Canadian Cyber Centre Flags Broad Vendor Patch Wave Across Enterprise and ICS Products
The Canadian Centre for Cyber Security issued a series of advisories highlighting a broad patch wave from major technology vendors, spanning enterprise infrastructure, operating systems, and industrial environments. IBM released updates for products including AIX, MQ, QRadar Suite Software, Cloud Pak for Security, multiple IBM Verify offerings, and other middleware and cloud components, while Dell published fixes affecting Avamar Data Store Gen5A, Connectrix B-Series FOS and SANnav, PowerSwitch E3200-ON Series, PowerSwitch Z9664F-ON, and Secure Connect Gateway. Red Hat and Ubuntu also pushed Linux kernel-related updates, with Red Hat covering several RHEL and CodeReady Linux Builder variants and Ubuntu addressing kernel issues in Ubuntu 22.04 LTS and 24.04 LTS, including NVIDIA-related vulnerabilities referenced in USN-8060-7 and USN-8059-8.
Industrial and telecom systems were also affected. CISA advisories cited vulnerabilities across products from Apeman, Ceragon, Honeywell, Inductive Automation, Lantronix, Siemens, and Trane, impacting industrial control systems, building management platforms, EV chargers, networking devices, and industrial software. Separately, HPE disclosed a remote buffer overflow in HPE Telco Service Orchestrator affecting versions prior to v4.2.12 under bulletin HPESBNW05029 revision 1. The Cyber Centre urged organizations to review vendor guidance, implement recommended mitigations, and apply updates promptly to reduce exposure across both IT and OT environments.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
12 events from the most recent confirmed update back to the earliest known activity.
Red Hat published Linux kernel security advisories
Between June 15 and 21, 2026, Red Hat published security advisories addressing Linux kernel vulnerabilities across multiple offerings, including Red Hat CodeReady Linux Builder, Red Hat Enterprise Linux, Red Hat Enterprise Linux Server, and Red Hat Enterprise Linux for Real Time. The Canadian Centre for Cyber Security urged users and administrators to review the referenced Red Hat advisories and apply the necessary updates.
Ubuntu published Linux kernel security notices for Ubuntu 16.04, 20.04, and 22.04 LTS
Between June 15 and 21, 2026, Ubuntu published security notices addressing Linux kernel vulnerabilities affecting Ubuntu 16.04 LTS, 20.04 LTS, and 22.04 LTS. The Canadian Centre for Cyber Security advised users and administrators to review the referenced Ubuntu Security Notices and apply the necessary updates.
Ubuntu published Linux kernel security notices for Ubuntu 20.04 and 22.04 LTS
Between June 8 and 14, 2026, Ubuntu published security notices addressing Linux kernel vulnerabilities affecting Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. The Canadian Centre for Cyber Security advised users and administrators to review the referenced Ubuntu Security Notices and apply the necessary updates.
Red Hat published Linux kernel security advisories
Between June 8 and 14, 2026, Red Hat published security advisories addressing Linux kernel vulnerabilities across multiple offerings, including Red Hat CodeReady Linux Builder, Red Hat Enterprise Linux, Red Hat Enterprise Linux Server, and Red Hat Enterprise Linux for Real Time. The Canadian Centre for Cyber Security advised users and administrators to review the referenced Red Hat advisories and apply the necessary updates.
Ubuntu published Linux kernel security notices for multiple releases
Between June 1 and June 7, 2026, Ubuntu published security notices addressing Linux kernel vulnerabilities across multiple Ubuntu releases, from Ubuntu 14.04 LTS through Ubuntu 26.04 LTS. The Canadian Centre for Cyber Security advised users and administrators to review the referenced Ubuntu Security Notices and apply the necessary updates.
Red Hat published Linux kernel security advisories
Between June 1 and June 7, 2026, Red Hat published security advisories addressing Linux kernel vulnerabilities across multiple offerings, including Red Hat CodeReady Linux Builder, Red Hat Enterprise Linux, Red Hat Enterprise Linux Server, and Red Hat Enterprise Linux for Real Time. The Canadian Centre for Cyber Security advised users and administrators to review the referenced Red Hat advisories and apply the necessary updates.
Red Hat published Linux kernel security advisories
Between March 9 and 15, 2026, Red Hat published security advisories addressing Linux kernel vulnerabilities across multiple offerings, including Red Hat Enterprise Linux variants and CodeReady Linux Builder. The updates applied to several versions and platforms.
CISA published ICS advisories for multiple industrial vendors
Between March 9 and 15, 2026, CISA released a set of ICS advisories covering vulnerabilities in products from vendors including Apeman, Ceragon, Honeywell, Inductive Automation, Lantronix, Siemens, and Trane. The disclosures spanned industrial control systems, building management systems, EV chargers, networking devices, and industrial software.
Ubuntu published Linux kernel security notices for LTS releases
Between March 9 and 15, 2026, Ubuntu issued security notices for Linux kernel vulnerabilities affecting Ubuntu 22.04 LTS and 24.04 LTS. The notices specifically referenced NVIDIA-related kernel issues via USN-8060-7 and USN-8059-8.
IBM published security advisories across multiple product lines
Between March 9 and 15, 2026, IBM published a broad set of security advisories affecting products such as AIX, MQ, QRadar Suite Software, Cloud Pak for Security, IBM Verify offerings, and other enterprise software. Users were urged to review IBM PSIRT guidance and apply the relevant fixes.
Dell published multiple enterprise product security advisories
Between March 9 and 15, 2026, Dell published security advisories covering vulnerabilities in multiple products including Avamar Data Store Gen5A, Connectrix B-Series FOS and SANnav, PowerSwitch platforms, and Secure Connect Gateway. The advisories identified affected version ranges and directed customers to apply updates.
