AlmaLinux has recently released a series of important security updates for several key components, including the Go Toolset, kernel packages, Golang, OpenJPEG, and the Toolbox. These updates address various vulnerabilities that could potentially affect system security.
1. Go Toolset (ALSA-2025:13940): This update addresses a critical vulnerability (CVE-2025-4674) related to command execution within the Go version control system, categorized as important.
2. Kernel-RT (ALSA-2025:13961): This moderate severity update fixes multiple vulnerabilities, including a use-after-free issue and a double free error, enhancing the stability of real-time Linux kernel operations.
3. Kernel (ALSA-2025:13960): An important update that resolves several vulnerabilities, including issues with memory management and initialization, which could lead to system instability or exploitation.
4. Golang (ALSA-2025:13935): Similar to the Go Toolset update, this addresses the same command execution vulnerability (CVE-2025-4674) in the Go programming language compiler.
5. OpenJPEG (ALSA-2025:13944): This important update covers a critical out-of-bounds heap memory write vulnerability (CVE-2025-54874) in the OpenJPEG library, which handles JPEG2000 image files.
6. Toolbox (ALSA-2025:13674): An update introducing a fix for a privilege escalation issue in the NVIDIA Container Toolkit, crucial for maintaining security within containerized environments.
For users subscribed to AlmaLinux security notifications, these updates are critical for maintaining system integrity and security. The updates are available for various AlmaLinux versions, and users are encouraged to review the detailed errata linked in the notifications for comprehensive information about the security issues and fixes provided.
In addition to these updates, it is essential for AlmaLinux users to regularly monitor their systems for any additional vulnerabilities and updates, ensuring a proactive approach to system security. Engaging with the AlmaLinux community can also provide further insights and assistance regarding the management of these updates and potential security concerns.
For detailed information and to manage notification settings, users can visit the AlmaLinux errata page and community chat
1. Go Toolset (ALSA-2025:13940): This update addresses a critical vulnerability (CVE-2025-4674) related to command execution within the Go version control system, categorized as important.
2. Kernel-RT (ALSA-2025:13961): This moderate severity update fixes multiple vulnerabilities, including a use-after-free issue and a double free error, enhancing the stability of real-time Linux kernel operations.
3. Kernel (ALSA-2025:13960): An important update that resolves several vulnerabilities, including issues with memory management and initialization, which could lead to system instability or exploitation.
4. Golang (ALSA-2025:13935): Similar to the Go Toolset update, this addresses the same command execution vulnerability (CVE-2025-4674) in the Go programming language compiler.
5. OpenJPEG (ALSA-2025:13944): This important update covers a critical out-of-bounds heap memory write vulnerability (CVE-2025-54874) in the OpenJPEG library, which handles JPEG2000 image files.
6. Toolbox (ALSA-2025:13674): An update introducing a fix for a privilege escalation issue in the NVIDIA Container Toolkit, crucial for maintaining security within containerized environments.
For users subscribed to AlmaLinux security notifications, these updates are critical for maintaining system integrity and security. The updates are available for various AlmaLinux versions, and users are encouraged to review the detailed errata linked in the notifications for comprehensive information about the security issues and fixes provided.
In addition to these updates, it is essential for AlmaLinux users to regularly monitor their systems for any additional vulnerabilities and updates, ensuring a proactive approach to system security. Engaging with the AlmaLinux community can also provide further insights and assistance regarding the management of these updates and potential security concerns.
For detailed information and to manage notification settings, users can visit the AlmaLinux errata page and community chat
Go-Toolset, Kernel, Go, OpenJPEG, Toolbox updates for AlmaLinux
AlmaLinux has received several security updates, including go-toolset:rhel8, kernel-rt, kernel, golang, openjpeg2, and toolbox:
ALSA-2025:13940: go-toolset:rhel8 security update (Important)
ALSA-2025:13961: kernel-rt security update (Moderate)
ALSA-2025:13960: kernel security update (Important)
ALSA-2025:13935: golang security update (Important)
ALSA-2025:13944: openjpeg2 security update (Important)
ALSA-2025:13674: toolbox security update (Important)Go-Toolset, Kernel, Go, OpenJPEG, Toolbox updates for AlmaLinux @ Linux Compatible
