Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Calendar White Jun 10, 2026
Critical
Ubuntu Large Esm H900
Ubuntu

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Calendar White Jun 10, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of serviceimportant

SUSE 15 SP2: 2024:2944-1 Important: CVE-2023-31315 Denial of Service

* bsc#1229069 Cross-References: * CVE-2023-31315 . # Security update for kernel-firmware Announcement ID: SUSE-SU-2024:2944-1 Rating: important References: * bsc#1229069 Cross-References: * CVE-2023-31315 CVSS scores: * CVE-2023-31315 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for kernel-firmware fixes the following issues: * CVE-2023-31315: Fixed validation in a model specific register (MSR) that lead to modification of SMM configuration by malicious program with ring0 access (bsc#1229069) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2944=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2944=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2944=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * ucode-amd-20200107-150100.3.43.1 * kernel-firmware-20200107-150100.3.43.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * ucode-amd-20200107-150100.3.43.1 * kernel-firmware-20200107-150100.3.43.1 * SUSE Linux Enterprise Server for SAP Applications 15SP2 (noarch) * ucode-amd-20200107-150100.3.43.1 * kernel-firmware-20200107-150100.3.43.1 ## References: * https://www.suse.com/security/cve/CVE-2023-31315.html * https://bugzilla.suse.com/show_bug.cgi?id=1229069 . A vital patch for kernel-firmware resolves a severe flaw impacting SUSE platforms. Restart necessary.. SUSE Linux, Kernel-Firmware, Security Patching, Important Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 16, 2024 Important SuSE
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisoryhigh severityprivilege escalation

Arch Linux ASA-201505-6 High: Docker Privilege Escalation Threats

The package docker before version 1:1.6.1-1 is vulnerable to multiple issues including but not limited to privilege escalation, symlink traversal, unauthorized configuration modification, information disclosure and policy profile escalation. . Arch Linux Security Advisory ASA-201505-6 ======================================== Severity: High Date : 2015-05-08 CVE-ID : CVE-2015-3627 CVE-2015-3629 CVE-2015-3630 CVE-2015-3631 Package : docker Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package docker before version 1:1.6.1-1 is vulnerable to multiple issues including but not limited to privilege escalation, symlink traversal, unauthorized configuration modification, information disclosure and policy profile escalation. Resolution ========= Upgrade to 1:1.6.1-1. # pacman -Syu "docker> =1:1.6.1-1" The problems have been fixed upstream in version 1.6.1. Workaround ========= None. Description ========== - CVE-2015-3627 (privilege escalation) The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege escalation. - CVE-2015-3629 (privilege escalation) Symlink traversal on container respawn allows local privilege escalation. Libcontainer version 1.6.0 introduced changes which facilitated a mount namespace breakout upon respawn of a container. This allowed malicious images to write files to the host system and escape containerization. - CVE-2015-3630 (unauthorized modification) Several paths underneath /proc were writable from containers, allowing global system manipulation and configuration. These paths included /proc/asound, /proc/timer_stats, /proc/latency_stats, and /proc/fs. By allowing writes to /proc/fs, it has been noted that CIFS volumes could be forced into a protocol downgrade attack by a rootuser operating inside of a container. Machines having loaded the timer_stats module were vulnerable to having this mechanism enabled and consumed by a container. - CVE-2015-3631 (policy profile escalation) By allowing volumes to override files of /proc within a mount namespace, a user could specify arbitrary policies for Linux Security Modules, including setting an unconfined policy underneath AppArmor, or a docker_t policy for processes managed by SELinux. In all versions of Docker up until 1.6.1, it is possible for malicious images to configure volume mounts such that files of proc may be overridden. Impact ===== A remote attacker is able to escalate privileges via unsafe symlink traversal, modify the configuration of the host system or disclose information via specific writable descriptors in /proc or escalate the LSM policy profiles by overriding files of /proc. References ========= https://seclists.org/oss-sec/2015/q2/389 https://access.redhat.com/security/cve/CVE-2015-3627 https://access.redhat.com/security/cve/CVE-2015-3629 https://access.redhat.com/security/cve/CVE-2015-3630 https://access.redhat.com/security/cve/CVE-2015-3631 . Arch Linux Security Advisory ASA-202303-1 outlines critical vulnerabilities in the nginx package, urging users to perform an immediate update for enhanced protection.. Docker Security, Arch Linux Advisories, Escalation Threats, Security Issues. . LinuxSecurity.com Team

Calendar 2 May 08, 2015 ArchLinux
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here