Stay Vigilant with Timely Linux Security Advisories

Refine advisories

X Clear Filters

Critical (1)

Important (2)

Ubuntu (4977)

exim4 (25)

memory corruption (1570)

regression (352)

remote attack (976)

security advisory (115202)

CVE-2026-47895 (1)

SuSE (4033)

double-free (81)

important (27881)

Fedora (3)

Published Date Range

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.63%)

78.63% votes

Formal training or courses (4.27%)

4.27% votes

A job that required it (4.84%)

4.84% votes

Other (12.25%)

12.25% votes

[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

bottom 200

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Ubuntu 22.04 OpenSSH Important Remote Access Issues USN-8222-1

Explore Latest Linux Security advisories

We found -6 articles for you...

security advisoryfedoraimportant

Fedora 42 Atuin Important Denial of Service CVE-2026-25537

Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6388b28850 2026-02-11 00:58:02.841951+00:00 -------------------------------------------------------------------------------- Name : atuin Product : Fedora 42 Version : 18.6.1 Release : 10.fc42 URL : https://atuin.sh Summary : Magical shell history Description : Atuin replaces your existing shell history with a SQLite database, and records additional context for your commands. Additionally, it provides optional and fully encrypted synchronization of your history between machines, via an Atuin server. -------------------------------------------------------------------------------- Update Information: Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4. Update the bytes crate to version 1.11.1. Additionally, this update contains rebuilds of applications affected by security advisories: bytes: RUSTSEC-2026-0007 git2: RUSTSEC-2026-0008 jsonwebtoken: CVE-2026-25537 time: RUSTSEC-2026-0009 All applications that statically link libgit2 via the git2 Rust bindings were also rebuilt against the latest version of the git2 / libgit2-sys crates to pull in fixes included in libgit2 between v1.8.1 and v1.9.2. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 8 2026 Benjamin A. Beasley - 18.6.1-10 - Rebuild for RUSTSEC-2026-{0007,0008,0009} and CVE-2026-25537 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2437465 - CVE-2026-25537rust-jsonwebtoken: jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2437465 [ 2 ] Bug #2437467 - CVE-2026-25537 uv: jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2437467 [ 3 ] Bug #2438046 - CVE-2026-25727 atuin: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438046 [ 4 ] Bug #2438075 - CVE-2026-25727 keylime-agent-rust: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438075 [ 5 ] Bug #2438077 - CVE-2026-25727 maturin: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438077 [ 6 ] Bug #2438086 - CVE-2026-25727 rustup: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438086 [ 7 ] Bug #2438091 - CVE-2026-25727 tbtools: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438091 [ 8 ] Bug #2438097 - CVE-2026-25727 tuigreet: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438097 [ 9 ] Bug #2438098 - CVE-2026-25727 uv: time affected by a stack exhaustion denial of service attack [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2438098 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6388b28850' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with theFedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical Fedora 42 security advisory for Atuin addressing stack exhaustion DoS and authorization bypass vulnerabilities.. Fedora 42 security, Atuin update, stack exhaustion, authorization bypass, RUSTSEC advisory. . Severity: Important. LinuxSecurity.com Team

Feb 11, 2026 •Important Fedora

security advisorydenial of servicesecurity issue

Fedora 43 Atuin Critical DoS Risk Update CVE-2026-25537

Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-f400579a21 2026-02-10 01:31:32.937525+00:00 -------------------------------------------------------------------------------- Name : atuin Product : Fedora 43 Version : 18.6.1 Release : 10.fc43 URL : https://atuin.sh Summary : Magical shell history Description : Atuin replaces your existing shell history with a SQLite database, and records additional context for your commands. Additionally, it provides optional and fully encrypted synchronization of your history between machines, via an Atuin server. -------------------------------------------------------------------------------- Update Information: Update the time crate to version 0.3.47. Update the time-macros crate to version 0.2.27. Update the time-core crate to version 0.1.8. Update the num-conv crate to version 0.2.0. Update the git2 crate to version 0.20.4. Update the bytes crate to version 1.11.1. Additionally, this update contains rebuilds of applications affected by security advisories: bytes: RUSTSEC-2026-0007 git2: RUSTSEC-2026-0008 jsonwebtoken: CVE-2026-25537 time: RUSTSEC-2026-0009 All applications that statically link libgit2 via the git2 Rust bindings were also rebuilt against the latest version of the git2 / libgit2-sys crates to pull in fixes included in libgit2 between v1.8.1 and v1.9.2. -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 8 2026 Benjamin A. Beasley - 18.6.1-10 - Rebuild for RUSTSEC-2026-{0007,0008,0009} and CVE-2026-25537 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2437470 - CVE-2026-25537rust-jsonwebtoken: jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2437470 [ 2 ] Bug #2437472 - CVE-2026-25537 uv: jsonwebtoken has Type Confusion that leads to potential authorization bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2437472 [ 3 ] Bug #2438104 - CVE-2026-25727 atuin: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438104 [ 4 ] Bug #2438135 - CVE-2026-25727 keylime-agent-rust: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438135 [ 5 ] Bug #2438138 - CVE-2026-25727 maturin: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438138 [ 6 ] Bug #2438149 - CVE-2026-25727 rustup: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438149 [ 7 ] Bug #2438158 - CVE-2026-25727 tbtools: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438158 [ 8 ] Bug #2438164 - CVE-2026-25727 tuigreet: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438164 [ 9 ] Bug #2438165 - CVE-2026-25727 uv: time affected by a stack exhaustion denial of service attack [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2438165 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-f400579a21' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with theFedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 43 update for atuin addresses serious DoS risk and updates several crates, including time and git2.. atuin Fedora 43 DoS denial of service security issue CVE-2026-25537. . Severity: Critical. LinuxSecurity.com Team

Feb 10, 2026 •Critical Fedora

security advisoryfedoraimportant

Fedora 42: Advisory for Atuin 2025-8a18a5a077 - Important Security Fixes

Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded) build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double- free on Drop). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-8a18a5a077 2025-06-25 01:17:21.616266+00:00 -------------------------------------------------------------------------------- Name : atuin Product : Fedora 42 Version : 18.3.0 Release : 4.fc42 URL : https://atuin.sh Summary : Magical shell history Description : Atuin replaces your existing shell history with a SQLite database, and records additional context for your commands. Additionally, it provides optional and fully encrypted synchronization of your history between machines, via an Atuin server. -------------------------------------------------------------------------------- Update Information: Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded) build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double- free on Drop) -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 16 2025 Fabio Valentini - 18.3.0-4 - Rebuild for idna crate > = v1.0.0 (CVE-2024-12224) * Wed Apr 23 2025 Michel Lind - 18.3.0-3 - Disable PostgreSQL tests when building for EL9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2366549 - CVE-2025-4574 atuin: crossbeam-channel Vulnerable to Double Free on Drop [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2366549 [ 2 ] Bug #2366551 - CVE-2025-4574 awatcher: crossbeam-channel Vulnerable to Double Free on Drop [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2366551 [ 3 ] Bug #2370578 - CVE-2024-12224 atuin: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370578 [ 4 ] Bug #2370580 - CVE-2024-12224 awatcher: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370580 [ 5 ] Bug #2370586 - CVE-2024-12224 gotify-desktop: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370586 [ 6 ] Bug #2370591 - CVE-2024-12224 mirrorlist-server: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370591 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-8a18a5a077' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Important revisionsfor Fedora 42 on Atuin, addressing double-release problems and Punycode security flaws. Discover additional details.. Fedora Atuin Update security CVE-2024-12224 CVE-2025-4574. . Severity: Important. LinuxSecurity.com Team

Jun 25, 2025 •Important Fedora

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.63%)

78.63% votes

Formal training or courses (4.27%)

4.27% votes

A job that required it (4.84%)

4.84% votes

Other (12.25%)

12.25% votes

bottom 200

Stay Secure with the Latest Linux Advisories

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Ubuntu 22.04 OpenSSH Important Remote Access Issues USN-8222-1

Explore Latest Linux Security advisories

Fedora 42 Atuin Important Denial of Service CVE-2026-25537

Fedora 43 Atuin Critical DoS Risk Update CVE-2026-25537

Fedora 42: Advisory for Atuin 2025-8a18a5a077 - Important Security Fixes

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Ubuntu 22.04 OpenSSH Important Remote Access Issues USN-8222-1

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!