:14493: aide security update (Important)
ALSA-2025:14592: aide security update (Important)
ALSA-2025:14417: firefox security update (Important)
ALSA-2025:14625: mod_http2 security update (Moderate)

Firefox, AIDE, mod_http2, Kernel updates for AlmaLinux @ Linux Compatible