Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorydenial of servicemalicious code

Mageia 9 nano Security Fix 2026-0121 Local Attack DoS Risks

MGASA-2026-0121 - Updated nano packages fix security vulnerabilities. MGASA-2026-0121 - Updated nano packages fix security vulnerabilities Publication date: 07 May 2026 URL: https://advisories.mageia.org/MGASA-2026-0121.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-6842, CVE-2026-6843 Description: Local attacker can inject malicious .desktop launcher due to insecure directory permissions. (CVE-2026-6842) Format string vulnerability leads to denial of service. (CVE-2026-6843) References: - https://bugs.mageia.org/show_bug.cgi?id=35466 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/ZLLMINU5CKQDNMS5OT7OKS5V6YQFIJUC/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6842 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6843 SRPMS: - 9/core/nano-7.2-1.2.mga9 . Updated nano packages in Mageia resolve security issues with local attacks and denial of service threats.. Mageia nano security, directory permissions, denial of service attack, local security issues. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 07, 2026 Important Mageia
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorydenial of servicecritical

Mageia 9 MGASA-2025-0204 critical: dpkg directory permissions DoS

It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial . MGASA-2025-0204 - Updated dpkg packages fix security vulnerabilities Publication date: 11 Jul 2025 URL: https://advisories.mageia.org/MGASA-2025-0204.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-6297 It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg-deb commands on adversarial .deb packages or with well compressible files, placed inside a directory with permissions not allowing removal by a non-root user, this can end up in a DoS scenario due to causing disk quota exhaustion or disk full conditions. References: - https://bugs.mageia.org/show_bug.cgi?id=34441 - - https://www.cve.org/CVERecord?id=CVE-2025-6297 SRPMS: - 9/core/dpkg-1.22.21-1.mga9 . Mageia's package management system has a significant vulnerability; lack of proper file access controls could lead to a potential service interruption. Update urgently!. Mageia Security, dpkg Risk, Critical Update, DoS Prevention, Directory Permissions. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 11, 2025 Critical Mageia
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracritical patch

Fedora 23 ZF2015-07 Critical: php-ZendFramework2 Local Escalation Risk

**Zend Framework 2.4.8** **Security Update** * **ZF2015-07**: The filesystem storage adapter of Zend\Cache was creating directories with a liberal umask that could lead to local arbitrary code execution and/or local privilege escalation. This release contains a patch that ensures the directories are created using permissions of 0775 and files using 0664 (essentially umask 0002). **Bug. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-16033 2015-09-25 07:56:18.561837 -------------------------------------------------------------------------------- Name : php-ZendFramework2 Product : Fedora 23 Version : 2.4.8 Release : 1.fc23 URL : https://framework.zend.com/ Summary : Zend Framework 2 Description : Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code and utilizes most of the new features of PHP 5.3, namely namespaces, late static binding, lambda functions and closures. Zend Framework 2 evolved from Zend Framework 1, a successful PHP framework with over 15 million downloads. Note: This meta package installs all base Zend Framework component packages (Authentication, Barcode, Cache, Captcha, Code, Config, Console, Crypt, Db, Debug, Di, Dom, Escaper, EventManager, Feed, File, Filter, Form, Http, I18n, InputFilter, Json, Ldap, Loader, Log, Mail, Math, Memory, Mime, ModuleManager, Mvc, Navigation, Paginator, Permissions-Acl, Permissions-Rbac, ProgressBar, Serializer, Server, ServiceManager, Session, Soap, Stdlib, Tag, Test, Text, Uri, Validator, Version, View, XmlRpc) except the optional Cache-apc and Cache-memcached packages. -------------------------------------------------------------------------------- Update Information: **Zend Framework 2.4.8** **Security Update** * **ZF2015-07**: The filesystem storage adapter of Zend\Cache was creating directories with a liberal umask that could lead to local arbitrarycode execution and/or local privilege escalation. This release contains a patch that ensures the directories are created using permissions of 0775 and files using 0664 (essentially umask 0002). **Bug fixed** from upstream [Changelog]() * validate against DateTimeImmutable instead of DateTimeInterface * treat 0.0 as non-empty, restoring pre-2.4 behavior * deprecate "magic" logic for auto- attaching NonEmpty validators in favor of explicit attachment * ensure fallback values work as per pre-2.4 behavior * update the InputFilterInterface::add() docblock to match implementations * Fix how missing optoinal fields are validated to match pre 2.4.0 behavior * deprecate AllowEmpty and ContinueIfEmpty annotations, per zend-inputfilter#26 * fix typos in aria attribute names of AbstractHelper * fixes the ContentType header to properly handle encoded parameter values * fixes the Sender header to allow mailbox addresses without TLDs * fixes parsing of messages that contain an initial blank line before headers * fixes the SetCookie header to allow multiline values (as they are always encoded * fixes DefaultRenderingStrategy errors due to controllersreturning non-view model results -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update php-ZendFramework2' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . The recent upgrade for Fedora 23 addresses a vulnerability in Zend Framework 2 that affects directory access rights and execution vulnerabilities.. phpSecurity Update,Fedora Framework,Zend Framework Issue,Local Escalation Risks. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 25, 2015 Critical Fedora
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorylow severityautomake

Scientific Linux: Automake Low Severity Advisory CVE-2009-4029

Low: automake security update. Date: Tue, 27 Apr 2010 10:56:20 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Low: automake on SL5.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." Synopsis: Low: automake security update Issue date: 2010-03-30 CVE Names: CVE-2009-4029 Automake-generated Makefiles made certain directories world-writable when preparing source archives, as was recommended by the GNU Coding Standards. If a malicious, local user could access the directory where a victim was creating distribution archives, they could use this flaw to modify the files being added to those archives. Makefiles generated by these updated automake packages no longer make distribution directories world-writable, as recommended by the updated GNU Coding Standards. (CVE-2009-4029) Note: This issue affected Makefile targets used by developers to prepare distribution source archives. Those targets are not used when compiling programs from the source code. SL 5.x SRPMS: automake-1.9.6-2.3.el5.src.rpm automake14-1.4p6-13.el5.1.src.rpm automake15-1.5-16.el5.2.src.rpm automake16-1.6.3-8.el5.1.src.rpm automake17-1.7.9-7.el5.2.src.rpm i386: automake14-1.4p6-13.el5.1.noarch.rpm automake15-1.5-16.el5.2.noarch.rpm automake16-1.6.3-8.el5.1.noarch.rpm automake17-1.7.9-7.el5.2.noarch.rpm automake-1.9.6-2.3.el5.noarch.rpm x86_64: automake14-1.4p6-13.el5.1.noarch.rpm automake15-1.5-16.el5.2.noarch.rpm automake16-1.6.3-8.el5.1.noarch.rpm automake17-1.7.9-7.el5.2.noarch.rpm automake-1.9.6-2.3.el5.noarch.rpm -Connie Sieh -Troy Dawson . Minor urgency automake security patch for Scientific Linux addressing possible directory access concerns.. automake security update, Scientific Linux advisory, low severity security fix. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Apr 27, 2010 Low Scientific Linux
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here