Stay Connected:

ELSA-2026-7383

ELSA-2026-7383 - cockpit: Unauthenticated remote code execution due to SSH command-line argument injection

Type:SECURITY
Impact:CRITICAL
Release Date:2026-04-14

Description


[344-3.0.1]
- Storage: Enable btrfs support [Orabug: 37464632]
- Replaced upstream urls in documentation with oracle links [Orabug: 36528753]
- Drop subscription-manager-cockpit requirement for ol [Orabug: 34681110]
- Remove duplicate reference to server in cockpit [Orabug: 34030494]
- Update documentation links [Orabug: 30271413], [Orabug: 32013095],
[Orabug: 32795691], [Orabug: 34398512], [Orabug: 34742876], [Orabug: 37253273]
- Update spec file for new release

[344-3]
- correctly apply CVE patches (CVE-2026-4631)

* Wed Mar 25 2026 Jelle van der Waa - ws: be more explicit when handling hostnames on cli (CVE-2026-4631)


Related CVEs


CVE-2026-4631

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 10 (aarch64) cockpit-344-3.0.1.el10_1.src.rpmc2007b4419ef5443f38927b414b9477d49e81d9a74af52a6f78d110832b02fa1-ol10_aarch64_appstream
cockpit-344-3.0.1.el10_1.src.rpmc2007b4419ef5443f38927b414b9477d49e81d9a74af52a6f78d110832b02fa1-ol10_aarch64_baseos_latest
cockpit-344-3.0.1.el10_1.src.rpmc2007b4419ef5443f38927b414b9477d49e81d9a74af52a6f78d110832b02fa1-ol10_aarch64_u1_baseos_patch
cockpit-344-3.0.1.el10_1.aarch64.rpm8496e0edfc44d04d355b9cc0a174d66fbeecdb0e1b7d7de74f7b65241f286862-ol10_aarch64_baseos_latest
cockpit-344-3.0.1.el10_1.aarch64.rpm8496e0edfc44d04d355b9cc0a174d66fbeecdb0e1b7d7de74f7b65241f286862-ol10_aarch64_u1_baseos_patch
cockpit-bridge-344-3.0.1.el10_1.noarch.rpm15cf300f35ae989ef8329851f1a18cdeffeed2b9b20b5a339cd815dabd43152e-ol10_aarch64_baseos_latest
cockpit-bridge-344-3.0.1.el10_1.noarch.rpm15cf300f35ae989ef8329851f1a18cdeffeed2b9b20b5a339cd815dabd43152e-ol10_aarch64_u1_baseos_patch
cockpit-doc-344-3.0.1.el10_1.noarch.rpma7b72d45b6db1fec9795b45ccb7998d9523e3630bc56525efec88a6cb01c21c5-ol10_aarch64_baseos_latest
cockpit-doc-344-3.0.1.el10_1.noarch.rpma7b72d45b6db1fec9795b45ccb7998d9523e3630bc56525efec88a6cb01c21c5-ol10_aarch64_u1_baseos_patch
cockpit-packagekit-344-3.0.1.el10_1.noarch.rpmcafada04751445620c298bc6a900880e6b9e76c05b710437d3ad3b5fc49b47e4-ol10_aarch64_appstream
cockpit-storaged-344-3.0.1.el10_1.noarch.rpmf97de0a48bb852c0bdfeceab61e7ea38de2cb895a47f40e30df40450cb0b52cd-ol10_aarch64_appstream
cockpit-system-344-3.0.1.el10_1.noarch.rpmb575811b2280d88b68b9e8580c8280350e1465ad567d678b5b86757cb46519e3-ol10_aarch64_baseos_latest
cockpit-system-344-3.0.1.el10_1.noarch.rpmb575811b2280d88b68b9e8580c8280350e1465ad567d678b5b86757cb46519e3-ol10_aarch64_u1_baseos_patch
cockpit-ws-344-3.0.1.el10_1.aarch64.rpme712d036524cd7a1df1e440e778c9348fe0441f326b842b28543d3693295c1e3-ol10_aarch64_baseos_latest
