Update - Patched kernels have been released to the AlmaLinux production repositories. Target versions:
CL9 / AlmaLinux 9: kernel-5.14.0-687.5.4.el9_8 or newer
CL10 / AlmaLinux 10: kernel-6.12.0-211.7.4.el10_2 or newer
No testing-repo step is needed — a plain update pulls the patched kernel:
dnf update 'kernel*'
reboot
uname -r
Jun 03, 2026 - 02:01 UTC
CL9 / AlmaLinux 9: kernel-5.14.0-687.5.4.el9_8 or newer
CL10 / AlmaLinux 10: kernel-6.12.0-211.7.4.el10_2 or newer
No testing-repo step is needed — a plain update pulls the patched kernel:
dnf update 'kernel*'
reboot
uname -r
Jun 03, 2026 - 02:01 UTC
Update - Patched CloudLinux kernels for CL7h and CL8 are released - available in the beta channel and rolling out to stable with an immediate-install bypass command.
Target versions:
- CL7h: kernel-4.18.0-553.126.2.lve.el7h or newer
- CL8: kernel-4.18.0-553.126.2.lve.el8 or newer
To install immediately without waiting for the gradual stable rollout:
yum update cloudlinux-release --enablerepo=cloudlinux-updates-testing
yum update --enablerepo=cloudlinux-rollout-4-bypass 'kernel*'
reboot
Patched LTS kernels are released to the beta channel.
Target versions:
- CL8 LTS: kernel-lts-5.14.0-284.1101.el8.tuxcare.11.els2 or newer
- CL9 LTS: kernel-lts-5.14.0-284.1101.el9.tuxcare.11.els2 or newer
Update with:
dnf update 'kernel-lts*' --enablerepo=cloudlinux-updates-testing
reboot
Jun 01, 2026 - 10:17 UTC
Target versions:
- CL7h: kernel-4.18.0-553.126.2.lve.el7h or newer
- CL8: kernel-4.18.0-553.126.2.lve.el8 or newer
To install immediately without waiting for the gradual stable rollout:
yum update cloudlinux-release --enablerepo=cloudlinux-updates-testing
yum update --enablerepo=cloudlinux-rollout-4-bypass 'kernel*'
reboot
Patched LTS kernels are released to the beta channel.
Target versions:
- CL8 LTS: kernel-lts-5.14.0-284.1101.el8.tuxcare.11.els2 or newer
- CL9 LTS: kernel-lts-5.14.0-284.1101.el9.tuxcare.11.els2 or newer
Update with:
dnf update 'kernel-lts*' --enablerepo=cloudlinux-updates-testing
reboot
Jun 01, 2026 - 10:17 UTC
Update - KernelCare livepatches have been promoted to the main feed for CL7h, CL8, and CL9 (including the AlmaLinux 9.2 and 9.6 FIPS variants). KernelCare-subscribed servers running these versions receive the fix automatically on the next kcarectl --update.
Patches for CL10 and CloudLinux for Ubuntu 22.04 (Jammy) are now available in the testing feed. Apply immediately with kcarectl --update --prefix test
May 29, 2026 - 19:42 UTC
Patches for CL10 and CloudLinux for Ubuntu 22.04 (Jammy) are now available in the testing feed. Apply immediately with kcarectl --update --prefix test
May 29, 2026 - 19:42 UTC
Update - Who is affected
Only hosts that have cifs-utils installed and permit unprivileged user namespaces:
- CloudLinux 7h, CloudLinux 8, CloudLinux 9, CloudLinux 10, CloudLinux for Ubuntu 22.04
CloudLinux 7 (CL7) is not affected in its stock configuration. No CVE has been assigned yet.
Mitigate now (either option breaks the chain):
- Option 1 - neutralize the cifs.spnego upcall, only if this host does not mount Kerberos-authenticated SMB shares:
echo "create cifs.spnego * * /bin/false" > /etc/request-key.d/cifs.spnego.conf
- Option 2 - disable unprivileged user namespaces.
Patched kernels
- CL9 / AlmaLinux 9: kernel-5.14.0-687.5.4.el9_8 or newer - available in the AlmaLinux testing repository.
- CL10 / AlmaLinux 10: kernel-6.12.0-211.7.4.el10_2 or newer - available in the AlmaLinux testing repository.
- CL7h / CL8: rebuilds on top of the AlmaLinux 8 fix are in build/test; target versions will follow.
Promotion to production repositories is pending community verification.
KernelCare livepatches (no reboot)
- EL8 family (CL7h, CL8): on the testing feed now; promotion to the main feed expected shortly.
- EL9: built and reviewed.
Install from the testing feed:
kcarectl --update --prefix test
Until a CVE is assigned, identify the patch by its description:
kcarectl --patch-info | grep cifs.spnego
Full and continuously updated details are in the blog post.
May 29, 2026 - 12:43 UTC
Only hosts that have cifs-utils installed and permit unprivileged user namespaces:
- CloudLinux 7h, CloudLinux 8, CloudLinux 9, CloudLinux 10, CloudLinux for Ubuntu 22.04
CloudLinux 7 (CL7) is not affected in its stock configuration. No CVE has been assigned yet.
Mitigate now (either option breaks the chain):
- Option 1 - neutralize the cifs.spnego upcall, only if this host does not mount Kerberos-authenticated SMB shares:
echo "create cifs.spnego * * /bin/false" > /etc/request-key.d/cifs.spnego.conf
- Option 2 - disable unprivileged user namespaces.
