Tails 7.9.1 is now available as a security-focused update to the Debian-based, privacy-oriented Linux distribution known for routing connections through the Tor network and leaving no traces on the computer it runs on.
The main change in this release is the move to Linux kernel 6.12.94, which fixes two recently disclosed privilege-escalation vulnerabilities: CVE-2026-43503, known as DirtyClone, and CVE-2026-46331, called PACKET_EDIT_MEME.
According to the Tails team, both flaws could allow an application running inside Tails to gain administrator privileges. The more worrying scenario involves CVE-2026-46331. If an attacker first exploits another unknown vulnerability in one of the applications included in Tails, they could chain it with this kernel flaw to gain full control of the live system and deanonymize the user.

According to Tails, such an attack is unlikely and would require a strong attacker, such as a government or a hacking firm. The project also notes it is not aware of this vulnerability being exploited in practice so far.
Apart from the kernel update, Tails 7.9.1 also updates Tor Browser to version 15.0.17 and the Tor client to 0.4.9.11.
For additional details, refer to the changelog or the release announcement.
Users already running Tails 7.0 or later can upgrade automatically to Tails 7.9.1 while keeping their Persistent Storage. If the automatic upgrade fails or Tails does not start afterward, the project recommends performing a manual upgrade instead.
For new installations, Tails 7.9.1 is available as a USB image, while ISO images are also provided for DVDs and virtual machines. However, users should remember that installing Tails on a new USB stick, rather than upgrading an existing one, will erase any Persistent Storage on that device.
