Update Now: Tails 7.9.1 Patches DirtyClone Kernel Flaw and Upgrades Tor Browser
If you run Tails (The Amnesic Incognito Live System), you should update to version 7.9.1 as soon as possible. This release fixes a critical kernel vulnerability called DirtyClone and ships an updated Tor Browser. Here is what changed and how to stay safe.
What happened
On July 1, 2026, the Tails project released version 7.9.1. The main fix addresses the DirtyClone vulnerability, a flaw in the Linux kernel that can let an attacker escalate privileges on a compromised system. DirtyClone is similar to the older Dirty COW vulnerability (CVE-2016-5195) and affects memory management in the kernel. At the time of writing, a dedicated CVE number has not yet been published, but the Tails team has confirmed the patch.
Alongside the kernel fix, Tails 7.9.1 includes an update to Tor Browser. The new version incorporates the latest privacy and security improvements from the Tor Project. Exact version numbers for the browser update were not listed in the initial release notes, but users should expect the stable release stream.
Why it matters
For privacy-focused users, Tails is already a hardened operating system designed to leave no trace and route all traffic through Tor. A kernel privilege-escalation flaw like DirtyClone undermines that protection. If an attacker gains local access to a running Tails session—for example, through a compromised application or a malicious USB device—they could use DirtyClone to take full control of the system, potentially de-anonymizing the user or bypassing Tor.
The kernel patch closes that avenue. The Tor Browser update, meanwhile, ensures that known browser-level vulnerabilities are fixed and that the latest Tor protocols are supported. For anyone relying on Tails for sensitive communications or journalistic work, updating is not optional.
What readers can do
Updating Tails is straightforward, but the method depends on how you use it.
If you have a persistent storage with automatic updates enabled: Tails should notify you that an update is available. Open the Tails Updater from the menu and follow the prompts. The system will download the new version and install it after a reboot.
If you use a USB stick without persistent storage: You will need to upgrade using the manual method. Boot into your current version of Tails. Open the Tails Updater, choose “Install by cloning,” and plug in a spare USB stick. The updater will copy the new image to the second drive. Then reboot from the new drive, and if everything works, you can overwrite your old USB stick with the live image again.
If you prefer a fresh install: Download the Tails 7.9.1 ISO from the official website (tails.net) and use Etcher or the “dd” command to write it to a USB drive. This method does not preserve persistent storage settings, so make sure you have a backup of any persistent data before proceeding.
You can verify the integrity of the downloaded ISO by checking its GPG signature against the official Tails signing key. Instructions are on the download page.
After the update, confirm the new version by opening a terminal and running:tail --version
It should report version 7.9.1.
Sources
- Tails release announcement for version 7.9.1 (pending publication on tails.net).
- Linuxiac article: “Tails 7.9.1 Fixes DirtyClone Kernel Flaw, Updates Tor Browser” (July 1, 2026).
- Tor Project release notes for the latest Tor Browser stable version (see torproject.org).
- Public discussion of the DirtyClone vulnerability in kernel security mailing lists (June 2026).
Because the official release notes were not yet available at the time of writing, some details about the Tor Browser version and CVE assignment may be confirmed in the coming days. Check the Tails blog for updates.