Tails 7.9.1 Patches Critical Kernel Bug and Updates Tor Browser — Here’s What to Do

If you use Tails, the live operating system designed for anonymous browsing, you’ll want to update to version 7.9.1 right away. The new release fixes a recently disclosed kernel vulnerability known as DirtyClone, and it bundles an updated Tor Browser with important security improvements.

This article explains what the DirtyClone flaw is, what else changed in Tails 7.9.1, and how to upgrade safely.

What Happened

On July 1, 2026, the Tails project released version 7.9.1 of its privacy-focused operating system. The headline fix is a patch for a kernel-level vulnerability nicknamed DirtyClone. According to reports from Linuxiac and other outlets, DirtyClone is a privilege escalation flaw that affects many Linux systems. In simple terms, it means that an attacker who already has limited access to a machine can use the bug to gain higher-level permissions — potentially enough to take full control.

Because Tails routes all traffic through Tor and runs entirely from portable media, many of its users handle sensitive information. A kernel exploit like DirtyClone could undermine that security if an attacker gets physical or remote access to the Tails system. The Tails 7.9.1 update includes a patched Linux kernel that closes this hole.

Alongside the kernel fix, the release updates Tor Browser to a newer version based on Firefox ESR. The update includes security patches from Mozilla and improvements that help maintain user anonymity while browsing.

Why It Matters

Tails is built for privacy. Journalists, activists, and anyone who needs to keep their internet activity hidden from surveillance or censorship rely on it. A vulnerability at the kernel level is particularly dangerous because it bypasses application-layer protections. If exploited, DirtyClone could allow malware to break out of the limited user account under which Tails normally runs and gain root access. From there, an attacker could install persistent modifications, steal encryption keys, or monitor network traffic — even before Tor has a chance to obfuscate it.

The Tor Browser update is also meaningful. Browsers are one of the most common attack surfaces. Even small security gaps in Firefox ESR can be leveraged to de-anonymize a user if combined with other techniques. By keeping Tor Browser current, Tails reduces that risk.

However, as with any security update, you need to actually install it for the protection to take effect. Tails does not automatically update in the background; you have to actively upgrade, either by using the built-in updater or by downloading a fresh ISO.

What Readers Can Do

Upgrading to Tails 7.9.1 is straightforward. If you are already running an older version of Tails, you have two options:

  1. Automatic upgrade (recommended)

    • Boot into your current Tails session and connect to the internet.
    • Go to the menu bar and select ApplicationsTailsTails Upgrader.
    • Follow the on-screen instructions. The tool will download the new version and apply it to your device.
  2. Manual upgrade (clean install)

    • Download the Tails 7.9.1 ISO from the official website (only use tails.net).
    • Verify the download’s signature using the instructions on the site.
    • Write the ISO to a USB drive using a tool like Etcher or the Tails Installer.
    • Reboot from the new USB device.

After upgrading, run uname -r in a terminal to confirm the kernel version is now patched. You can also check that Tor Browser shows the updated version under its About menu.

If you use Tails for storing encrypted persistent data, make sure to back up that data before performing a manual upgrade, just in case something goes wrong.

Sources

The primary source for this update is the Linuxiac article, which reported the release and the DirtyClone fix. The Tails project’s own release notes (available at tails.net/news/version_7.9.1) provide official details, though at the time of writing the direct link from the RSS feed is the most reliable external reference for confirmation.

If you rely on Tails for sensitive work, treat this update with priority. Kernel vulnerabilities do not come around every day, and the combination of a privilege escalation fix with a browser security refresh makes 7.9.1 a release worth installing immediately.