Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
202
security advisoryimportantkernelopenSUSE 15 SP4: Kernel Important Fix for DoS Threat SUSE-SU-2025:4003-1
An update that solves two vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP5) Announcement ID: SUSE-SU-2025:4003-1 Release Date: 2025-11-09T06:04:02Z Rating: important References: * bsc#1248631 * bsc#1249847 Cross-References: * CVE-2022-50252 * CVE-2025-38664 CVSS scores: * CVE-2022-50252 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50252 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38664 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38664 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_121 fixes several issues. The following security issues were fixed: * CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248631). * CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249847). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-4003=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-4003=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-4002=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-4002=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_44-debugsource-3-150400.4.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-3-150400.4.1 * kernel-livepatch-5_14_21-150400_24_176-default-3-150400.4.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_44-debugsource-3-150400.4.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-3-150400.4.1 * kernel-livepatch-5_14_21-150400_24_176-default-3-150400.4.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_30-debugsource-3-150500.4.1 * kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-3-150500.4.1 * kernel-livepatch-5_14_21-150500_55_121-default-3-150500.4.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_30-debugsource-3-150500.4.1 * kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-3-150500.4.1 * kernel-livepatch-5_14_21-150500_55_121-default-3-150500.4.1 ## References: * https://www.suse.com/security/cve/CVE-2022-50252.html * https://www.suse.com/security/cve/CVE-2025-38664.html * https://bugzilla.suse.com/show_bug.cgi?id=1248631 * https://bugzilla.suse.com/show_bug.cgi?id=1249847 . Critical update for openSUSE addresses important kernel vulnerabilities. Essential patches available for multiple versions.. openSUSE kernel patch important vulnerabilities security update. . Severity: Important. LinuxSecurity.com Team
Nov 10, 2025
•Important
OpenSUSE
89
security advisorycriticalFedoraFedora 36: Critical Security Advisory for Wavpack Null Pointer Exploit
Security fix for CVE-2022-2476. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-ca2f721916 2022-10-12 13:01:12.662985 --------------------------------------------------------------------------------Name : wavpack Product : Fedora 36 Version : 5.5.0 Release : 2.fc36 URL : https://www.wavpack.com/ Summary : A completely open audiocodec Description : WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Although the technology is loosely based on previous versions of WavPack, the new version 4 format has been designed from the ground up to offer unparalleled performance and functionality. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2022-2476 --------------------------------------------------------------------------------ChangeLog: * Sat Jul 23 2022 Fedora Release Engineering - 5.5.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jul 13 2022 Tomas Korbar - 5.5.0-1 - Rebase to 5.5.0 - Resolves: rhbz#2105686 --------------------------------------------------------------------------------References: [ 1 ] Bug #2110455 - CVE-2022-2476 wavpack: null pointer dereference in main() in cli/wvunpack.c https://bugzilla.redhat.com/show_bug.cgi?id=2110455 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-ca2f721916' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Oct 12, 2022
•Critical
Fedora
100
security advisorysoftware patchimportantSUSE: 2020:3762-1 Important: OpenSSL Null Pointer Deference Issue
An update that solves one vulnerability, contains one feature and has 6 fixes is now available. . SUSE Security Update: Security update for openssl-1_0_0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3762-1 Rating: important References: #1155346 #1176029 #1177479 #1177575 #1177673 #1177793 #1179491 SLE-10541 Cross-References: CVE-2020-1971 Affected Products: SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Module for Legacy Software 15-SP3 SUSE Linux Enterprise Module for Legacy Software 15-SP2 SUSE Linux Enterprise Module for Legacy Software 15-SP1 SUSE Enterprise Storage 6 ______________________________________________________________________________ An update that solves one vulnerability, contains one feature and has 6 fixes is now available. Description: This update for openssl-1_0_0 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME (bsc#1179491). - Initialized dh-> nid to NID_undef in DH_new_method() (bsc#1177673). - Fixed a test failure in apache_ssl in fips mode (bsc#1177793). - Renamed BN_get_rfc3526_prime_* functions back to get_rfc3526_prime_* (bsc#1177575). - Restored private key check in EC_KEY_check_key (bsc#1177479). - Added shared secret KAT to FIPS DH selftest (bsc#1176029). - Included ECDH/DH Requirements from SP800-56Arev3 (bsc#1176029). - Used SHA-2 in the RSA pairwise consistency check (bsc#1155346) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 15: zypper in -t patchSUSE-SLE-Product-SLES_SAP-15-2020-3762=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2020-3762=1 - SUSE Linux Enterprise Module for Legacy Software 15-SP3: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2020-3762=1 - SUSE Linux Enterprise Module for Legacy Software 15-SP2: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP2-2020-3762=1 - SUSE Linux Enterprise Module for Legacy Software 15-SP1: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP1-2020-3762=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2020-3762=1 Package List: - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): libopenssl-1_0_0-devel-1.0.2p-3.34.1 libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): libopenssl-1_0_0-devel-1.0.2p-3.34.1 libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 - SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64): libopenssl-1_0_0-devel-1.0.2p-3.34.1 libopenssl10-1.0.2p-3.34.1 libopenssl10-debuginfo-1.0.2p-3.34.1 libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 - SUSE Linux Enterprise Module for Legacy Software 15-SP2 (aarch64 ppc64le s390x x86_64): libopenssl-1_0_0-devel-1.0.2p-3.34.1 libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 - SUSELinux Enterprise Module for Legacy Software 15-SP1 (aarch64 ppc64le s390x x86_64): libopenssl-1_0_0-devel-1.0.2p-3.34.1 libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 References: https://www.suse.com/security/cve/CVE-2020-1971.html https://bugzilla.suse.com/1155346 https://bugzilla.suse.com/1176029 https://bugzilla.suse.com/1177479 https://bugzilla.suse.com/1177575 https://bugzilla.suse.com/1177673 https://bugzilla.suse.com/1177793 https://bugzilla.suse.com/1179491 . A critical update from SUSE addresses a flaw in openssl, boosting the overall security and stability of the system.. SUSE Security Update, OpenSSL Fix, System Integrity Update, Linux Security Patch. . Severity: Important. LinuxSecurity.com Team
Dec 11, 2020
•Important
SuSE
89
security advisoryFedoraupdate informationFedora 30: FEDORA-2020-cb7b7181a0 Critical: sox Null Pointer Deference
Fixes **CVE-2017-18189**.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-cb7b7181a0 2020-02-08 01:36:33.446944 --------------------------------------------------------------------------------Name : sox Product : Fedora 30 Version : 14.4.2.0 Release : 28.fc30 URL : https://sourceforge.net/projects/sox/ Summary : A general purpose sound file conversion tool Description : SoX (Sound eXchange) is a sound file format converter. SoX can convert between many different digitized sound formats and perform simple sound manipulation functions, including sound effects. --------------------------------------------------------------------------------Update Information: Fixes **CVE-2017-18189**. --------------------------------------------------------------------------------ChangeLog: * Wed Jan 29 2020 Jiri Kucera - 14.4.2.0-28 - fix CVE-2017-18189 resolves #1545867 * Wed Jan 29 2020 Jiri Kucera - 14.4.2.0-27 - remove %check (we use Fedora CI instead in a future) * Fri Jul 26 2019 Fedora Release Engineering - 14.4.2.0-26 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1545867 - CVE-2017-18189 sox: Null pointer dereference in startread function in xa.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1545867 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-cb7b7181a0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Feb 07, 2020
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!