Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 20 articles for you...
219
security advisorydenial of serviceimportantRocky Linux 9 RLSA-2026-3294 runc Major Concerns About Operational Halts
Important: runc security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3291", "synopsis": "Important: runc security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for runc.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2418462", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462", "description": ""}, {"ticket": "2434432", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432", "description": ""}, {"ticket": "2437111", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111", "description": ""}], "cves": [{"name": "CVE-2025-61726", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-61726", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-770"}, {"name": "CVE-2025-61729", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-61729", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-1050"}, {"name": "CVE-2025-68121", "sourceBy":"MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-68121", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "cvss3BaseScore": "7.4", "cwe": null}], "references": [], "publishedAt": "2026-02-26T20:45:27.603517Z", "rpms": {"Rocky Linux 9": {"nvras": ["runc-4:1.4.0-2.el9_7.aarch64.rpm", "runc-4:1.4.0-2.el9_7.ppc64le.rpm", "runc-4:1.4.0-2.el9_7.s390x.rpm", "runc-4:1.4.0-2.el9_7.src.rpm", "runc-4:1.4.0-2.el9_7.x86_64.rpm", "runc-debuginfo-4:1.4.0-2.el9_7.aarch64.rpm", "runc-debuginfo-4:1.4.0-2.el9_7.ppc64le.rpm", "runc-debuginfo-4:1.4.0-2.el9_7.s390x.rpm", "runc-debuginfo-4:1.4.0-2.el9_7.x86_64.rpm", "runc-debugsource-4:1.4.0-2.el9_7.aarch64.rpm", "runc-debugsource-4:1.4.0-2.el9_7.ppc64le.rpm", "runc-debugsource-4:1.4.0-2.el9_7.s390x.rpm", "runc-debugsource-4:1.4.0-2.el9_7.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important runc security update for Rocky Linux 9 addresses multiple denial of service issues and memory exhaustion risks.. Rocky Linux Security Update,runc Denial of Service,memory exhaustion,container runtime,security patch. . Severity: Important. LinuxSecurity.com Team
Feb 26, 2026
•Important
Rocky Linux
217
security advisorysecurity issueremote accessOracle Linux 9: ELSA-2025-20957 runc Important CVE-2025-31133
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-20957 http://linux.oracle.com/errata/ELSA-2025-20957.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: runc-1.3.0-4.el9_7.x86_64.rpm aarch64: runc-1.3.0-4.el9_7.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/runc-1.3.0-4.el9_7.src.rpm Related CVEs: CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Description of changes: [4:1.3.0-4] - rename errors.go to errors_linux.go - Related: RHEL-122400 [4:1.3.0-3] - Add relevant patches to CVEs - Resolves: RHEL-122400 [4:1.3.0-2] - fix CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 - Resolves: RHEL-122400 - Resolves: RHEL-122403 - Resolves: RHEL-122414 _______________________________________________ El-errata mailing list
Nov 26, 2025
•Important
Oracle
89
security advisoryfedorasecurity fixDebian 12: containerd 1.6.4 Critical Vulnerability Patch 2025-2a8790413f
Update to release 1.34.2 Resolves: rhbz#2407595, rhbz#2407866, rhbz#2408142, rhbz#2408577 Resolves: rhbz#2408640, rhbz#2408703, rhbz#2409050, rhbz#2409333 Resolves: rhbz#2409612, rhbz#2409998, rhbz#2410285, rhbz#2410563 Resolves: rhbz#2410930, rhbz#2411198, rhbz#2411461, rhbz#2412526. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-1e7710541e 2025-11-22 01:11:37.542819+00:00 -------------------------------------------------------------------------------- Name : cri-o1.34 Product : Fedora 42 Version : 1.34.2 Release : 1.fc42 URL : https://github.com/cri-o/cri-o Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface Description : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. -------------------------------------------------------------------------------- Update Information: Update to release 1.34.2 Resolves: rhbz#2407595, rhbz#2407866, rhbz#2408142, rhbz#2408577 Resolves: rhbz#2408640, rhbz#2408703, rhbz#2409050, rhbz#2409333 Resolves: rhbz#2409612, rhbz#2409998, rhbz#2410285, rhbz#2410563 Resolves: rhbz#2410930, rhbz#2411198, rhbz#2411461, rhbz#2412526 Resolves: rhbz#2412678, rhbz#2412758 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2025 Bradley G Smith - 1.34.2-1 - Update to release 1.34.2 - Resolves: rhbz#2407595, rhbz#2407866, rhbz#2408142, rhbz#2408577 - Resolves: rhbz#2408640, rhbz#2408703, rhbz#2409050, rhbz#2409333 - Resolves: rhbz#2409612, rhbz#2409998, rhbz#2410285, rhbz#2410563 - Resolves: rhbz#2410930, rhbz#2411198, rhbz#2411461, rhbz#2412526 - Resolves: rhbz#2412678, rhbz#2412758 * Fri Oct 10 2025 Maxwell G - 1.34.1-2 - Rebuild for golang 1.25.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2407595 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPNnegotiation error contains attacker controlled information [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2407595 [ 2 ] Bug #2407866 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2407866 [ 3 ] Bug #2408142 - CVE-2025-58189 cri-o1.34: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408142 [ 4 ] Bug #2408577 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2408577 [ 5 ] Bug #2408640 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2408640 [ 6 ] Bug #2408703 - CVE-2025-61725 cri-o1.34: Excessive CPU consumption in ParseAddress in net/mail [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408703 [ 7 ] Bug #2409050 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2409050 [ 8 ] Bug #2409333 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2409333 [ 9 ] Bug #2409612 - CVE-2025-61723 cri-o1.34: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409612 [ 10 ] Bug #2409998 - CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2409998 [ 11 ] Bug #2410285 - CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2410285 [ 12 ] Bug #2410563 -CVE-2025-58185 cri-o1.34: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410563 [ 13 ] Bug #2410930 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2410930 [ 14 ] Bug #2411198 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2411198 [ 15 ] Bug #2411461 - CVE-2025-58188 cri-o1.34: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2411461 [ 16 ] Bug #2412526 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2412526 [ 17 ] Bug #2412678 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2412678 [ 18 ] Bug #2412758 - CVE-2025-58183 cri-o1.34: Unbounded allocation when parsing GNU sparse map [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2412758 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-1e7710541e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Nov 22, 2025
•Important
Fedora
89
security advisoryfedoracriticalFedora 42: cri-o1.32 Critical Fixes for DoS Issues 2025-91677b56d4
Update to release v1.32.10. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-91677b56d4 2025-11-22 01:11:37.542815+00:00 -------------------------------------------------------------------------------- Name : cri-o1.32 Product : Fedora 42 Version : 1.32.10 Release : 1.fc42 URL : https://github.com/cri-o/cri-o Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface Description : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. -------------------------------------------------------------------------------- Update Information: Update to release v1.32.10 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2025 Bradley G Smith - 1.32.10-1 - Update to release v1.32.10 - Resolves: rhbz#2407593, rhbz#2407864, rhbz#2408140, rhbz#2408571 - Resolves: rhbz#2408638, rhbz#2408701, rhbz#2409048, rhbz#2409331 - Resolves: rhbz#2409610, rhbz#2409996, rhbz#2410283, rhbz#2410561 - Resolves: rhbz#2410928, rhbz#2411196, rhbz#2411459, rhbz#2412524 - Resolves: rhbz#2412676, rhbz#2412756 * Fri Oct 10 2025 Alejandro Sez - 1.32.9-2 - rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2407593 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2407593 [ 2 ] Bug #2407864 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2407864 [ 3 ] Bug #2408140 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408140 [ 4 ] Bug #2408571 - CVE-2025-61725 cri-o1.32: Excessive CPU consumptionin ParseAddress in net/mail [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2408571 [ 5 ] Bug #2408638 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2408638 [ 6 ] Bug #2408701 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408701 [ 7 ] Bug #2409048 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2409048 [ 8 ] Bug #2409331 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2409331 [ 9 ] Bug #2409610 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409610 [ 10 ] Bug #2409996 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2409996 [ 11 ] Bug #2410283 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2410283 [ 12 ] Bug #2410561 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410561 [ 13 ] Bug #2410928 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2410928 [ 14 ] Bug #2411196 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2411196 [ 15 ] Bug #2411459 - CVE-2025-58188 cri-o1.32: Panic when validatingcertificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2411459 [ 16 ] Bug #2412524 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2412524 [ 17 ] Bug #2412676 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2412676 [ 18 ] Bug #2412756 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2412756 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-91677b56d4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update to cri-o1.32 version 1.32.10 in Fedora 42 enhances container runtime security and resolves multiple critical issues.. cri-o1.32 upgrade, Fedora 42 security, container runtime patching. . Severity: Critical. LinuxSecurity.com Team
Nov 22, 2025
•Critical
Fedora
89
security advisoryfedoracriticalFedora 41: cri-o1.32 Critical CPU Consumption Issues FEDORA-2025-8c88aa0c74
Update to release v1.32.10. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-8c88aa0c74 2025-11-22 01:00:51.617438+00:00 -------------------------------------------------------------------------------- Name : cri-o1.32 Product : Fedora 41 Version : 1.32.10 Release : 1.fc41 URL : https://github.com/cri-o/cri-o Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface Description : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. -------------------------------------------------------------------------------- Update Information: Update to release v1.32.10 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 11 2025 Bradley G Smith - 1.32.10-1 - Update to release v1.32.10 - Resolves: rhbz#2407593, rhbz#2407864, rhbz#2408140, rhbz#2408571 - Resolves: rhbz#2408638, rhbz#2408701, rhbz#2409048, rhbz#2409331 - Resolves: rhbz#2409610, rhbz#2409996, rhbz#2410283, rhbz#2410561 - Resolves: rhbz#2410928, rhbz#2411196, rhbz#2411459, rhbz#2412524 - Resolves: rhbz#2412676, rhbz#2412756 * Fri Oct 10 2025 Alejandro Sez - 1.32.9-2 - rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2407593 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2407593 [ 2 ] Bug #2407864 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2407864 [ 3 ] Bug #2408140 - CVE-2025-58189 cri-o1.32: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408140 [ 4 ] Bug #2408571 - CVE-2025-61725 cri-o1.32: Excessive CPU consumptionin ParseAddress in net/mail [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2408571 [ 5 ] Bug #2408638 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2408638 [ 6 ] Bug #2408701 - CVE-2025-61725 cri-o1.32: Excessive CPU consumption in ParseAddress in net/mail [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408701 [ 7 ] Bug #2409048 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2409048 [ 8 ] Bug #2409331 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2409331 [ 9 ] Bug #2409610 - CVE-2025-61723 cri-o1.32: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409610 [ 10 ] Bug #2409996 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2409996 [ 11 ] Bug #2410283 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2410283 [ 12 ] Bug #2410561 - CVE-2025-58185 cri-o1.32: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410561 [ 13 ] Bug #2410928 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2410928 [ 14 ] Bug #2411196 - CVE-2025-58188 cri-o1.32: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2411196 [ 15 ] Bug #2411459 - CVE-2025-58188 cri-o1.32: Panic when validatingcertificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2411459 [ 16 ] Bug #2412524 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2412524 [ 17 ] Bug #2412676 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2412676 [ 18 ] Bug #2412756 - CVE-2025-58183 cri-o1.32: Unbounded allocation when parsing GNU sparse map [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2412756 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-8c88aa0c74' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fedora 41 update for cri-o1.32 tackles critical issues including excessive CPU usage and security concerns. . cri-o1.32, Fedora 41, container runtime, update, security advisory. . Severity: Critical. LinuxSecurity.com Team
Nov 22, 2025
•Critical
Fedora
89
security advisorydenial of servicefedoraFedora 41: cri-o1.33 Denial of Service Fix 2025-3976569481
Update to release v1.33.5 Resolves: rhbz#2333357, rhbz#2375096, rhbz#2398408, rhbz#2398663, rhbz#2399065, rhbz#2399339 Upstream fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-3976569481 2025-10-11 01:01:59.551895+00:00 -------------------------------------------------------------------------------- Name : cri-o1.33 Product : Fedora 41 Version : 1.33.5 Release : 1.fc41 URL : https://github.com/cri-o/cri-o Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface Description : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. -------------------------------------------------------------------------------- Update Information: Update to release v1.33.5 Resolves: rhbz#2333357, rhbz#2375096, rhbz#2398408, rhbz#2398663, rhbz#2399065, rhbz#2399339 Upstream fixes -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 2 2025 Bradley G Smith - 1.33.5-1 - Update to release v1.33.5 - Resolves: rhbz#2333357, rhbz#2375096, rhbz#2398408, rhbz#2398663, rhbz#2399065, rhbz#2399339 - Upstream fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #2333357 - cri-o-1.34.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2333357 [ 2 ] Bug #2375096 - CVE-2025-4437 cri-o1.33: Large /etc/passwd file may lead to Denial of Service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2375096 [ 3 ] Bug #2398408 - CVE-2025-47910 cri-o1.33: CrossOriginProtection bypass in net/http [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2398408 [ 4 ] Bug #2398663 - CVE-2025-47910 cri-o1.33: CrossOriginProtection bypass in net/http [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2398663 [ 5 ] Bug #2399065 - CVE-2025-47906 cri-o1.33:Unexpected paths returned from LookPath in os/exec [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2399065 [ 6 ] Bug #2399339 - CVE-2025-47906 cri-o1.33: Unexpected paths returned from LookPath in os/exec [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2399339 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-3976569481' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Oct 11, 2025
•Important
Fedora
89
security advisoryfedoraimportantFedora 42: cri-o 1.32.9 Important Security Fix 2025-37970906a8
Update to release 1.32.9 Resolves: rhbz#2333357, rhbz#2398407, rhbz#2398662, rhbz#2399064, rhbz#2399338 Upstream fix. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-37970906a8 2025-10-11 00:56:43.169072+00:00 -------------------------------------------------------------------------------- Name : cri-o1.32 Product : Fedora 42 Version : 1.32.9 Release : 1.fc42 URL : https://github.com/cri-o/cri-o Summary : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface Description : Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. -------------------------------------------------------------------------------- Update Information: Update to release 1.32.9 Resolves: rhbz#2333357, rhbz#2398407, rhbz#2398662, rhbz#2399064, rhbz#2399338 Upstream fix -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 2 2025 Bradley G Smith - 1.32.9-1 - Update to release 1.32.9 - Resolves: rhbz#2333357, rhbz#2398407, rhbz#2398662, rhbz#2399064, rhbz#2399338 - Upstream fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #2333357 - cri-o-1.34.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2333357 [ 2 ] Bug #2398407 - CVE-2025-47910 cri-o1.32: CrossOriginProtection bypass in net/http [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2398407 [ 3 ] Bug #2398662 - CVE-2025-47910 cri-o1.32: CrossOriginProtection bypass in net/http [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2398662 [ 4 ] Bug #2399064 - CVE-2025-47906 cri-o1.32: Unexpected paths returned from LookPath in os/exec [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2399064 [ 5 ] Bug #2399338 - CVE-2025-47906 cri-o1.32: Unexpected paths returned from LookPath in os/exec[fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2399338 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-37970906a8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Oct 11, 2025
•Important
Fedora
203
security advisorybug fixoverflowMageia 9 MGASA-2025-0130: containerd bug causes root access from overflow
containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root (UID 0). This could cause unexpected behavior . MGASA-2025-0130 - Updated docker-containerd packages fix security vulnerability Publication date: 10 Apr 2025 URL: https://advisories.mageia.org/MGASA-2025-0130.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-40635 containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a `UID:GID` larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root (UID 0). This could cause unexpected behavior for environments that require containers to run as a non-root user. This bug has been fixed in containerd 1.6.38, 1.7.27, and 2.04. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images. References: - https://bugs.mageia.org/show_bug.cgi?id=34145 - https://lists.fedoraproject.org/archives/list/
Apr 10, 2025
•Critical
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!