Stay Vigilant with Timely Linux Security Advisories

Refine advisories

X Clear Filters

Critical (1)

Important (2)

Medium (1)

Low (1)

Ubuntu (4930)

denial of service (18259)

moderate (19164)

python-pip (63)

security advisory (114756)

system update (1879)

GStreamer (100)

important (27647)

plugin issue (11)

MySQL (355)

Fedora (1)

SuSE (1)

Published Date Range

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.42%)

78.42% votes

Formal training or courses (4.32%)

4.32% votes

A job that required it (4.89%)

4.89% votes

Other (12.37%)

12.37% votes

[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

bottom 200

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

We found -3 articles for you...

100

security advisorymoderateremote code execution

SUSE Linux Micro 6.0: 2025:20213-1 moderate: kernel patch update

* bsc#1233677 * bsc#1235008 * bsc#1235431 * bsc#1240840 . # Security update for kernel-livepatch-MICRO-6-0_Update_2 Announcement ID: SUSE-SU-2025:20213-1 Release Date: 2025-04-29T11:24:25Z Rating: moderate References: * bsc#1233677 * bsc#1235008 * bsc#1235431 * bsc#1240840 Cross-References: * CVE-2024-53082 * CVE-2024-53237 * CVE-2024-56650 * CVE-2024-8805 CVSS scores: * CVE-2024-53082 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53082 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-53237 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53237 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53237 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53237 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56650 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56650 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_2 fixes the following issues: * CVE-2024-53237: Fixed bluetooth: fix use-after-free in device_for_each_child() (bsc#1235008) * CVE-2024-53082: Fixed virtio_net: Add hash_key_length check (bsc#1233677) * CVE-2024-8805: Fixed BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability (bsc#1240840) * CVE-2024-56650: Fixed netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235431) ## PatchInstructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-18=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-19-default-4-1.1 * kernel-livepatch-MICRO-6-0_Update_2-debugsource-4-1.1 * kernel-livepatch-6_4_0-19-default-debuginfo-4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53082.html * https://www.suse.com/security/cve/CVE-2024-53237.html * https://www.suse.com/security/cve/CVE-2024-56650.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1233677 * https://bugzilla.suse.com/show_bug.cgi?id=1235008 * https://bugzilla.suse.com/show_bug.cgi?id=1235431 * https://bugzilla.suse.com/show_bug.cgi?id=1240840 . Patch release for OpenSUSE Micro 6.0 targeting several vulnerabilities, notably remote command execution and authorization flaws.. SUSE Linux Micro 6.0, kernel livepatch, patch instructions, security updates. . LinuxSecurity.com Team

