CloudLinux 9.8 is now generally available. It tracks AlmaLinux OS 9.8 (“Olive Jaguar”) with the upstream 5.14 kernel, refreshed compiler toolchains, and new Python 3.14, MariaDB 11.8, and PostgreSQL 18 versions. The CloudLinux LVE stack, mod_lsapi, and PHP/Python/Node.js Selector packages have been rebuilt against the new kernel.

CloudLinux 10.2 is now generally available. It tracks AlmaLinux OS 10.2 (“Lavender Lion”) with the upstream 6.12 kernel, refreshed compiler toolchains, and new Python 3.14, MariaDB 11.8, and PostgreSQL 18 versions. The CloudLinux LVE stack, mod_lsapi, and PHP/Python/Node.js Selector packages have been rebuilt against the new kernel.

Right after the kernel privilege-escalation chain in the XFRM/ESP subsystem (Copy Fail, Dirty Frag, Fragnesia), Qualys disclosed a different Linux kernel issue. This time in the ptrace access-check path. CVE-2026-46333 is reserved for tracking this vulnerability. A public proof-of-concept exists. An unprivileged local user on an affected host can use it to read root-owned secrets (SSH host private keys and the shadow password database) without obtaining root privileges directly.

Less than a week after Dirty Frag, researcher William Bowling and the V12 team disclosed a third Linux kernel local privilege escalation in the same broad area (XFRM / ESP) and named it Fragnesia. A working public proof-of-concept exists. Any unprivileged local user can use it to gain root in a single command.

A week after Copy Fail (CVE-2026-31431), researcher Hyunwoo Kim disclosed a second Linux kernel local privilege escalation in the same broad area — IPsec ESP and rxrpc — and named it Dirty Frag. A working public proof-of-concept exists; any unprivileged local user can use it to gain root in a single command.

CVE-2026-31431 (Copy Fail) is a Linux kernel local privilege escalation vulnerability in the algif_aead module (AF_ALG). Any unprivileged local user can gain root via a 732-byte Python exploit. All kernels since 2017 are affected.

CVE-2026-31431 (Copy Fail) is a Linux kernel local privilege escalation in the algif_aead module (AF_ALG). Any unprivileged local user can gain root via a 732-byte Python exploit. All Linux kernels since 2017 are affected.

CloudLinux now supports cgroup v2 on CloudLinux 8, 9, 10, and Ubuntu 22. New installations of CloudLinux 10 following this release will use cgroup v2 by default. On all other versions, cgroup v1 remains the default, and you can switch to v2 when you're ready.

From a day-to-day operations standpoint, practically nothing changes. Your LVE limits, control panel interface, and resource monitoring all continue to work the same way.

As we enter 2026, the hosting industry faces a familiar but intensifying challenge. In the 2026 Web Hosting Trends Report, produced by CloudLinux together with our partner WebPros, around 65% of hosting providers reported revenue growth in 2025. But that growth is getting harder to keep.

In January, we launched the beta of Per-Site CageFS Isolates as the first phase of our CloudLinux Isolates project, introducing file system isolation between websites within the same hosting account.

Today, we're delivering Phase 2 with two significant additions: Per-Site PHP Selector, which lets each isolated website run its own PHP version and extensions, and a new self-service activation model that gives hosting providers granular control over who can use Isolates and lets end users manage isolation for their own domains.