[Apollo] Advisories Statistics light light Login

RLSA-2026:7384

Security Mirrored from RHSA-2026:7384
Issued at: 2026-05-21
Updated at: 2026-05-21

Synopsis

Critical: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection



Description

Cockpit enables users to administer GNU/Linux servers using a web browser. It

offers network configuration, log inspection, diagnostic reports, SELinux

troubleshooting, interactive command-line sessions, and more.

Security Fix(es):

* cockpit: ws: be more explicit when handling hostnames on cli (CVE-2026-4631)

For more details about the security issue(s), including the impact, a CVSS

score, acknowledgments, and other related information, refer to the CVE page(s)

listed in the References section.



Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2450246

CVEs

CVE-2026-4631

Affected packages

Rocky Linux 9 aarch64 - BaseOS

cockpit-0:344-2.el9_7.rocky.0.1.aarch64.rpm cockpit-0:344-2.el9_7.rocky.0.1.src.rpm cockpit-bridge-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-debuginfo-0:344-2.el9_7.rocky.0.1.aarch64.rpm cockpit-debugsource-0:344-2.el9_7.rocky.0.1.aarch64.rpm cockpit-doc-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-system-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-ws-0:344-2.el9_7.rocky.0.1.aarch64.rpm cockpit-ws-selinux-0:344-2.el9_7.rocky.0.1.aarch64.rpm

Rocky Linux 9 ppc64le - BaseOS

cockpit-0:344-2.el9_7.rocky.0.1.ppc64le.rpm cockpit-0:344-2.el9_7.rocky.0.1.src.rpm cockpit-bridge-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-debuginfo-0:344-2.el9_7.rocky.0.1.ppc64le.rpm cockpit-debugsource-0:344-2.el9_7.rocky.0.1.ppc64le.rpm cockpit-doc-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-system-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-ws-0:344-2.el9_7.rocky.0.1.ppc64le.rpm cockpit-ws-selinux-0:344-2.el9_7.rocky.0.1.ppc64le.rpm

Rocky Linux 9 s390x - BaseOS

cockpit-0:344-2.el9_7.rocky.0.1.s390x.rpm cockpit-0:344-2.el9_7.rocky.0.1.src.rpm cockpit-bridge-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-debuginfo-0:344-2.el9_7.rocky.0.1.s390x.rpm cockpit-debugsource-0:344-2.el9_7.rocky.0.1.s390x.rpm cockpit-doc-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-system-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-ws-0:344-2.el9_7.rocky.0.1.s390x.rpm cockpit-ws-selinux-0:344-2.el9_7.rocky.0.1.s390x.rpm

Rocky Linux 9 x86_64 - BaseOS

cockpit-0:344-2.el9_7.rocky.0.1.src.rpm cockpit-0:344-2.el9_7.rocky.0.1.x86_64.rpm cockpit-bridge-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-debuginfo-0:344-2.el9_7.rocky.0.1.x86_64.rpm cockpit-debugsource-0:344-2.el9_7.rocky.0.1.x86_64.rpm cockpit-doc-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-system-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-ws-0:344-2.el9_7.rocky.0.1.x86_64.rpm cockpit-ws-selinux-0:344-2.el9_7.rocky.0.1.x86_64.rpm

Rocky Linux 9 x86_64 - AppStream

cockpit-packagekit-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-storaged-0:344-2.el9_7.rocky.0.1.noarch.rpm

Rocky Linux 9 aarch64 - AppStream

cockpit-packagekit-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-storaged-0:344-2.el9_7.rocky.0.1.noarch.rpm

Rocky Linux 9 s390x - AppStream

cockpit-packagekit-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-storaged-0:344-2.el9_7.rocky.0.1.noarch.rpm

Rocky Linux 9 ppc64le - AppStream

cockpit-packagekit-0:344-2.el9_7.rocky.0.1.noarch.rpm cockpit-storaged-0:344-2.el9_7.rocky.0.1.noarch.rpm