Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 6 articles for you...
87
security advisorycriticaldebianDebian DSA-5961-1 slurm-wlm critical: improper permission escalation
Sekou Diakite from HPE discovered a mistake with permission handling for Coordinators within the accounting system of Slurm Workload Manager, a cluster resource management and job scheduling system, that it could allow a Coordinator to promote a user to Administrator. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5961-1
Jul 08, 2025
•Critical
Debian
172
security advisorycriticalprivilege escalationUbuntu 23.04 USN-6292-1 Critical: Ceph Privilege Escalation
Ceph could be made to run programs as an administrator.. ========================================================================== Ubuntu Security Notice USN-6292-1 August 16, 2023 ceph vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 Summary: Ceph could be made to run programs as an administrator. Software Description: - ceph: distributed storage and file system Details: It was discovered that Ceph incorrectly handled crash dumps. A local attacker could possibly use this issue to escalate privileges to root. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: ceph 17.2.6-0ubuntu0.23.04.2 ceph-base 17.2.6-0ubuntu0.23.04.2 ceph-common 17.2.6-0ubuntu0.23.04.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6292-1 CVE-2022-3650 Package Information: https://launchpad.net/ubuntu/+source/ceph/17.2.6-0ubuntu0.23.04.2 . Mitigating Ceph weakness in Ubuntu 23.04 is essential to avert unauthorized software operations as an admin. Ensure updates are applied promptly.. Ceph, Ubuntu 23.04, Administrator Access. . Severity: Critical. LinuxSecurity.com Team
Aug 16, 2023
•Critical
Ubuntu
203
security advisorysambaadministrator accessMageia 7: MGASA-2020-0380 Moderate: Samba Netlogon Protocol Flaw
When Samba is used as a domain controller, an unauthenticated attacker on the network can gain administrator access by exploiting a netlogon protocol flaw (CVE-2020-1472). Note that Samba installations are not vulnerable unless they have the smb.conf . MGASA-2020-0380 - Updated samba packages fix security vulnerability Publication date: 30 Sep 2020 URL: https://advisories.mageia.org/MGASA-2020-0380.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-1472 When Samba is used as a domain controller, an unauthenticated attacker on the network can gain administrator access by exploiting a netlogon protocol flaw (CVE-2020-1472). Note that Samba installations are not vulnerable unless they have the smb.conf lines 'server schannel = no' or 'server schannel = auto'. References: - https://bugs.mageia.org/show_bug.cgi?id=27299 - - - https://ubuntu.com/security/notices/USN-4510-1 - https://www.cve.org/CVERecord?id=CVE-2020-1472 SRPMS: - 7/core/samba-4.10.18-1.mga7 . The Samba security update MGASA-2020-0380 resolves an issue with administrative access stemming from a vulnerability in the netlogon protocol.. samba security, mageia advisory, network vulnerabilities, admin access protocols, netlogon exploitation. . LinuxSecurity.com Team
Sep 30, 2020
Mageia
172
security advisoryubuntuinput handlingUbuntu 18.04: USN-4276-1 Critical: Yubico PIV Tool Input Flaws
Yubico PIV Tool could be made to crash or run programs as an administrator if it received specially crafted input.. =========================================================================Ubuntu Security Notice USN-4276-1 February 11, 2020 Yubico PIV Tool vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Yubico PIV Tool could be made to crash or run programs as an administrator if it received specially crafted input. Software Description: - yubico-piv-tool: Command line tool for the YubiKey PIV applet Details: It was discovered that libykpiv, a supporting library of the Yubico PIV Tool and YubiKey PIV Manager, mishandled specially crafted input. An attacker with a custom-made, malicious USB device could potentially execute arbitrary code on a computer running the Yubico PIV Tool or Yubikey PIV Manager. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: libykpiv1 1.4.2-2ubuntu0.1 ykcs11 1.4.2-2ubuntu0.1 yubico-piv-tool 1.4.2-2ubuntu0.1 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4276-1 CVE-2018-14779, CVE-2018-14780 Package Information: https://launchpad.net/ubuntu/+source/yubico-piv-tool/1.4.2-2ubuntu0.1 . Yubico PIV Tool weaknesses might lead to system crashes or unauthorized administrative access on Ubuntu platforms. An update is advised.. Yubico PIV Tool, Ubuntu, Security Advisory, Input Handling. . Severity: Critical. LinuxSecurity.com Team
Feb 11, 2020
•Critical
Ubuntu
172
security advisoryUbuntusudoUbuntu 12.04 ESM and 14.04 ESM: USN-4263-2 Sudo Access Threat