Patched kernels
- CL9 / AlmaLinux 9: kernel-5.14.0-687.5.4.el9_8 or newer - available in the AlmaLinux testing repository.
- CL10 / AlmaLinux 10: kernel-6.12.0-211.7.4.el10_2 or newer - available in the AlmaLinux testing repository.
- CL7h / CL8: rebuilds on top of the AlmaLinux 8 fix are in build/test; target versions will follow.
Promotion to production repositories is pending community verification.
KernelCare livepatches (no reboot)
- EL8 family (CL7h, CL8): on the testing feed now; promotion to the main feed expected shortly.
- EL9: built and reviewed.
Install from the testing feed:
kcarectl --update --prefix test
Until a CVE is assigned, identify the patch by its description:
kcarectl --patch-info | grep cifs.spnego
Full and continuously updated details are in the blog post.
May 29, 2026 - 12:43 UTC
Update - Patched kernels for CL9/CL10 are available in the AlmaLinux testing repository. Target versions:
CL9 / AlmaLinux 9: kernel-5.14.0-687.5.4.el9_8 or newer
CL10 / AlmaLinux 10: kernel-6.12.0-211.7.4.el10_2 or newer
Promotion to production repositories is pending community verification. See the AlmaLinux advisory for upstream details.
May 29, 2026 - 03:57 UTC
CL9 / AlmaLinux 9: kernel-5.14.0-687.5.4.el9_8 or newer
CL10 / AlmaLinux 10: kernel-6.12.0-211.7.4.el10_2 or newer
Promotion to production repositories is pending community verification. See the AlmaLinux advisory for upstream details.
May 29, 2026 - 03:57 UTC
Identified - CIFSwitch (cifs.spnego LPE) - mitigation available; patched kernels in build, KernelCare live patches rolling out.
More details in our blog: https://blog.cloudlinux.com/cifswitch-mitigation-and-kernel-update
May 28, 2026 - 18:23 UTC
More details in our blog: https://blog.cloudlinux.com/cifswitch-mitigation-and-kernel-update
May 28, 2026 - 18:23 UTC
Monitoring - We are making significant changes to the mechanism of accessing CloudLinux repositories.
This release affects Cloudlinux 8, 9 and Ubuntu. CL7 will be handled later. CL10 also receives an update though it already uses no-auth repos.
License validation has been moved within CloudLinux OS itself, so no action is required on the customer side other than updating the packages, which will be discussed below.
The transition on the client servers will be implemented by updating the cloudlinux-release and rhn-client-tools packages; therefore, if these packages are excluded from the update for any reason, please unblock them so you do not lose the ability to receive updates.
The version of the rhn package that will be updated is rhn-client-tools 3.0.3-1; versions of the cloudlinux-release packages depend on the system being used and can be found in our changelog:
CloudLinux 8 release packages
CloudLinux 9 release packages
CloudLinux 10 release packages
For Ubuntu it is - cloudlinux-release 0.1-10
Rollout of the packages will begin on April 30.
ELS repos brough by php-els, python-els, etc packages can be accessed via JWT token.
If you have questions about how access to ALT-ELS repositories works, you can find more details in this article:
alt-PHP, Python, NodeJS, Ruby repositories changes in CloudLinux 10
Important! If, for whatever reason, you are currently unable to update your packages and switch to the new mirrors, you will not be left without updates. There will be a transition period lasting several months during which both the old and new mirror systems will operate simultaneously.
Apr 29, 2026 - 09:19 UTC
This release affects Cloudlinux 8, 9 and Ubuntu. CL7 will be handled later. CL10 also receives an update though it already uses no-auth repos.
License validation has been moved within CloudLinux OS itself, so no action is required on the customer side other than updating the packages, which will be discussed below.
The transition on the client servers will be implemented by updating the cloudlinux-release and rhn-client-tools packages; therefore, if these packages are excluded from the update for any reason, please unblock them so you do not lose the ability to receive updates.
The version of the rhn package that will be updated is rhn-client-tools 3.0.3-1; versions of the cloudlinux-release packages depend on the system being used and can be found in our changelog:
CloudLinux 8 release packages
CloudLinux 9 release packages
CloudLinux 10 release packages
For Ubuntu it is - cloudlinux-release 0.1-10
Rollout of the packages will begin on April 30.
ELS repos brough by php-els, python-els, etc packages can be accessed via JWT token.
If you have questions about how access to ALT-ELS repositories works, you can find more details in this article:
alt-PHP, Python, NodeJS, Ruby repositories changes in CloudLinux 10
Important! If, for whatever reason, you are currently unable to update your packages and switch to the new mirrors, you will not be left without updates. There will be a transition period lasting several months during which both the old and new mirror systems will operate simultaneously.
Apr 29, 2026 - 09:19 UTC
About This Site
Welcome to CloudLinux status page. Here you can see if there are any ongoing issues with the CloudLinux network or other services.
CloudLinux OS Components
Operational
Alt-PHP
Operational
CageFS
Operational
MySQL Governor
Operational
EasyApache4 PHP packages
Operational
CloudLinux Kernel
Operational
Mod_lsapi
Operational
PHP Selector
Operational
Python Selector
Operational
Ruby Selector
Operational
Node.js Selector
Operational
CloudLinux Network
Operational
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance