Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorydenial of servicehigh severity

Arch Linux 2015 High Severity: OpenSSL Issues and DoS Risks

The package openssl before version 1.0.2.b-1 is vulnerable to multiple issues including but not limited to man-in-the-middle via cipher downgrade, double free and denial of service. . Arch Linux Security Advisory ASA-201506-3 ======================================== Severity: High Date : 2015-06-12 CVE-ID : CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000 Package : openssl Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package openssl before version 1.0.2.b-1 is vulnerable to multiple issues including but not limited to man-in-the-middle via cipher downgrade, double free and denial of service. Resolution ========= Upgrade to 1.0.2.b-1. # pacman -Syu "openssl> =1.0.2.b-1" The problems have been fixed upstream in version 1.0.2.b. Workaround ========= None. Description ========== - CVE-2015-1788 (denial of service) When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field. This can be used to perform denial of service against any system which processes public keys, certificate requests or certificates. This includes TLS clients and TLS servers with client authentication enabled. - CVE-2015-1789 (out-of-bounds read) X509_cmp_time does not properly check the length of the ASN1_TIME string and can read a few bytes out of bounds. In addition, X509_cmp_time accepts an arbitrary number of fractional seconds in the time string. An attacker can use this to craft malformed certificates and CRLs of various sizes and potentially cause a segmentation fault, resulting in a DoS on applications that verify certificates or CRLs. TLS clients that verify CRLs are affected. TLS clients and servers with client authentication enabled may be affected if they use custom verification callbacks. - CVE-2015-1790 (denial of service) The PKCS#7 parsing code does not handlemissing inner EncryptedContent correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with missing content and trigger a NULL pointer dereference on parsing. Applications that decrypt PKCS#7 data or otherwise parse PKCS#7 structures from untrusted sources are affected. OpenSSL clients and servers are not affected. - CVE-2015-1791 (double free) If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data. - CVE-2015-1792 (denial of service) When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID. This can be used to perform denial of service against any system which verifies signedData messages using the CMS code. - CVE-2015-4000 (cipher downgrade) A vulnerability in the TLS protocol allows a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is known as Logjam. OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. This limit will be increased to 1024 bits in a future release. Impact ===== A remote attacker is able to perform man-in-the-middle via cipher downgrade, denial of service or possibly have other unspecified impact via various vectors. References ========= https://access.redhat.com/security/cve/CVE-2015-1788 https://access.redhat.com/security/cve/CVE-2015-1789 https://access.redhat.com/security/cve/CVE-2015-1790 https://access.redhat.com/security/cve/CVE-2015-1791 https://access.redhat.com/security/cve/CVE-2015-1792 https://access.redhat.com/security/cve/CVE-2015-4000 . Arch Linux notification regarding OpenSSL security flaws involving DoS and downgrade vulnerabilities. Recommendation: Immediate upgrade advised.. OpenSSL Vulnerabilities, High Severity Threats, Denial OfService, Arch Linux Issues. . LinuxSecurity.com Team

Calendar 2 Jun 12, 2015 ArchLinux
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorydenial of serviceOpenSSL

Arch Linux: ASA-202303-1 Urgent: Fix for OpenSSL Security Vulnerability

The package openssl before version 1.0.1.k-1 is vulnerable to multiple issues, including but not limited to denial of service, cipher downgrade, certificate verification bypass and certificate fingerprint modification. . Arch Linux Security Advisory ASA-201501-2 ======================================== Severity: High Date : 2015-01-09 CVE-ID : CVE-2014-3571 CVE-2015-0206 CVE-2014-3569 CVE-2014-3572 CVE-2015-0204 CVE-2015-0205 CVE-2014-8275 CVE-2014-3570 Package : openssl Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package openssl before version 1.0.1.k-1 is vulnerable to multiple issues, including but not limited to denial of service, cipher downgrade, certificate verification bypass and certificate fingerprint modification. Resolution ========= Upgrade to 1.0.1.k-1. # pacman -Syu "openssl> =1.0.1.k-1" The problems have been fixed upstream in version 1.0.1.k. Workaround ========= None. Description ========== - CVE-2014-3571 (denial of service) A remote attacker is able to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c. - CVE-2015-0206 (denial of service) A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a denial of service attack through memory exhaustion. - CVE-2014-3569 (denial of service) The ssl23_get_client_hello function in s23_srvr.c does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via anunexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. - CVE-2014-3572 (cipher downgrade) An OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate if the server key exchange message is omitted. This effectively removes forward secrecy from the ciphersuite. - CVE-2015-0204 (cipher downgrade) The ssl3_get_key_exchange function in s3_clnt.c allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role. - CVE-2015-0205 (certificate verification bypass) An OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. This effectively allows a client to authenticate without the use of a private key. This only affects servers which trust a client certificate authority which issues certificates containing DH keys. - CVE-2014-8275 (certificate fingerprint modification) OpenSSL accepts several non-DER-variations of certificate signature algorithm and signature encodings. OpenSSL also does not enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. By modifying the contents of the signature algorithm or the encoding of the signature, it is possible to change the certificate's fingerprint. This does not allow an attacker to forge certificates, and does not affect certificate verification or OpenSSL servers/clients in any other way. It also does not affect common revocation mechanisms. Only custom applications that rely on the uniqueness of the fingerprint (e.g. certificate blacklists) may be affected. - CVE-2014-3570 (bignum squaring error) The BN_sqr implementation does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, relatedto crypto/bn/asm/mips.pl, crypto/bn/asm/x86_64-gcc.c, and crypto/bn/bn_asm.c. Impact ===== A remote attacker is able to perform denial of service attacks, downgrade the cipher (effectively removing forward secrecy) or bypass certificate blacklists via various vectors. References ========= https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3571 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0206 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3569 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3572 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0204 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0205 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8275 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3570 . Urgent notification for Arch Linux OpenSSL component regarding significant vulnerabilities. Immediate update is advised to prevent potential threats.. Arch Linux OpenSSL Threats, OpenSSL Security Update, Remote Security Issues. . LinuxSecurity.com Team

Calendar 2 Jan 09, 2015 ArchLinux
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here