Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 7 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorysoftware updateaccess control

Ubuntu 24.04 LTS USN-6882-2 critical: Cinder regression access issue

USN-6882-1 introduced a regression in Cinder.. ========================================================================== Ubuntu Security Notice USN-6882-2 November 07, 2024 cinder regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: USN-6882-1 introduced a regression in Cinder. Software Description: - cinder: OpenStack storage service Details: USN-6882-1 fixed vulnerabilities in Cinder. The update caused a regression in certain environments due to incorrect privilege handling. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Martin Kaesberger discovered that Cinder incorrectly handled QCOW2 image processing. An authenticated user could use this issue to access arbitrary files on the server, possibly exposing sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS python3-cinder 2:24.0.0-0ubuntu1.3 Ubuntu 22.04 LTS python3-cinder 2:20.3.1-0ubuntu1.5 Ubuntu 20.04 LTS python3-cinder 2:16.4.2-0ubuntu2.9 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6882-2 https://ubuntu.com/security/notices/USN-6882-1 CVE-2022-47951, CVE-2024-32498 Package Information: https://launchpad.net/ubuntu/+source/cinder/2:24.0.0-0ubuntu1.3 https://launchpad.net/ubuntu/+source/cinder/2:20.3.1-0ubuntu1.5 . A recent security update for Ubuntu has been issued pertaining to Cinder, which resolves a bug associated with inadequate privilege management that jeopardizes confidential information.. cinder security advisory, Ubuntu software update, OpenStack vulnerabilities, access control issues. .Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 07, 2024 Critical Ubuntu
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryunauthorized accessdebian

Debian 11 Bullseye: DLA-3871-1 Critical: Cinder File Disclosure

Martin Kaesberger discovered a vulnerability which affects multiple OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk images may result in the disclosure of arbitrary files. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3871-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thomas Goirand September 05, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : cinder Version : 2:17.4.0-1~deb11u2 CVE ID : CVE-2023-2088 CVE-2024-32498 Debian Bug : 1035961 1074763 Martin Kaesberger discovered a vulnerability which affects multiple OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk images may result in the disclosure of arbitrary files. This update also fixes unauthorized volume access through deleted volume attachments (only Cinder deployments using the LVM over iSCSI driver were affected). For Debian 11 bullseye, these problems have been fixed in version 2:17.4.0-1~deb11u2. We recommend that you upgrade your cinder packages. For the detailed security status of cinder please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/cinder Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Notice DLA-3872-1 highlights vulnerabilities in various OpenStack modules, particularly Neutron. It is advisable to perform an upgrade.. debian security,cinder update,openstack vulnerability,file access issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 04, 2024 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryupdatedebian

Debian: DLA-3870-1 Moderate: python-oslo.utils Security Update

python-oslo.utils, a set of utilities used by OpenStack, was updated as a requirement to fix CVE-2024-32498 in the cinder, glance and nova OpenStack components. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3870-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thomas Goirand September 05, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : python-oslo.utils Version : 4.6.1-0+deb11u1 python-oslo.utils, a set of utilities used by OpenStack, was updated as a requirement to fix CVE-2024-32498 in the cinder, glance and nova OpenStack components. For Debian 11 bullseye, this was addressed in version 4.6.1-0+deb11u1. We recommend that you upgrade your python-oslo.utils packages. For the detailed security status of python-oslo.utils please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/python-oslo.utils Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance python-oslo.utils for Debian LTS to address significant security vulnerabilities within OpenStack modules.. python-oslo, openstack utilities, debian lts advisory, security updates. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 04, 2024 Important Debian LTS
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianfile disclosure

Debian: DSA-5755-1 Moderate: Glance Arbitrary File Disclosure

Martin Kaesberger discovered a vulnerability which affects multiple OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk images may result in the disclosure of arbitrary files. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5755-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff August 21, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : glance CVE ID : CVE-2024-32498 Martin Kaesberger discovered a vulnerability which affects multiple OpenStack components (Nova, Glance and Cinder): Malformed QCOW2 disk images may result in the disclosure of arbitrary files. For the stable distribution (bookworm), this problem has been fixed in version 2:25.1.0-2+deb12u1. We recommend that you upgrade your glance packages. For the detailed security status of glance please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/glance Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Defective QCOW2 disk images may reveal sensitive data; Ubuntu recommends urgent updates for glance software.. OpenStack Security, Debian Advisory, Glance Security, File Disclosure Risk. . LinuxSecurity.com Team

Calendar 2 Aug 21, 2024 Debian
Banner 3 1028x280 1708121785 1771599793
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryaccess controlubuntu

Ubuntu 23.04 USN-6073-6 Critical: Cinder Regression Access Issue

USN-6073-1 introduced a regression in Cinder.. =========================================================================Ubuntu Security Notice USN-6073-6 May 23, 2023 cinder regression ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: USN-6073-1 introduced a regression in Cinder. Software Description: - cinder: OpenStack storage service Details: USN-6073-1 fixed a vulnerability in Cinder. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the upstream advisory for more information: Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: python3-cinder 2:22.0.0-0ubuntu1.2 Ubuntu 22.10: python3-cinder 2:21.1.0-0ubuntu2.2 Ubuntu 22.04 LTS: python3-cinder 2:20.1.0-0ubuntu2.2 Ubuntu 20.04 LTS: python3-cinder 2:16.4.2-0ubuntu2.4 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6073-6 https://ubuntu.com/security/notices/USN-6073-1 https://bugs.launchpad.net/ubuntu/+source/nova/+bug/2020111 Package Information: https://launchpad.net/ubuntu/+source/cinder/2:22.0.0-0ubuntu1.2 https://launchpad.net/ubuntu/+source/cinder/2:21.1.0-0ubuntu2.2 https://launchpad.net/ubuntu/+source/cinder/2:20.1.0-0ubuntu2.2 https://launchpad.net/ubuntu/+source/cinder/2:16.4.2-0ubuntu2.4 . The Ubuntu Security Update USN-6073-6 emphasizes a bug in Cinder that impacts several versions of Ubuntu.. Cinder Regression, Ubuntu Security Notice, OpenStack Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 23, 2023 Critical Ubuntu
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianinformation disclosure

Debian: DSA-5338-1 Moderate: Cinder Information Disclosure Risk

Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in Cinder, the OpenStack block storage system, may result in information disclosure. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5338-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cinder CVE ID : CVE-2022-47951 Debian Bug : 1029562 Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in Cinder, the OpenStack block storage system, may result in information disclosure. For the stable distribution (bullseye), this problem has been fixed in version 2:17.0.1-1+deb11u1. We recommend that you upgrade your cinder packages. For the detailed security status of cinder please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/cinder Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The Debian security announcement underscores a significant vulnerability in Cinder's handling of VMDK files, leading to potential data breaches.. Debian Security, Cinder Security Update, OpenStack Information Disclosure. . LinuxSecurity.com Team

Calendar 2 Feb 01, 2023 Debian
Banner 3 1028x280 1708121785 1771599793
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymoderatesecurity issue

Ubuntu 22.10 USN-5835-1 Moderate: Cinder Information Exposure

Cinder could be made to expose sensitive information.. =========================================================================Ubuntu Security Notice USN-5835-1 January 31, 2023 cinder vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Cinder could be made to expose sensitive information. Software Description: - cinder: OpenStack storage service Details: Guillaume Espanel, Pierre Libeau, Arnaud Morin, and Damien Rannou discovered that Cinder incorrectly handled VMDK image processing. An authenticated attacker could possibly supply a specially crafted VMDK flat image and obtain arbitrary files from the server containing sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: python3-cinder 2:21.1.0-0ubuntu1 Ubuntu 22.04 LTS: python3-cinder 2:20.1.0-0ubuntu1 Ubuntu 20.04 LTS: python3-cinder 2:16.4.2-0ubuntu2.1 After a standard system update you need to restart Cinder to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5835-1 CVE-2022-47951 Package Information: https://launchpad.net/ubuntu/+source/cinder/2:21.1.0-0ubuntu1 https://launchpad.net/ubuntu/+source/cinder/2:20.1.0-0ubuntu1 https://launchpad.net/ubuntu/+source/cinder/2:16.4.2-0ubuntu2.1 . A flaw in Cinder on Ubuntu may allow unauthorized access to confidential data. Ensure you update immediately to protect your system.. Cinder Vulnerability, Ubuntu Security Notice, Software Update. . LinuxSecurity.com Team

Calendar 2 Jan 31, 2023 Ubuntu
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryunauthorized accesscritical

Debian 10 Buster DLA-3301-1 Critical: OpenStack Cinder Data Exposure

An issue was discovered in OpenStack Cinder, a Block Storage service for OpenStack. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the . - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3301-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Utkarsh Gupta January 31, 2023 https://wiki.debian.org/LTS - ----------------------------------------------------------------------- Package : cinder Version : 2:13.0.7-1+deb10u2 CVE ID : CVE-2022-47951 Debian Bug : 1029562 An issue was discovered in OpenStack Cinder, a Block Storage service for OpenStack. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data. For Debian 10 buster, this problem has been fixed in version 2:13.0.7-1+deb10u2. We recommend that you upgrade your cinder packages. For the detailed security status of cinder please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/cinder Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS has released a new update to mitigate vulnerabilities found in OpenStack Cinder which could allow unauthorized access to private information.. OpenStack,Cinder,Block Storage,Security Update,Debian Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 30, 2023 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here