ALSA-2026:7384

[ALSA-2026:7384] Critical: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection

Type:

security

Severity:

critical

Release date:

2026-04-15

Description:

Cockpit enables users to administer GNU/Linux servers using a web browser. It  
offers network configuration, log inspection, diagnostic reports, SELinux  
troubleshooting, interactive command-line sessions, and more.  

Security Fix(es):  

  * cockpit: ws: be more explicit when handling hostnames on cli (CVE-2026-4631)


For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE page(s)  
listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	cockpit-ws-344-2.el9_7.aarch64.rpm	48b7ab48b2fee6ecf2825815db37a71bd2d1f0f9564ebd63a016be84e9a4fbbc
aarch64	cockpit-344-2.el9_7.aarch64.rpm	76c8b49b78f0d130405c5e76da892636a7e49fec8695b94ad4a196051d6d86dc
aarch64	cockpit-ws-selinux-344-2.el9_7.aarch64.rpm	eb10e80a1f63c88c25db70cb1c713e314313ff5bb22c265fb971dbce25322eb6
noarch	cockpit-storaged-344-2.el9_7.noarch.rpm	0c9b09373a2cf6803bc493ad471ec3a0d5e03cb01e571b4046e2daaf255195b2
noarch	cockpit-packagekit-344-2.el9_7.noarch.rpm	1ef1686e9430eb02e35f06d182d13aa3a421ee0a8388cd25f9a0e2d6d91e4bae
noarch	cockpit-bridge-344-2.el9_7.noarch.rpm	2effe186221fe6dc07d95815c153435b8730f5e721c05bc7db9576b8bc00adad
noarch	cockpit-system-344-2.el9_7.noarch.rpm	3b3523d9a2fd6605d71280f802e7ab26a7f5145b77dd7ecc2e593fbfb83bd428
noarch	cockpit-doc-344-2.el9_7.noarch.rpm	9e555d673f9eb1696fd5340e348f6a1c9787e2fdd1db09530fde04b6077fc7b9
ppc64le	cockpit-ws-selinux-344-2.el9_7.ppc64le.rpm	0d56ef5a888d63828e6e30eadfcb28aedfe4ef1aa3481a32abe4ac6f194ec481
ppc64le	cockpit-344-2.el9_7.ppc64le.rpm	41675e637377457a845b1a8fbaadaa96a02e40c3e40bfe04cd79cabe770d062c
ppc64le	cockpit-ws-344-2.el9_7.ppc64le.rpm	e1d8fea8c8cb6464ef67bcb0979d3cbe67213e1569ddb27a460678fd8885c23e
s390x	cockpit-ws-344-2.el9_7.s390x.rpm	37f12171245a4ce8008b31589a609e38c0aaec209a04dae4c75f73acb34695ef
s390x	cockpit-344-2.el9_7.s390x.rpm	486ab4272e811be0d89dd4e90a61a797eaa41828a267b29074aaa1c885c857d2
s390x	cockpit-ws-selinux-344-2.el9_7.s390x.rpm	ad54b070252f6f51b4f54032272ef43e263ca31263547bdbad1702d1ae369ce2
x86_64	cockpit-ws-344-2.el9_7.x86_64.rpm	5f95ca3a47cc8a6a578f4c68fe5f0d56896ff973e042c9e3d71042e296333646
x86_64	cockpit-344-2.el9_7.x86_64.rpm	64fdd8201a5fbe238a64be3a9e884a8c3c018cc0204f308631c2bf41555a18e6
x86_64	cockpit-ws-selinux-344-2.el9_7.x86_64.rpm	71816bcab5c8bc87863251dc72b6e3ae65729fd47139a9c1f291a165ada28ca7

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.