Security layman here. Kernel 6.12 is shipping with security issue 2333706 – Kernel 6.12.6 kernel lockdown disabled, which causes the
kernel to run with lockdown disabled. Imho this is a serious issue,
because it increases the potential damage privilege escalations can
do. The workaround is easy, enable lockdown on the kernel command
line.
The issue is public. But despite being public, issue and workaround
are hard to find on Fedora sites. There is no security announcement on
Fedora Discussions, no post in Common Issues, no post pinned in Ask
Fedora. It’s great to read about flatpak apps on Fedora
Magazine. Wouldn’t it be also great to read “Please consider securing
your kernel” on some Fedora site?