cockpit-ws-344-3.0.1.el10_1.aarch64.rpme712d036524cd7a1df1e440e778c9348fe0441f326b842b28543d3693295c1e3-ol10_aarch64_u1_baseos_patch
cockpit-ws-selinux-344-3.0.1.el10_1.aarch64.rpm426b1ad64ede044c301eda4cfea279c9215be46f44c9516ed3a8d21da8e54e0b-ol10_aarch64_baseos_latest
cockpit-ws-selinux-344-3.0.1.el10_1.aarch64.rpm426b1ad64ede044c301eda4cfea279c9215be46f44c9516ed3a8d21da8e54e0b-ol10_aarch64_u1_baseos_patch
Oracle Linux 10 (x86_64) cockpit-344-3.0.1.el10_1.src.rpmc2007b4419ef5443f38927b414b9477d49e81d9a74af52a6f78d110832b02fa1-ol10_x86_64_appstream
cockpit-344-3.0.1.el10_1.src.rpmc2007b4419ef5443f38927b414b9477d49e81d9a74af52a6f78d110832b02fa1-ol10_x86_64_baseos_latest
cockpit-344-3.0.1.el10_1.src.rpmc2007b4419ef5443f38927b414b9477d49e81d9a74af52a6f78d110832b02fa1-ol10_x86_64_u1_baseos_patch
cockpit-344-3.0.1.el10_1.x86_64.rpm9279b114d3ff4f160835585923b722a4b55599e2ab4a1b64d65afd63424b3658-ol10_x86_64_baseos_latest
cockpit-344-3.0.1.el10_1.x86_64.rpm9279b114d3ff4f160835585923b722a4b55599e2ab4a1b64d65afd63424b3658-ol10_x86_64_u1_baseos_patch
cockpit-bridge-344-3.0.1.el10_1.noarch.rpm15cf300f35ae989ef8329851f1a18cdeffeed2b9b20b5a339cd815dabd43152e-ol10_x86_64_baseos_latest
cockpit-bridge-344-3.0.1.el10_1.noarch.rpm15cf300f35ae989ef8329851f1a18cdeffeed2b9b20b5a339cd815dabd43152e-ol10_x86_64_u1_baseos_patch
cockpit-doc-344-3.0.1.el10_1.noarch.rpma7b72d45b6db1fec9795b45ccb7998d9523e3630bc56525efec88a6cb01c21c5-ol10_x86_64_baseos_latest
cockpit-doc-344-3.0.1.el10_1.noarch.rpma7b72d45b6db1fec9795b45ccb7998d9523e3630bc56525efec88a6cb01c21c5-ol10_x86_64_u1_baseos_patch
cockpit-packagekit-344-3.0.1.el10_1.noarch.rpmcafada04751445620c298bc6a900880e6b9e76c05b710437d3ad3b5fc49b47e4-ol10_x86_64_appstream
cockpit-storaged-344-3.0.1.el10_1.noarch.rpmf97de0a48bb852c0bdfeceab61e7ea38de2cb895a47f40e30df40450cb0b52cd-ol10_x86_64_appstream
cockpit-system-344-3.0.1.el10_1.noarch.rpmb575811b2280d88b68b9e8580c8280350e1465ad567d678b5b86757cb46519e3-ol10_x86_64_baseos_latest
cockpit-system-344-3.0.1.el10_1.noarch.rpmb575811b2280d88b68b9e8580c8280350e1465ad567d678b5b86757cb46519e3-ol10_x86_64_u1_baseos_patch
cockpit-ws-344-3.0.1.el10_1.x86_64.rpm5d89e9c6ee93ac2483b5656ecaacfc956ad1598dddabad808a4b8f84ff7b4c35-ol10_x86_64_baseos_latest
cockpit-ws-344-3.0.1.el10_1.x86_64.rpm5d89e9c6ee93ac2483b5656ecaacfc956ad1598dddabad808a4b8f84ff7b4c35-ol10_x86_64_u1_baseos_patch
cockpit-ws-selinux-344-3.0.1.el10_1.x86_64.rpmfb74b986d3853bc438cc8b64ab73a94969c4475f82afcaf7fe8a091e45e56f12-ol10_x86_64_baseos_latest
cockpit-ws-selinux-344-3.0.1.el10_1.x86_64.rpmfb74b986d3853bc438cc8b64ab73a94969c4475f82afcaf7fe8a091e45e56f12-ol10_x86_64_u1_baseos_patch



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights