Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
89
security advisoryFedoracritical updateFedora 36: 2022-e9378a3573 Critical: Kernel-Headers Update
The 5.17.6 stable kernel updates contain a number of important fixes across the tree.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-e9378a3573 2022-05-11 01:16:35.951686 --------------------------------------------------------------------------------Name : kernel-headers Product : Fedora 36 Version : 5.17.6 Release : 300.fc36 URL : https://www.kernel.org/ Summary : Header files for the Linux kernel for use by glibc Description : Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. --------------------------------------------------------------------------------Update Information: The 5.17.6 stable kernel updates contain a number of important fixes across the tree. --------------------------------------------------------------------------------ChangeLog: * Mon May 9 2022 Justin M. Forbes - 5.17.6-300 - Linux v5.17.6 --------------------------------------------------------------------------------References: [ 1 ] Bug #2080330 - kernel: Concurrency use-after-free in floppy's raw_cmd https://bugzilla.redhat.com/show_bug.cgi?id=2080330 [ 2 ] Bug #2080940 - CVE-2022-29968 kernel: io_rw_init_file in fs/io_uring.c lacks initialization of kiocb-> private https://bugzilla.redhat.com/show_bug.cgi?id=2080940 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-e9378a3573' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keysused by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 10, 2022
•Critical
Fedora
100
security advisoryaccess controlimportantSUSE: 2020:3651-1 Important: Live Patch Critical Issues for Kernel
An update that fixes three vulnerabilities is now available. . SUSE Security Update: Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3651-1 Rating: important References: #1178622 #1178700 #1178783 Cross-References: CVE-2020-25668 CVE-2020-25705 CVE-2020-8694 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Module for Live Patching 15-SP2 SUSE Linux Enterprise Module for Live Patching 15 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for the Linux Kernel 4.4.180-94_121 fixes several issues. The following security issues were fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op (bsc#1178622). - CVE-2020-8694: Fixed an insufficient access control in the Linux kernel driver for some Intel(R) Processors which might have allowed an authenticated user to potentially enable information disclosure via local access (bsc#1178700). - CVE-2020-25705: Fixed a flaw which could have allowed an off-path remote user to effectively bypass source port UDP randomization (bsc#1178783). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2020-3649=1 SUSE-SLE-SAP-12-SP3-2020-3650=1 SUSE-SLE-SAP-12-SP3-2020-3651=1SUSE-SLE-SAP-12-SP3-2020-3652=1 SUSE-SLE-SAP-12-SP3-2020-3654=1 SUSE-SLE-SAP-12-SP3-2020-3655=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-3644=1 SUSE-SLE-SAP-12-SP2-2020-3645=1 SUSE-SLE-SAP-12-SP2-2020-3646=1 SUSE-SLE-SAP-12-SP2-2020-3647=1 - SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-3649=1 SUSE-SLE-SERVER-12-SP3-2020-3650=1 SUSE-SLE-SERVER-12-SP3-2020-3651=1 SUSE-SLE-SERVER-12-SP3-2020-3652=1 SUSE-SLE-SERVER-12-SP3-2020-3654=1 SUSE-SLE-SERVER-12-SP3-2020-3655=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-3644=1 SUSE-SLE-SERVER-12-SP2-2020-3645=1 SUSE-SLE-SERVER-12-SP2-2020-3646=1 SUSE-SLE-SERVER-12-SP2-2020-3647=1 - SUSE Linux Enterprise Module for Live Patching 15-SP2: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2020-3691=1 SUSE-SLE-Module-Live-Patching-15-SP2-2020-3692=1 SUSE-SLE-Module-Live-Patching-15-SP2-2020-3693=1 SUSE-SLE-Module-Live-Patching-15-SP2-2020-3694=1 SUSE-SLE-Module-Live-Patching-15-SP2-2020-3695=1 SUSE-SLE-Module-Live-Patching-15-SP2-2020-3696=1 SUSE-SLE-Module-Live-Patching-15-SP2-2020-3697=1 - SUSE Linux Enterprise Module for Live Patching 15: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2020-3676=1 SUSE-SLE-Module-Live-Patching-15-2020-3677=1 SUSE-SLE-Module-Live-Patching-15-2020-3678=1 SUSE-SLE-Module-Live-Patching-15-2020-3679=1 Package List: - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): kgraft-patch-4_4_180-94_113-default-9-2.2 kgraft-patch-4_4_180-94_113-default-debuginfo-9-2.2 kgraft-patch-4_4_180-94_116-default-6-2.2 kgraft-patch-4_4_180-94_116-default-debuginfo-6-2.2 kgraft-patch-4_4_180-94_121-default-5-2.2 kgraft-patch-4_4_180-94_121-default-debuginfo-5-2.2 kgraft-patch-4_4_180-94_124-default-5-2.2 kgraft-patch-4_4_180-94_124-default-debuginfo-5-2.2 kgraft-patch-4_4_180-94_127-default-5-2.1 kgraft-patch-4_4_180-94_127-default-debuginfo-5-2.1 kgraft-patch-4_4_180-94_130-default-4-2.1 kgraft-patch-4_4_180-94_130-default-debuginfo-4-2.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): kgraft-patch-4_4_121-92_129-default-7-2.2 kgraft-patch-4_4_121-92_135-default-5-2.2 kgraft-patch-4_4_121-92_138-default-5-2.1 kgraft-patch-4_4_121-92_141-default-4-2.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (ppc64le x86_64): kgraft-patch-4_4_180-94_113-default-9-2.2 kgraft-patch-4_4_180-94_113-default-debuginfo-9-2.2 kgraft-patch-4_4_180-94_116-default-6-2.2 kgraft-patch-4_4_180-94_116-default-debuginfo-6-2.2 kgraft-patch-4_4_180-94_121-default-5-2.2 kgraft-patch-4_4_180-94_121-default-debuginfo-5-2.2 kgraft-patch-4_4_180-94_124-default-5-2.2 kgraft-patch-4_4_180-94_124-default-debuginfo-5-2.2 kgraft-patch-4_4_180-94_127-default-5-2.1 kgraft-patch-4_4_180-94_127-default-debuginfo-5-2.1 kgraft-patch-4_4_180-94_130-default-4-2.1 kgraft-patch-4_4_180-94_130-default-debuginfo-4-2.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le x86_64): kgraft-patch-4_4_121-92_129-default-7-2.2 kgraft-patch-4_4_121-92_135-default-5-2.2 kgraft-patch-4_4_121-92_138-default-5-2.1 kgraft-patch-4_4_121-92_141-default-4-2.1 - SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x x86_64): kernel-livepatch-5_3_18-22-default-5-5.2 kernel-livepatch-5_3_18-22-default-debuginfo-5-5.2 kernel-livepatch-5_3_18-24_12-default-4-2.1 kernel-livepatch-5_3_18-24_12-default-debuginfo-4-2.1 kernel-livepatch-5_3_18-24_15-default-4-2.1 kernel-livepatch-5_3_18-24_15-default-debuginfo-4-2.1 kernel-livepatch-5_3_18-24_24-default-4-2.1 kernel-livepatch-5_3_18-24_24-default-debuginfo-4-2.1 kernel-livepatch-5_3_18-24_29-default-2-2.1 kernel-livepatch-5_3_18-24_29-default-debuginfo-2-2.1 kernel-livepatch-5_3_18-24_34-default-2-2.1 kernel-livepatch-5_3_18-24_34-default-debuginfo-2-2.1 kernel-livepatch-5_3_18-24_9-default-5-2.1 kernel-livepatch-5_3_18-24_9-default-debuginfo-5-2.1 kernel-livepatch-SLE15-SP2_Update_0-debugsource-5-5.2 kernel-livepatch-SLE15-SP2_Update_1-debugsource-5-2.1 kernel-livepatch-SLE15-SP2_Update_2-debugsource-4-2.1 kernel-livepatch-SLE15-SP2_Update_3-debugsource-4-2.1 kernel-livepatch-SLE15-SP2_Update_4-debugsource-4-2.1 kernel-livepatch-SLE15-SP2_Update_5-debugsource-2-2.1 kernel-livepatch-SLE15-SP2_Update_6-debugsource-2-2.1 - SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64): kernel-livepatch-4_12_14-150_47-default-9-2.2 kernel-livepatch-4_12_14-150_47-default-debuginfo-9-2.2 kernel-livepatch-4_12_14-150_52-default-5-2.2 kernel-livepatch-4_12_14-150_52-default-debuginfo-5-2.2 kernel-livepatch-4_12_14-150_55-default-5-2.1 kernel-livepatch-4_12_14-150_55-default-debuginfo-5-2.1 kernel-livepatch-4_12_14-150_58-default-4-2.1 kernel-livepatch-4_12_14-150_58-default-debuginfo-4-2.1 References: https://www.suse.com/security/cve/CVE-2020-25668.html https://www.suse.com/security/cve/CVE-2020-25705.html https://www.suse.com/security/cve/CVE-2020-8694.html https://bugzilla.suse.com/show_bug.cgi?id=1178622 https://bugzilla.suse.com/show_bug.cgi?id=1178700 https://bugzilla.suse.com/show_bug.cgi?id=1178783 . SUSE unveils important kernel upgrade addressing severe vulnerabilities, boosting security and overall system reliability for its users.. SUSE Linux Kernel Update, Critical Security Fixes, Live Patching. . Severity: Important. LinuxSecurity.com Team
Dec 07, 2020
•Important
SuSE
100
security advisoryupdateaccess controlSUSE: 2020:3670-1 Important: Linux Kernel Security Update
An update that solves three vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP5) ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3670-1 Rating: important References: #1178046 #1178622 #1178700 #1178783 Cross-References: CVE-2020-25668 CVE-2020-25705 CVE-2020-8694 Affected Products: SUSE Linux Enterprise Module for Live Patching 15-SP1 SUSE Linux Enterprise Live Patching 12-SP5 SUSE Linux Enterprise Live Patching 12-SP4 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for the Linux Kernel 4.12.14-122_29 fixes several issues. The following security issues were fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op (bsc#1178622). - CVE-2020-8694: Fixed an insufficient access control in the Linux kernel driver for some Intel(R) Processors which might have allowed an authenticated user to potentially enable information disclosure via local access (bsc#1178700). - CVE-2020-25705: Fixed a flaw which could have allowed an off-path remote user to effectively bypass source port UDP randomization (bsc#1178783). - Fixed an issue where system was hanging due to a massive amount of soft lockups in btrfs_drop_and_free_fs_root() (bsc#1178046). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Live Patching 15-SP1: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2020-3680=1 SUSE-SLE-Module-Live-Patching-15-SP1-2020-3681=1SUSE-SLE-Module-Live-Patching-15-SP1-2020-3682=1 SUSE-SLE-Module-Live-Patching-15-SP1-2020-3683=1 SUSE-SLE-Module-Live-Patching-15-SP1-2020-3684=1 SUSE-SLE-Module-Live-Patching-15-SP1-2020-3685=1 SUSE-SLE-Module-Live-Patching-15-SP1-2020-3686=1 SUSE-SLE-Module-Live-Patching-15-SP1-2020-3687=1 SUSE-SLE-Module-Live-Patching-15-SP1-2020-3688=1 SUSE-SLE-Module-Live-Patching-15-SP1-2020-3689=1 - SUSE Linux Enterprise Live Patching 12-SP5: zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2020-3663=1 SUSE-SLE-Live-Patching-12-SP5-2020-3664=1 SUSE-SLE-Live-Patching-12-SP5-2020-3665=1 SUSE-SLE-Live-Patching-12-SP5-2020-3666=1 SUSE-SLE-Live-Patching-12-SP5-2020-3667=1 SUSE-SLE-Live-Patching-12-SP5-2020-3668=1 SUSE-SLE-Live-Patching-12-SP5-2020-3669=1 SUSE-SLE-Live-Patching-12-SP5-2020-3670=1 SUSE-SLE-Live-Patching-12-SP5-2020-3671=1 SUSE-SLE-Live-Patching-12-SP5-2020-3672=1 SUSE-SLE-Live-Patching-12-SP5-2020-3673=1 SUSE-SLE-Live-Patching-12-SP5-2020-3674=1 - SUSE Linux Enterprise Live Patching 12-SP4: zypper in -t patch SUSE-SLE-Live-Patching-12-SP4-2020-3657=1 SUSE-SLE-Live-Patching-12-SP4-2020-3658=1 SUSE-SLE-Live-Patching-12-SP4-2020-3659=1 SUSE-SLE-Live-Patching-12-SP4-2020-3660=1 SUSE-SLE-Live-Patching-12-SP4-2020-3661=1 SUSE-SLE-Live-Patching-12-SP4-2020-3662=1 Package List: - SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64): kernel-livepatch-4_12_14-197_29-default-9-2.2 kernel-livepatch-4_12_14-197_34-default-8-2.2 kernel-livepatch-4_12_14-197_37-default-8-2.2 kernel-livepatch-4_12_14-197_40-default-7-2.2 kernel-livepatch-4_12_14-197_45-default-5-2.2 kernel-livepatch-4_12_14-197_48-default-5-2.1 kernel-livepatch-4_12_14-197_51-default-5-2.1 kernel-livepatch-4_12_14-197_56-default-4-2.1 kernel-livepatch-4_12_14-197_61-default-3-2.1 kernel-livepatch-4_12_14-197_64-default-2-2.1 - SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64): kgraft-patch-4_12_14-122_17-default-8-2.2 kgraft-patch-4_12_14-122_20-default-7-2.2 kgraft-patch-4_12_14-122_23-default-5-2.2 kgraft-patch-4_12_14-122_26-default-5-2.2 kgraft-patch-4_12_14-122_29-default-5-2.1 kgraft-patch-4_12_14-122_32-default-5-2.1 kgraft-patch-4_12_14-122_37-default-4-2.1 kgraft-patch-4_12_14-122_41-default-3-2.1 kgraft-patch-4_12_14-122_46-default-2-2.1 - SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le x86_64): kgraft-patch-4_12_14-120-default-9-3.2 kgraft-patch-4_12_14-120-default-debuginfo-9-3.2 kgraft-patch-4_12_14-122_12-default-9-2.2 kgraft-patch-4_12_14-122_7-default-9-2.2 kgraft-patch-SLE12-SP5_Update_0-debugsource-9-3.2 - SUSE Linux Enterprise Live Patching 12-SP4 (ppc64le s390x x86_64): kgraft-patch-4_12_14-95_51-default-7-2.2 