Latest Linux Kernel Releases: What You Need to Know

Greg Kroah-Hartman recently rolled out a batch of seven new stable kernels, addressing critical security issues and platform-specific fixes. This Q&A breaks down the key details—from which versions are affected to why upgrading matters. Jump to any question:

• Which new stable kernels were released?
• Which kernels focus solely on Xen fixes?
• What is the AEAD socket vulnerability?
• Why must users of other kernels upgrade immediately?
• How do the Xen fixes differ from the AEAD fixes?
• What should you do if your kernel version isn’t listed?

Which new stable kernels were released?

Greg Kroah-Hartman, the leading Linux kernel maintainer, announced seven stable kernel updates on Thursday. The new versions are 7.0.3, 6.18.26, 6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254. These releases cover a wide range of kernel series, from the very latest (7.x) to older long-term support branches (5.10). Each update includes targeted patches to improve stability and security, making them crucial for maintaining a healthy Linux system.

Which kernels focus solely on Xen fixes?

Two of the seven kernels—7.0.3 and 6.18.26—are dedicated exclusively to addressing issues for Xen hypervisor users. Xen is a popular virtualization platform, and these updates contain fixes that are not present in the other releases. For anyone running Xen, upgrading to these specific versions is highly recommended to avoid potential operational problems. The remaining five kernels include additional security patches, making them broader in scope.

What is the AEAD socket vulnerability?

The AEAD (Authenticated Encryption with Associated Data) socket vulnerability is a recently disclosed security flaw that affects the Linux kernel’s handling of encrypted network connections. It could potentially allow an attacker to compromise data integrity or leak sensitive information. To counter this threat, the kernel maintainers have backported fixes into the stable releases. The affected kernels—6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254—all include these patches, ensuring that users on those branches are protected.

Why must users of other kernels upgrade immediately?

While the 7.0.3 and 6.18.26 kernels only contain Xen-related fixes, the other five versions (6.12.85, 6.6.137, 6.1.170, 5.15.204, and 5.10.254) include critical backported patches for the AEAD socket vulnerability. Greg Kroah-Hartman explicitly advises that all users of the other kernel series must upgrade to these new versions. Failure to do so could leave systems exposed to potential exploits. Since the vulnerability is now public, attackers may actively try to target unpatched systems, making this upgrade a top priority for security-conscious administrators.

How do the Xen fixes differ from the AEAD fixes?

The Xen fixes and the AEAD socket vulnerability fixes serve entirely different purposes. Xen patches address hypervisor-specific bugs that only affect systems running virtual machines under the Xen platform. In contrast, the AEAD fixes are a security measure that applies to a wide range of kernel users—whether or not they use virtualization. The two kernels that only carry Xen fixes (7.0.3 and 6.18.26) do not include the AEAD patches, meaning users on those series who are also concerned about the socket vulnerability would need to wait for a subsequent update. The other five kernels bundle both fixes, providing comprehensive protection.

What should you do if your kernel version isn’t listed?

If you are running a kernel version not included in this batch (for example, an older or newer series), the best course of action is to check the official kernel website for updates specific to your branch. Greg Kroah-Hartman and his team regularly release stable updates across many series. You can also subscribe to the linux-kernel-announce mailing list to stay informed. For enterprise users, your distribution provider (e.g., Red Hat, Ubuntu) will often supply backported patches through their own channels. In any case, if your branch is listed among the affected series (like 6.1 or 5.15), you should upgrade to the new version immediately.