Jun 04, 2025 SuSE

security advisoryRed Hatmemory corruption

Red Hat Enterprise Linux 9.0 RHSA-2023:0536 Critical Kpatch Memory Update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2023:0536-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0536 Issue date: 2023-01-30 CVE Names: CVE-2022-2964 CVE-2022-4139 ==================================================================== 1. Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v.9.0) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) * kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2067482 - CVE-2022-2964 kernel: memorycorruption in AX88179_178A based USB ethernet device. 2147572 - CVE-2022-4139 kernel: i915: Incorrect GPU TLB flush can lead to random memory access 6. Package List: Red Hat Enterprise Linux BaseOS EUS(v.9.0): Source: kpatch-patch-5_14_0-70_17_1-1-5.el9_0.src.rpm kpatch-patch-5_14_0-70_22_1-1-5.el9_0.src.rpm kpatch-patch-5_14_0-70_26_1-1-4.el9_0.src.rpm kpatch-patch-5_14_0-70_30_1-1-2.el9_0.src.rpm kpatch-patch-5_14_0-70_36_1-1-1.el9_0.src.rpm ppc64le: kpatch-patch-5_14_0-70_17_1-1-5.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_17_1-debuginfo-1-5.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_17_1-debugsource-1-5.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_22_1-1-5.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_22_1-debuginfo-1-5.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_22_1-debugsource-1-5.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_26_1-1-4.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_26_1-debuginfo-1-4.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_26_1-debugsource-1-4.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_30_1-1-2.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_30_1-debuginfo-1-2.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_30_1-debugsource-1-2.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_36_1-1-1.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_36_1-debuginfo-1-1.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_36_1-debugsource-1-1.el9_0.ppc64le.rpm x86_64: kpatch-patch-5_14_0-70_17_1-1-5.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_17_1-debuginfo-1-5.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_17_1-debugsource-1-5.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_22_1-1-5.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_22_1-debuginfo-1-5.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_22_1-debugsource-1-5.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_26_1-1-4.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_26_1-debuginfo-1-4.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_26_1-debugsource-1-4.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_30_1-1-2.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_30_1-debuginfo-1-2.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_30_1-debugsource-1-2.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_36_1-1-1.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_36_1-debuginfo-1-1.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_36_1-debugsource-1-1.el9_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our keyand details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-2964 https://access.redhat.com/security/cve/CVE-2022-4139 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY9fxqtzjgjWX9erEAQj28RAApKc8tB6JWNJN+DcpmMrp3JrqSAnDAZ17 e78xxKpkbHNMcBbjOsiG1LHQIfqcc3I9vn+oJz7gX/hto6NBzMIhxho8prhjQKrR btUHh4AfgFvQMQm4x7vZWgOLJsbXh5d7a4htO9f+ZmDpXFj4RNupiKpXkMkyzDNj 8DkEgbtHnpYKUE5JDIBtVpwYL2lBcCAxfY7a5uvG1l3AW53CSVJl8sBQsy0VsYMb Sp1ud2qnVvwjw48IHZZ8lF9gzfpk1jXRUEjgx9eZDPvlXJOCRhRss6z98ZZdVhnm 9saMNxl/5JLFBQrfFw3Z3id0cO4aeJFPdnwNz3HT+6OJATa/+/MfuUfYmNSJTtZz M8zD1f0GKm+K63z0QruoH2k9gzFjsYum8RhZlj1JM3bLbvsbhp8zE4fbGHvGBp4K Rm1Sjff2hlkTf58yghJOCZX4R5owCQV6MWc/OI1AFcKDmZVuKFq0KO74zcr1elnH r/RrgVH3xXfqx2Zea1+2EQMgJsWQ3aTilT1VaEL79P1ZBP5JxLOTjNFzlJSFlUYp 3KH00vJpeRdqFjZaFR9ddAcdikmdqj6gRXJF40Ur1n6g8Utf3C+TBtRiE45qXzCV uyNVkNiH+6iBELIYPfolBpMWpTizpepMPxfNiWs06GsVHl9aHuZfDFZtdP1UdNOi P0ecrxkbHeA=NjGs -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The kpatch-patch security update for RHEL 9.0 is vital for addressing critical memory management vulnerabilities, ensuring system integrity and security.. kpatch-patch Security, Red Hat Update, Memory Issues, Kernel Security, Linux Advisories. . Severity: Important. LinuxSecurity.com Team

Jan 30, 2023 •Important Red Hat

security advisoryupdateFedora

Fedora 33: 2021-4a91649cf3 Medium: tcmu-runner Access Control Fix

Fixes CVE-2020-28374 See tcmu-runner commit 2b16e96e6b63d0419d857f53e4cc67f0adb383fd tcmu-runner can't determine whether the device(s) referred to in XCOPY Copy Source/Copy Destination (CSCD) descriptors should be accessible to the initiator via transport settings, ACLs, etc. Consequently, fail XCOPY requests with CSCD descriptors which refer to any. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-4a91649cf3 2021-02-03 01:54:49.296884 --------------------------------------------------------------------------------Name : tcmu-runner Product : Fedora 33 Version : 1.5.2 Release : 7.fc33 URL : https://github.com/open-iscsi/tcmu-runner Summary : A daemon that supports LIO userspace backends Description : A daemon that handles the complexity of the LIO kernel target's userspace passthrough interface (TCMU). It presents a C plugin API for extension modules that handle SCSI requests in ways not possible or suitable to be handled by LIO's in-kernel backstores. --------------------------------------------------------------------------------Update Information: Fixes CVE-2020-28374 See tcmu-runner commit 2b16e96e6b63d0419d857f53e4cc67f0adb383fd tcmu-runner can't determine whether the device(s) referred to in XCOPY Copy Source/Copy Destination (CSCD) descriptors should be accessible to the initiator via transport settings, ACLs, etc. Consequently, fail XCOPY requests with CSCD descriptors which refer to any device other than where the XCOPY request is processed. --------------------------------------------------------------------------------ChangeLog: * Mon Jan 25 2021 Maurizio Lombardi - 1.5.2-7 - Fixes CVE-2020-28374 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-4a91649cf3' at the command line. For more information, refer to the dnf documentationavailable at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . In reference to CVE-2020-28375, this patch enhances tcmu-runner's verification process for device accessibility concerning WRITE requests.. tcmu-runner Update, Fedora Access Control, XCOPY Fix. . Severity: Medium. LinuxSecurity.com Team

Feb 02, 2021 •Medium Fedora

200

security advisorybug fixlow severity

Libvirt Security Update for Device Access on Scientific Linux 5.x

Low: libvirt security and bug fix update. Date: Wed, 16 Jan 2013 16:10:27 -0600 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Organization: Fermilab Subject: Security ERRATA Low: libvirt on SL5.x i386/x86_64 MIME-Version: 1.0 Synopsis: Low: libvirt security and bug fix update Issue Date: 2013-01-08 CVE Numbers: CVE-2012-2693 -- Bus and device IDs were ignored when attempting to attach multiple USB devices with identical vendor or product IDs to a guest. This could result in the wrong device being attached to a guest, giving that guest root access to the device. (CVE-2012-2693) This update also fixes the following bugs: * Previously, the libvirtd library failed to set the autostart flags for already defined QEMU domains. This bug has been fixed, and the domains can now be successfully marked as autostarted. * Prior to this update, the virFileAbsPath() function was not taking into account the slash ("/") directory separator when allocating memory for combining the cwd() function and a path. This behavior could lead to a memory corruption. With this update, a transformation to the virAsprintff() function has been introduced into virFileAbsPath(). As a result, the aforementioned behavior no longer occurs. * With this update, a man page of the virsh user interface has been enhanced with information on the "domxml-from-native" and "domxml-to-native" commands. A correct notation of the format argument has been clarified. As a result, confusion is avoided when setting the format argument in the described commands. After installing the updated packages, libvirtd will be restarted automatically. -- SL5 x86_64 libvirt-0.8.2-29.el5.i386.rpm libvirt-0.8.2-29.el5.x86_64.rpm libvirt-debuginfo-0.8.2-29.el5.i386.rpm libvirt-debuginfo-0.8.2-29.el5.x86_64.rpm libvirt-devel-0.8.2-29.el5.i386.rpm libvirt-devel-0.8.2-29.el5.x86_64.rpm libvirt-python-0.8.2-29.el5.x86_64.rpm i386 libvirt-0.8.2-29.el5.i386.rpm libvirt-debuginfo-0.8.2-29.el5.i386.rpm libvirt-devel-0.8.2-29.el5.i386.rpm libvirt-python-0.8.2-29.el5.i386.rpm - Scientific Linux Development Team . Minor Update for libvirt on Scientific Linux 5.x Resolves Device Access Challenges and Includes Various Bug Corrections.. libvirt update, security advisory, Scientific Linux, device access issue. . Severity: Low. LinuxSecurity.com Team

Jan 16, 2013 •Low Scientific Linux

200

security advisoryremote attackautofs

Scientific Linux SL5.x Advisory: CVE-2007-6285 Critical Autofs Risk

Important: autofs security update. Date: Fri, 21 Dec 2007 15:59:44 -0600 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for autofs on SL5.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." Synopsis: Important: autofs security update Issue date: 2007-12-20 CVE Names: CVE-2007-6285 There was a security issue with the default configuration of autofs version 5, whereby the entry for the "-hosts" map did not specify the "nodev" mount option. A local user with control of a remote NFS server could create special device files on the remote file system, that if mounted using the default "-hosts" map, could allow the user to access important system devices. (CVE-2007-6285) This issue is similar to CVE-2007-5964, which fixed a missing "nosuid" mount option in autofs. Both the "nodev" and "nosuid" options should be enabled to prevent a possible compromise of machine integrity. Due to the fact that autofs always mounted "-hosts" map entries "dev" by default, autofs has now been altered to always use the "nodev" option when mounting from the default "-hosts" map. The "dev" option must be explicitly given in the master map entry to revert to the old behavior. This change affects only the "-hosts" map which corresponds to the "/net" entry in the default configuration. SL 5.x SRPMS: autofs-5.0.1-0.rc2.55.el5.2.src.rpm i386: autofs-5.0.1-0.rc2.55.el5_1.2.i386.rpm x86_64: autofs-5.0.1-0.rc2.55.el5_1.2.x86_64.rpm -Connie Sieh -Troy Dawson . The recent security patch for Autofs in Scientific Linux addresses vulnerabilities associated with unauthorized device interactions.. autofs Security Update, Scientific Linux, NFS Vulnerability, System Integrity Fix. . Severity: Critical. LinuxSecurity.com Team

Dec 21, 2007 •Critical Scientific Linux

security advisoryRed Hatcritical

Red Hat: RHSA-2007:1177-01 Important: autofs5 Device Access Risk

Updated autofs5 technology preview packages that fix a security issue are now available for Red Hat Enterprise Linux 4.T A local user with control of a remote NFS server could create special device files on the remote file system, that if mounted using the default "-hosts" map, could allow the user to access important system devices This update has been rated as having important security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: autofs5 security update Advisory ID: RHSA-2007:1177-01 Advisory URL: https://access.redhat.com/errata/RHSA-2007:1177.html Issue date: 2007-12-20 Updated on: 2007-12-20 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-6285 - ---------------------------------------------------------------------1. Summary: Updated autofs5 technology preview packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The autofs utility controls the operation of the automount daemon, which automatically mounts file systems when you use them, and unmounts them when you are not using them. This can include network file systems and CD-ROMs. The autofs5 packages were made available as a technology preview in Red Hat Enterprise Linux 4.6. There was a security issue with the default configuration of autofs version 5, whereby the entry for the "-hosts" map did not specify the "nodev" mount option. A local user with control of a remote NFSserver could create special device files on the remote file system, that if mounted using the default "-hosts" map, could allow the user to access important system devices. (CVE-2007-6285) This issue is similar to CVE-2007-5964, which fixed a missing "nosuid" mount option in autofs. Both the "nodev" and "nosuid" options should be enabled to prevent a possible compromise of machine integrity. Due to the fact that autofs always mounted "-hosts" map entries "dev" by default, autofs has now been altered to always use the "nodev" option when mounting from the default "-hosts" map. The "dev" option must be explicitly given in the master map entry to revert to the old behavior. This change affects only the "-hosts" map which corresponds to the "/net" entry in the default configuration. All autofs5 users are advised to upgrade to these updated packages, which resolve this issue. Red Hat would like to thank Tim Baum for reporting this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bug IDs fixed (http://bugzilla.redhat.com/): 426218 - CVE-2007-6285 autofs default doesn't set nodev in /net 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: a1b2f22c851aa6b4adb4f8208dea9ded autofs5-5.0.1-0.rc2.55.el4_6.2.src.rpm i386: cd74da575ac61ae97bbb04823223dec9 autofs5-5.0.1-0.rc2.55.el4_6.2.i386.rpm d71b155d19ba7482c9461a11ae5452e1 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.i386.rpm ia64: 85ab6c8e98a25fd2c3615cbfd232b083 autofs5-5.0.1-0.rc2.55.el4_6.2.ia64.rpm 57eac7b62100c2cee28b8fc1629f2850 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.ia64.rpm ppc: cc9ea2b899a2ff380c625f2a7646bf92 autofs5-5.0.1-0.rc2.55.el4_6.2.ppc.rpm ed8cc434b7054888c57b8bafb07575ea autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.ppc.rpm s390: f4e47b1c36687a607df623577797e4d0 autofs5-5.0.1-0.rc2.55.el4_6.2.s390.rpm b075ec809427f2355e4938649aca1975 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.s390.rpm s390x: 93d34bf0ffe7aa3af3674685ae95c308 autofs5-5.0.1-0.rc2.55.el4_6.2.s390x.rpm 5fbe32ae7b09e1cfc02f3b2abaa972f2 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.s390x.rpm x86_64: 51675b74cc163e3b3ccf59c10f71164a autofs5-5.0.1-0.rc2.55.el4_6.2.x86_64.rpm 74f9ef4f29821466e3477626d5eae2ca autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: a1b2f22c851aa6b4adb4f8208dea9ded autofs5-5.0.1-0.rc2.55.el4_6.2.src.rpm i386: cd74da575ac61ae97bbb04823223dec9 autofs5-5.0.1-0.rc2.55.el4_6.2.i386.rpm d71b155d19ba7482c9461a11ae5452e1 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.i386.rpm x86_64: 51675b74cc163e3b3ccf59c10f71164a autofs5-5.0.1-0.rc2.55.el4_6.2.x86_64.rpm 74f9ef4f29821466e3477626d5eae2ca autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: a1b2f22c851aa6b4adb4f8208dea9ded autofs5-5.0.1-0.rc2.55.el4_6.2.src.rpm i386: cd74da575ac61ae97bbb04823223dec9 autofs5-5.0.1-0.rc2.55.el4_6.2.i386.rpm d71b155d19ba7482c9461a11ae5452e1 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.i386.rpm ia64: 85ab6c8e98a25fd2c3615cbfd232b083 autofs5-5.0.1-0.rc2.55.el4_6.2.ia64.rpm 57eac7b62100c2cee28b8fc1629f2850 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.ia64.rpm x86_64: 51675b74cc163e3b3ccf59c10f71164a autofs5-5.0.1-0.rc2.55.el4_6.2.x86_64.rpm 74f9ef4f29821466e3477626d5eae2ca autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: a1b2f22c851aa6b4adb4f8208dea9ded autofs5-5.0.1-0.rc2.55.el4_6.2.src.rpm i386: cd74da575ac61ae97bbb04823223dec9 autofs5-5.0.1-0.rc2.55.el4_6.2.i386.rpm d71b155d19ba7482c9461a11ae5452e1 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.i386.rpm ia64: 85ab6c8e98a25fd2c3615cbfd232b083 autofs5-5.0.1-0.rc2.55.el4_6.2.ia64.rpm 57eac7b62100c2cee28b8fc1629f2850 autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.ia64.rpm x86_64: 51675b74cc163e3b3ccf59c10f71164a autofs5-5.0.1-0.rc2.55.el4_6.2.x86_64.rpm 74f9ef4f29821466e3477626d5eae2ca autofs5-debuginfo-5.0.1-0.rc2.55.el4_6.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2007-6285 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. . The advisory issued by Red Hat regarding the autofs5 update tackles concerns related to device accessibility, significantly affecting security. Users are urged to update.. Autofs5 Update, Critical Advisory, Red Hat Security, Device Access, NFS Security. . Severity: Important. LinuxSecurity.com Team

Dec 20, 2007 •Important Red Hat

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.42%)

78.42% votes

Formal training or courses (4.32%)

4.32% votes

A job that required it (4.89%)

4.89% votes

Other (12.37%)

12.37% votes

bottom 200

Stay Secure with the Latest Linux Advisories

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

SUSE Linux Micro 6.0: 2025:20213-1 moderate: kernel patch update

Red Hat Enterprise Linux 9.0 RHSA-2023:0536 Critical Kpatch Memory Update

Fedora 33: 2021-4a91649cf3 Medium: tcmu-runner Access Control Fix

Libvirt Security Update for Device Access on Scientific Linux 5.x

Scientific Linux SL5.x Advisory: CVE-2007-6285 Critical Autofs Risk

Red Hat: RHSA-2007:1177-01 Important: autofs5 Device Access Risk

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!