kgraft-patch-4_12_14-95_54-default-5-2.2 kgraft-patch-4_12_14-95_57-default-5-2.1 kgraft-patch-4_12_14-95_60-default-4-2.1 - SUSE Linux Enterprise Live Patching 12-SP4 (ppc64le x86_64): kgraft-patch-4_12_14-95_45-default-9-2.2 kgraft-patch-4_12_14-95_48-default-8-2.2 References: https://www.suse.com/security/cve/CVE-2020-25668.html https://www.suse.com/security/cve/CVE-2020-25705.html https://www.suse.com/security/cve/CVE-2020-8694.html https://bugzilla.suse.com/show_bug.cgi?id=1178046 https://bugzilla.suse.com/show_bug.cgi?id=1178622 https://bugzilla.suse.com/show_bug.cgi?id=1178700 https://bugzilla.suse.com/show_bug.cgi?id=1178783 . A critical SUSE update has been released, targeting three key vulnerabilities within the Linux Kernel for SLE 12 SP5. This patch aims to enhance security and system stability.. SUSE Update, Linux Kernel Security, Kernel Patching. . Severity: Important. LinuxSecurity.com Team
Dec 07, 2020
•Important
SuSE
100
security advisoryupdatekernel patchSUSE 12 SP5: 2020:3698-1 Important: Kernel Concurrency Fix
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP5) ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3698-1 Rating: important References: #1178622 Cross-References: CVE-2020-25668 Affected Products: SUSE Linux Enterprise Module for Live Patching 15-SP2 SUSE Linux Enterprise Live Patching 12-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 4.12.14-122_51 fixes one issue. The following security issue was fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op (bsc#1178622). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Live Patching 15-SP2: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2020-3698=1 - SUSE Linux Enterprise Live Patching 12-SP5: zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2020-3675=1 Package List: - SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x x86_64): kernel-livepatch-5_3_18-24_37-default-2-2.1 kernel-livepatch-5_3_18-24_37-default-debuginfo-2-2.1 kernel-livepatch-SLE15-SP2_Update_7-debugsource-2-2.1 - SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64): kgraft-patch-4_12_14-122_51-default-2-2.1 References: https://www.suse.com/security/cve/CVE-2020-25668.html https://bugzilla.suse.com/show_bug.cgi?id=1178622 . Important notice for SUSE Linux Kernel Live Patch that resolves a race condition linked to a security enhancement. Learn further details!. SUSE Linux Kernel, LivePatching, Security Update, Kernel Fix. . Severity: Important. LinuxSecurity.com Team
Dec 07, 2020
•Important
SuSE
100
security advisoryremote accesspatchSUSE: 2021:4582-1 Critical: Kernel Live Patch 22 for SLE 15 SP2
An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP1) ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3690-1 Rating: important References: #1178622 #1178783 Cross-References: CVE-2020-25668 CVE-2020-25705 Affected Products: SUSE Linux Enterprise Module for Live Patching 15-SP1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for the Linux Kernel 4.12.14-197_67 fixes several issues. The following security issues were fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op (bsc#1178622). - CVE-2020-25705: Fixed a flaw which could have allowed an off-path remote user to effectively bypass source port UDP randomization (bsc#1178783). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Live Patching 15-SP1: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2020-3690=1 Package List: - SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64): kernel-livepatch-4_12_14-197_67-default-2-2.1 References: https://www.suse.com/security/cve/CVE-2020-25668.html https://www.suse.com/security/cve/CVE-2020-25705.html https://bugzilla.suse.com/show_bug.cgi?id=1178622 https://bugzilla.suse.com/show_bug.cgi?id=1178783 . SUSE has released a security update for the Linux Kernel (Live Patch 18) to address significant vulnerabilities in SLE 15 SP1.. Linux Kernel Update, SUSE Security Patch, Live Patching Fixes. . Severity: Critical. LinuxSecurity.com Team
Dec 07, 2020
•Critical
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!