Sudo could allow unintended access to the administrator account.. =========================================================================Ubuntu Security Notice USN-4263-2 February 05, 2020 sudo vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: Sudo could allow unintended access to the administrator account. Software Description: - sudo: Provide limited super user privileges to specific users Details: USN-4263-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: sudo 1.8.9p5-1ubuntu1.5+esm3 sudo-ldap 1.8.9p5-1ubuntu1.5+esm3 Ubuntu 12.04 ESM: sudo 1.8.3p1-1ubuntu3.9 sudo-ldap 1.8.3p1-1ubuntu3.9 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4263-2 https://ubuntu.com/security/notices/USN-4263-1 CVE-2019-18634 . A security flaw in sudo could enable unauthorized users to gain admin access on Ubuntu versions 12.04 and 14.04 ESM.. Ubuntu Sudo Vulnerability, Security Update Ubuntu, Access Control Vulnerability. . Severity: Important. LinuxSecurity.com Team
Feb 05, 2020
•Important
Ubuntu
172
security advisoryrace conditionubuntuUbuntu 12.04 ESM: USN-3908-2 Moderate: Linux Kernel Race Condition
The system could be made to run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-3908-2 March 13, 2019 linux-lts-trusty vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: The system could be made to run programs as an administrator. Software Description: - linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM Details: USN-3908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered a race condition in the fork() system call in the Linux kernel. A local attacker could use this to gain access to services that cache authorizations. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: linux-image-3.13.0-166-generic 3.13.0-166.216~precise1 linux-image-3.13.0-166-generic-lpae 3.13.0-166.216~precise1 linux-image-3.13.0-166-lowlatency 3.13.0-166.216~precise1 linux-image-generic-lpae-lts-trusty 3.13.0.166.156 linux-image-generic-lts-trusty 3.13.0.166.156 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-3908-1 CVE-2019-6133 .=========================================================================Ubuntu Security Notice USN-. system, programs, administrator, ======================================. . LinuxSecurity.com Team
Mar 13, 2019
Ubuntu
172
security advisorydenial of serviceheap overflowUbuntu 16.10 USN-3292-1 Critical: Kernel Heap Overflow Risk
The system could be made to crash or run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-3292-1 May 17, 2017 linux, linux-raspi2 vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.10 Summary: The system could be made to crash or run programs as an administrator. Software Description: - linux: Linux kernel - linux-raspi2: Linux kernel for Raspberry Pi 2 Details: Jason Donenfeld discovered a heap overflow in the MACsec module in the Linux kernel. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.10: linux-image-4.8.0-1036-raspi2 4.8.0-1036.39 linux-image-4.8.0-52-generic 4.8.0-52.55 linux-image-4.8.0-52-generic-lpae 4.8.0-52.55 linux-image-4.8.0-52-lowlatency 4.8.0-52.55 linux-image-4.8.0-52-powerpc-e500mc 4.8.0-52.55 linux-image-4.8.0-52-powerpc-smp 4.8.0-52.55 linux-image-4.8.0-52-powerpc64-emb 4.8.0-52.55 linux-image-generic 4.8.0.52.64 linux-image-generic-lpae 4.8.0.52.64 linux-image-lowlatency 4.8.0.52.64 linux-image-powerpc-e500mc 4.8.0.52.64 linux-image-powerpc-smp 4.8.0.52.64 linux-image-powerpc64-emb 4.8.0.52.64 linux-image-raspi2 4.8.0.1036.40 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade willautomatically perform this as well. References: https://ubuntu.com/security/notices/USN-3292-1 CVE-2017-7477 Package Information: https://launchpad.net/ubuntu/+source/linux/4.8.0-52.55 https://launchpad.net/ubuntu/+source/linux-raspi2/4.8.0-1036.39 . An urgent security bulletin for Ubuntu 16.10 has been issued, targeting a kernel vulnerability that may lead to possible system failures and additional risks.. Kernel Exploit, Heap Overflow, Ubuntu Security. . Severity: Critical. LinuxSecurity.com Team
May 17, 2017
•Critical
Ubuntu
172
security advisorydenial of servicehigh severityUbuntu 14.04 LTS: USN-3250-1 High Severity: Kernel Crash or Code Execution
The system could be made to crash or run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-3250-1 March 29, 2017 linux vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: The system could be made to crash or run programs as an administrator. Software Description: - linux: Linux kernel Details: It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: linux-image-3.13.0-115-generic 3.13.0-115.162 linux-image-3.13.0-115-generic-lpae 3.13.0-115.162 linux-image-3.13.0-115-lowlatency 3.13.0-115.162 linux-image-3.13.0-115-powerpc-e500 3.13.0-115.162 linux-image-3.13.0-115-powerpc-e500mc 3.13.0-115.162 linux-image-3.13.0-115-powerpc-smp 3.13.0-115.162 linux-image-3.13.0-115-powerpc64-smp 3.13.0-115.162 linux-image-generic 3.13.0.115.125 linux-image-generic-lpae 3.13.0.115.125 linux-image-lowlatency 3.13.0.115.125 linux-image-powerpc-e500 3.13.0.115.125 linux-image-powerpc-e500mc 3.13.0.115.125 linux-image-powerpc-smp 3.13.0.115.125 linux-image-powerpc64-smp 3.13.0.115.125 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic,linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-3250-1 CVE-2017-7184 Package Information: https://launchpad.net/ubuntu/+source/linux/3.13.0-115.162 . A recent flaw in the Linux kernel for Ubuntu enables unauthorized access and potential system instability. Users should apply the critical update immediately.. Ubuntu Kernel Update, System Security, Kernel Flaw. . LinuxSecurity.com Team
Mar 30, 2017
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!