HPE disclosed Telco Service Orchestrator buffer overflow flaw
On March 16, 2026, HPE published security advisory HPESBNW05029 revision 1 for a remote buffer overflow vulnerability in HPE Telco Service Orchestrator. The issue affects versions prior to v4.2.12 and customers were advised to apply the vendor's updates.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
13 references tracked. Mallory keeps watching after this page renders.
Red Hat security advisory (AV26-621) - Canadian Centre for Cyber Security
cyber.gc.ca
Open sourceUbuntu security advisory (AV26-618) - Canadian Centre for Cyber Security
cyber.gc.ca
Open sourceRed Hat security advisory (AV26-601) - Canadian Centre for Cyber Security
cyber.gc.ca
Open sourceUbuntu security advisory (AV26-599) - Malware News - Malware Analysis, News and Indicators
malware.news
Open source[Control systems] CISA ICS security advisories (AV26-241) - Canadian Centre for Cyber Security
cyber.gc.ca
Open sourceUbuntu security advisory (AV26-239) - Canadian Centre for Cyber Security
cyber.gc.ca
Open sourceIBM security advisory (AV26-237) - Canadian Centre for Cyber Security
cyber.gc.ca
Open sourceDell security advisory (AV26-238) - Canadian Centre for Cyber Security
cyber.gc.ca
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Canadian Cyber Centre Advisories Highlight Linux Kernel and Other Vendor Patch Updates
The Canadian Centre for Cyber Security issued multiple advisories urging organizations to apply vendor patches released between **February 16–22, 2026**, including updates addressing **Linux kernel vulnerabilities** impacting **Ubuntu** (16.04 LTS through 25.10) and **Red Hat** platforms (including *RHEL* and related offerings). The advisories emphasize routine but potentially high-impact exposure from unpatched kernel flaws across widely deployed enterprise and server environments, and direct administrators to review upstream vendor notices and deploy the corresponding updates. Separate Cyber Centre advisories also flagged patch requirements outside the Linux kernel: Microsoft released an update for **Microsoft Edge Stable** to remediate vulnerabilities in versions prior to `145.0.3800.70`, IBM published security advisories covering multiple products (including *Aspera Enterprise WebApps*, *Cloud Pak System*, *Storage Defender*, and others), and CISA issued ICS advisories for vulnerabilities across several industrial and IoT/OT products (including **Delta Electronics**, **GE Vernova**, **Honeywell CCTV**, **Siemens Simcenter**, and others) with recommended mitigations and updates where available. A Linux 7.0 release-candidate feature article is not a security advisory and does not materially relate to the patch/vulnerability notices in the other items.
Mar 21, 2026
Multiple Security Advisories for Enterprise and Industrial Products (Late October–Early November 2025)
Vendors including Hitachi Energy, Schneider Electric, ABB, Ubiquiti, Dell, IBM, Red Hat, Ubuntu, and Microsoft released security advisories between October 27 and November 3, 2025, addressing vulnerabilities across a wide range of enterprise, industrial, and cloud products. Notable advisories include CISA's ICS alerts for control systems, a critical flaw in ABB's PCM600 software (CVE-2018-1002208), a critical vulnerability in Ubiquiti's UniFi Access Application (CVE-2025-52665), and updates for Microsoft Edge, Red Hat Enterprise Linux, Ubuntu LTS versions, and multiple Dell and IBM products. Organizations are urged to review the advisories, apply recommended mitigations, and update affected systems to reduce exposure to exploitation. The advisories highlight vulnerabilities that could allow remote code execution, privilege escalation, or unauthorized access if left unpatched. The Canadian Centre for Cyber Security and CISA emphasize the importance of timely patching and mitigation, especially for products deployed in critical infrastructure and enterprise environments. Administrators should consult the official vendor advisories for detailed remediation steps and monitor for further updates as new vulnerabilities are disclosed and addressed.
Mar 21, 2026
Early March 2026 Vendor Security Advisories and Patch Releases Across Enterprise, Mobile, and ICS Products
Multiple vendors issued security advisories and patch releases in late February and early March 2026, prompting coordinated update guidance from national and regional CERTs. The Canadian Centre for Cyber Security highlighted updates for **Django** (fixed in `4.2.29`, `5.2.12`, `6.0.3`), **Samsung mobile devices** (March 2026 security update), **Qualcomm** (March 2026 monthly bulletin), **Veeam Kasten for Kubernetes / Kasten K10**, **VMware Tanzu** components (including *Greenplum* and *RabbitMQ on Kubernetes*), and **Red Hat** advisories including **Linux kernel** updates across multiple RHEL-related platforms. Industrial and infrastructure-facing products were also covered via **CISA ICS** advisories spanning a broad set of vendors and solutions (including EV charging ecosystems, building management, cameras, and DCS/SCADA platforms such as **Schneider Electric EcoStruxure Building Operation Workstation** and **Yokogawa CENTUM VP**), with guidance to apply mitigations and updates where available. Additional enterprise patch guidance included **Dell** advisories affecting *PowerStore T* and *PowerEdge* server lines (including AMD-based models and NVIDIA networking/DOCA-related components), and **IBM** advisories across a wide portfolio (including *App Connect Enterprise*, *CICS TX*, *License Metric Tool*, *Maximo*, *Sterling Secure Proxy*, *Terracotta*, *QRadar*, and others). HKCERT separately summarized **Samsung** vulnerabilities impacting Android devices and Exynos chipsets, listing multiple CVEs (e.g., `CVE-2024-31328` and numerous 2025-series CVEs) with potential impacts including **RCE**, **EoP**, **information disclosure**, and **DoS**.
Mar 21, 2026