Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
203
security advisorydevice managementbugfixMageia 9: nvidia-current Bugfix Advisory MGAA-2025-0091
MGAA-2025-0091 - Updated nvidia-current packages fix bug. MGAA-2025-0091 - Updated nvidia-current packages fix bug Publication date: 07 Nov 2025 URL: https://advisories.mageia.org/MGAA-2025-0091.html Type: bugfix Affected Mageia releases: 9 Description: Added support for YCbCr 4:2:2 display modes over HDMI Fixed Rate Link (FRL). This capability is only supported on Blackwell or later. Downgraded an error message "Failed to allocate NvKmsKapiDevice" to an informational message "NUMA was not set up yet; ignoring this device" when initializing nvidia-drm in cases where initialization is expected to fail due to NUMA not being online. Fixed a bug that caused interactive object outlines to not be rendered in Indiana Jones and the Great Circle. Fixed a regression introduced in the 575 driver series that caused GPUs to be powered on unnecessarily when processing redundant system power source notifications from the ACPI subsystem. References: - https://bugs.mageia.org/show_bug.cgi?id=34712 - https://www.nvidia.com/en-us/drivers/details/254665/ SRPMS: - 9/nonfree/nvidia-current-580.95.05-1.mga9.nonfree . Updated nvidia-current packages in Mageia resolve critical bugs and improve HDMI display modes for enhanced performance.. Mageia updates,nvidia-current bugfix,device management improvements,HDMI display support. . Severity: Informational. LinuxSecurity.com Team
Nov 07, 2025
•Informational
Mageia
100
security advisorymoderatedevice managementSUSE Linux Enterprise: 2024:0830-1 Moderate: Xen Device Oversight
* bsc#1027519 * bsc#1218851 * bsc#1219080 * bsc#1219885 . # Security update for xen Announcement ID: SUSE-SU-2024:0830-1 Rating: moderate References: * bsc#1027519 * bsc#1218851 * bsc#1219080 * bsc#1219885 Cross-References: * CVE-2023-46839 * CVE-2023-46840 * CVE-2023-46841 CVSS scores: * CVE-2023-46839 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-46840 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-46841 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-46839: Fixed memory access through PCI device with phantom functions (XSA-449) (bsc#1218851). * CVE-2023-46840: Fixed Failure to quarantine devices in !HVM builds (XSA-450) (bsc#1219080). * CVE-2023-46841: Fixed shadow stack vs exceptions from emulation stubs (XSA-451) (bsc#1219885). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-830=1 openSUSE-SLE-15.5-2024-830=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-830=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-830=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-830=1 ##Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-devel-4.17.3_06-150500.3.24.1 * xen-tools-domU-4.17.3_06-150500.3.24.1 * xen-libs-4.17.3_06-150500.3.24.1 * xen-debugsource-4.17.3_06-150500.3.24.1 * xen-tools-domU-debuginfo-4.17.3_06-150500.3.24.1 * xen-libs-debuginfo-4.17.3_06-150500.3.24.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-debuginfo-4.17.3_06-150500.3.24.1 * xen-libs-32bit-4.17.3_06-150500.3.24.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-doc-html-4.17.3_06-150500.3.24.1 * xen-4.17.3_06-150500.3.24.1 * xen-tools-4.17.3_06-150500.3.24.1 * xen-tools-debuginfo-4.17.3_06-150500.3.24.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.3_06-150500.3.24.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-4.17.3_06-150500.3.24.1 * xen-libs-64bit-debuginfo-4.17.3_06-150500.3.24.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-debugsource-4.17.3_06-150500.3.24.1 * xen-libs-debuginfo-4.17.3_06-150500.3.24.1 * xen-libs-4.17.3_06-150500.3.24.1 * Basesystem Module 15-SP5 (x86_64) * xen-tools-domU-4.17.3_06-150500.3.24.1 * xen-libs-4.17.3_06-150500.3.24.1 * xen-debugsource-4.17.3_06-150500.3.24.1 * xen-tools-domU-debuginfo-4.17.3_06-150500.3.24.1 * xen-libs-debuginfo-4.17.3_06-150500.3.24.1 * Server Applications Module 15-SP5 (x86_64) * xen-tools-debuginfo-4.17.3_06-150500.3.24.1 * xen-devel-4.17.3_06-150500.3.24.1 * xen-tools-4.17.3_06-150500.3.24.1 * xen-debugsource-4.17.3_06-150500.3.24.1 * xen-4.17.3_06-150500.3.24.1 * Server Applications Module 15-SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.3_06-150500.3.24.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46839.html * https://www.suse.com/security/cve/CVE-2023-46840.html * https://www.suse.com/security/cve/CVE-2023-46841.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1218851 *https://bugzilla.suse.com/show_bug.cgi?id=1219080 * https://bugzilla.suse.com/show_bug.cgi?id=1219885 . Latest update for resolving memory access challenges related to xen addresses and enhancing device oversight within SUSE environments. Ensure installation of the most recent security updates.. SUSE Update,xen Advisory,Device Management,xen Fix. . LinuxSecurity.com Team
Mar 11, 2024
SuSE
89
security advisorycriticalFedoraFedora 38: 2024-4b2cf8c375 Critical: Xen Cache and Context Fixes
arm32: The cache may not be properly cleaned/invalidated (take two) [XSA-447, CVE-2023-46837] pci: phantom functions assigned to incorrect contexts [XSA-449, CVE-2023-46839] VT-d: Failure to quarantine devices in !HVM build [XSA-450,. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-4b2cf8c375 2024-02-15 01:41:57.775532 -------------------------------------------------------------------------------- Name : xen Product : Fedora 38 Version : 4.17.2 Release : 6.fc38 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: arm32: The cache may not be properly cleaned/invalidated (take two) [XSA-447, CVE-2023-46837] pci: phantom functions assigned to incorrect contexts [XSA-449, CVE-2023-46839] VT-d: Failure to quarantine devices in !HVM build [XSA-450, CVE-2023-46840] -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 30 2024 Michael Young - 4.17.2-6 - arm32: The cache may not be properly cleaned/invalidated (take two) [XSA-447, CVE-2023-46837] - pci: phantom functions assigned to incorrect contexts [XSA-449, CVE-2023-46839] - VT-d: Failure to quarantine devices in !HVM build [XSA-450, CVE-2023-46840] -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-4b2cf8c375' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can befound at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 15, 2024
•Critical
Fedora
89
security advisoryFedorasecurity fixFedora 38: FEDORA-2023-48c43df788 Critical: fwupd Firmware Update
This release adds the following features: * Add a launchd agent for macOS * Add a new security attribute for BIOS capsule updates to be enabled * Add functionality to fix specific host security attributes * Add global information from the context into the report data * Add support for coSWID payload sections * Add support for parsing the EDID * Allow adding only-quirk instance IDs from. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-48c43df788 2023-10-09 01:54:42.687400 -------------------------------------------------------------------------------- Name : fwupd Product : Fedora 38 Version : 1.9.6 Release : 1.fc38 URL : https://github.com/fwupd/fwupd Summary : Firmware update daemon Description : fwupd is a daemon to allow session software to update device firmware. -------------------------------------------------------------------------------- Update Information: This release adds the following features: * Add a launchd agent for macOS * Add a new security attribute for BIOS capsule updates to be enabled * Add functionality to fix specific host security attributes * Add global information from the context into the report data * Add support for coSWID payload sections * Add support for parsing the EDID * Allow adding only-quirk instance IDs from quirk files * Install a sysusers.d systemd file when using -Dsystemd_unit_user This release fixes the following bugs: * Allow devices to require a connected display * Allow Wacom modules to specify a status polling interval * Do not show Intel CET unsupported as success * Do not show multiple Genesys GL32xx devices for the same physical device * Fix a fuzzing timeout in the HID descriptor parser * Recalculate the SUPPORTED flag after adopting a child device * Reduce the amount of memory used when chunking large firmware * Speed up logitech-bulkcontroller firmware updates * Stop reading ownership and TPM flashesleft in Dell plugin * Try to use the LVFS when using report-history --force * Write the coSWID TAG_ID as a bytestring when possible This release adds support for the following hardware: * AMD dGPUs, Navi3x and above * Foxconn SDX12, SDX55 and SDX6X devices * Google Rex Intel USB-4 retimers * MediaTek DP AUX Scalers * Quectel EM160 module * Star Labs StarBook Mk VIr2 * VLI VL105-VL109 * Wacom DTH134 and DTC121 Tablets -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 6 2023 Richard Hughes - 1.9.6-1 - New upstream release -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-48c43df788' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Oct 09, 2023
•Critical
Fedora
89
security advisoryFedoraupdate notificationFedora 31 fwupd: FEDORA-2020-ad1c74c2a1 Critical: Firmware Updates
- New upstream release - Actually reload the DFU device after upgrade has completed - Capture the dock SKU in report metadata - Correctly set the Logitech device protocol - Do not use shim for non-secure boot configurations - Ensure that the DeviceID is set for child devices - Fix an error when detaching MSP430 - Fix the DeviceID set by GetDetails - Force the prometheus minor version from. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-ad1c74c2a1 2020-06-26 01:06:35.371435 --------------------------------------------------------------------------------Name : fwupd Product : Fedora 31 Version : 1.3.10 Release : 1.fc31 URL : https://github.com/fwupd/fwupd Summary : Firmware update daemon Description : fwupd is a daemon to allow session software to update device firmware. --------------------------------------------------------------------------------Update Information: - New upstream release - Actually reload the DFU device after upgrade has completed - Capture the dock SKU in report metadata - Correctly set the Logitech device protocol - Do not use shim for non-secure boot configurations - Ensure that the DeviceID is set for child devices - Fix an error when detaching MSP430 - Fix the DeviceID set by GetDetails - Force the prometheus minor version from 0x02 to 0x01 - Parse the CSR firmware as a DFU file - Prevent dell-dock updates to occur via synaptics-mst plugin - Rather than hardcoding thunderbolt to PCI slot numbers, use domain in GUID - Remove a dock device from the whitelist that is never going to be updated - Validate that gpgme_op_verify_result() returned at least one signature - Wait for the cxaudio device to reboot after writing firmware - Fixes CVE-2020-10759 --------------------------------------------------------------------------------ChangeLog: * Tue Jun 9 2020 Richard Hughes 1.3.10-1 - New upstream release - Actually reload the DFU device after upgrade hascompleted - Capture the dock SKU in report metadata - Correctly set the Logitech device protocol - Do not use shim for non-secure boot configurations - Ensure that the DeviceID is set for child devices - Fix an error when detaching MSP430 - Fix the DeviceID set by GetDetails - Force the prometheus minor version from 0x02 to 0x01 - Parse the CSR firmware as a DFU file - Prevent dell-dock updates to occur via synaptics-mst plugin - Rather than hardcoding thunderbolt to PCI slot numbers, use domain in GUID - Remove a dock device from the whitelist that is never going to be updated - Validate that gpgme_op_verify_result() returned at least one signature - Wait for the cxaudio device to reboot after writing firmware - Fixes CVE-2020-10759 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-ad1c74c2a1' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jun 25, 2020
•Critical
Fedora
89
security advisorydenial of servicefedoraFedora 26: 2017:6f8fcff58c Critical: Systemd DoS and Device Fix
- systemd-detect-virt QEMU CPUID logic update - Fix cryptsetup devices disappearing when used for btrfs - Fix rfkill on some thinkpads - Extend dbus timeouts to handle slow dbus daemon startup - Fix systemd-resolved DOS with crafted NSEC packets (LP#1725351) - Backport /etc/crypttab _netdev feature from upstream - Update hwdb (No need to reboot.). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-6f8fcff58c 2017-10-31 23:12:40.428657 --------------------------------------------------------------------------------Name : systemd Product : Fedora 26 Version : 233 Release : 7.fc26 URL : https://https:// Summary : System and Service Manager Description : systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. systemd supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts of this package are a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users and running containers and virtual machines, system accounts, runtime directories and settings, and daemons to manage simple network configuration, network time synchronization, log forwarding, and name resolution. --------------------------------------------------------------------------------Update Information: - systemd-detect-virt QEMU CPUID logic update - Fix cryptsetup devices disappearing when used for btrfs - Fix rfkill on some thinkpads - Extend dbus timeouts to handle slow dbus daemon startup - Fix systemd-resolved DOS with crafted NSEC packets (LP#1725351) - Backport/etc/crypttab _netdev feature from upstream - Update hwdb (No need to reboot.) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade systemd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 01, 2017
•Critical
Fedora
89
security advisorysecurity updateFedora CoreFedora Core 3: 2004-01-06 Moderate: Hotplug USB Removal Fix
This adds a fix to properly set the path for devices on USB removal.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2004-537 2005-01-06 ---------------------------------------------------------------------Product : Fedora Core 3 Name : hotplug Version : 2004_04_01 Release : 8.1 Summary : A helper application which loads modules for USB devices. Description : The term "hotplugging" refers to the dynamic reconfiguration performed after a device has been attached to a running system. This package contains the application which is called by the kernel when a USB device is added; hotplug then loads the required modules for that device. ---------------------------------------------------------------------Update Information: This adds a fix to properly set the path for devices on USB removal. ---------------------------------------------------------------------* Tue Nov 16 2004 Bill Nottingham 3:2004_04_01-8.1 - fix usb remove events (#121511, ) ---------------------------------------------------------------------This update can be downloaded from: 945e1684f0be2dc81c263e0acf73fe86 SRPMS/hotplug-2004_04_01-8.1.src.rpm 73404cb0db8760527bafb272d1b71eca x86_64/hotplug-2004_04_01-8.1.x86_64.rpm 894aae1fd58531f4b7f56e3e0616d3cd x86_64/debug/hotplug-debuginfo-2004_04_01-8.1.x86_64.rpm 3ba265280e11a41c31897ad32acf84ae i386/hotplug-2004_04_01-8.1.i386.rpm d222b03eb8d76ceab9cd9cd9fda151b5 i386/debug/hotplug-debuginfo-2004_04_01-8.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list
Jan 06, 2005
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!