Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorymoderatesecurity update

Rocky Linux 8 RLSA-2022:370 Moderate: Cryptsetup Update Threat

Moderate: cryptsetup security update. \{'type': 'Security', 'shortCode': 'RL', 'name': 'RLSA-2022:370', 'synopsis': 'Moderate: cryptsetup security update', 'severity': 'Moderate', 'topic': 'An update for cryptsetup is now available for Rocky Linux 8.\nRocky Linux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.', 'description': 'The cryptsetup packages provide a utility for setting up disk encryption using the dm-crypt kernel module.\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.', 'solution': None, 'affectedProducts': ['Rocky Linux 8'], 'fixes': ['2032401'], 'cves': ['Red Hat:::https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4122.json:::CVE-2021-4122'], 'references': [], 'publishedAt': '2022-02-02T04:36:32.015968Z', 'rpms': ['cryptsetup-2.3.3-4.el8_5.1.aarch64.rpm', 'cryptsetup-2.3.3-4.el8_5.1.src.rpm', 'cryptsetup-2.3.3-4.el8_5.1.x86_64.rpm', 'cryptsetup-debuginfo-2.3.3-4.el8_5.1.aarch64.rpm', 'cryptsetup-debuginfo-2.3.3-4.el8_5.1.i686.rpm', 'cryptsetup-debuginfo-2.3.3-4.el8_5.1.x86_64.rpm', 'cryptsetup-debugsource-2.3.3-4.el8_5.1.aarch64.rpm', 'cryptsetup-debugsource-2.3.3-4.el8_5.1.i686.rpm', 'cryptsetup-debugsource-2.3.3-4.el8_5.1.x86_64.rpm', 'cryptsetup-devel-2.3.3-4.el8_5.1.aarch64.rpm', 'cryptsetup-devel-2.3.3-4.el8_5.1.i686.rpm', 'cryptsetup-devel-2.3.3-4.el8_5.1.x86_64.rpm', 'cryptsetup-libs-2.3.3-4.el8_5.1.aarch64.rpm', 'cryptsetup-libs-2.3.3-4.el8_5.1.i686.rpm', 'cryptsetup-libs-2.3.3-4.el8_5.1.x86_64.rpm', 'cryptsetup-libs-debuginfo-2.3.3-4.el8_5.1.aarch64.rpm', 'cryptsetup-libs-debuginfo-2.3.3-4.el8_5.1.i686.rpm', 'cryptsetup-libs-debuginfo-2.3.3-4.el8_5.1.x86_64.rpm', 'cryptsetup-reencrypt-2.3.3-4.el8_5.1.aarch64.rpm','cryptsetup-reencrypt-2.3.3-4.el8_5.1.x86_64.rpm', 'cryptsetup-reencrypt-debuginfo-2.3.3-4.el8_5.1.aarch64.rpm', 'cryptsetup-reencrypt-debuginfo-2.3.3-4.el8_5.1.x86_64.rpm', 'integritysetup-2.3.3-4.el8_5.1.aarch64.rpm', 'integritysetup-2.3.3-4.el8_5.1.x86_64.rpm', 'integritysetup-debuginfo-2.3.3-4.el8_5.1.aarch64.rpm', 'integritysetup-debuginfo-2.3.3-4.el8_5.1.x86_64.rpm', 'veritysetup-2.3.3-4.el8_5.1.aarch64.rpm', 'veritysetup-2.3.3-4.el8_5.1.x86_64.rpm', 'veritysetup-debuginfo-2.3.3-4.el8_5.1.aarch64.rpm', 'veritysetup-debuginfo-2.3.3-4.el8_5.1.x86_64.rpm']}\. Rocky Linux 8 has released a significant security patch for OpenSSL, targeting possible risks and weaknesses.. Rocky Linux Security, Cryptsetup Update, Disk Encryption, Security Patch. . LinuxSecurity.com Team

Calendar 2 Sep 02, 2022 Rocky Linux
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorysecurity issueubuntu

Ubuntu 20.04 LTS: USN-5286-1 Moderate: Cryptsetup Sensitive Exposure

cryptsetup could be made to expose sensitive information.. =========================================================================Ubuntu Security Notice USN-5286-1 February 15, 2022 cryptsetup vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.10 - Ubuntu 20.04 LTS Summary: cryptsetup could be made to expose sensitive information. Software Description: - cryptsetup: disk encryption support Details: Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may trigger the device to be unencrypted the next time it is mounted by the user. On Ubuntu 20.04 LTS, this issue was fixed by disabling the online reencryption feature. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: cryptsetup 2:2.3.7-0ubuntu0.21.10.1 Ubuntu 20.04 LTS: cryptsetup 2:2.2.2-3ubuntu2.4 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5286-1 CVE-2021-4122 Package Information: https://launchpad.net/ubuntu/+source/cryptsetup/2:2.3.7-0ubuntu0.21.10.1 https://launchpad.net/ubuntu/+source/cryptsetup/2:2.2.2-3ubuntu2.4 . A flaw in Cryptsetup exposes confidential data on Ubuntu machines, signaling a major security threat.. Cryptsetup Vulnerability, Ubuntu Security Notice, Sensitive Information Exposure. . LinuxSecurity.com Team

Calendar 2 Feb 15, 2022 Ubuntu
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorasecurity fix

Fedora 34: 2022-61b55b6ebc Moderate: Cryptsetup CVE-2021-4122 Security

Security fix for CVE-2021-4122.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-61b55b6ebc 2022-01-26 23:39:02.084895 --------------------------------------------------------------------------------Name : cryptsetup Product : Fedora 34 Version : 2.3.7 Release : 1.fc34 URL : https://gitlab.com/cryptsetup/cryptsetup Summary : Utility for setting up encrypted disks Description : The cryptsetup package contains a utility for setting up disk encryption using dm-crypt kernel module. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2021-4122. --------------------------------------------------------------------------------ChangeLog: * Thu Jan 13 2022 Ondrej Kozina - 2.3.7-1 - Update to cryptsetup 2.3.7. --------------------------------------------------------------------------------References: [ 1 ] Bug #2032401 - CVE-2021-4122 cryptsetup: disable encryption via header rewrite https://bugzilla.redhat.com/show_bug.cgi?id=2032401 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-61b55b6ebc' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . The latest patch for Ubuntu 20.04 tackles CVE-2021-4123 enhancing file system integrity through the LUKS encryption feature.. Fedora Update,Cryptsetup Security,Disk Encryption,Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 26, 2022 Important Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updateRed Hat

Red Hat Enterprise Linux 8.2: Security Update RHSA-2021:0258 for Cryptsetup

An update for cryptsetup is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: cryptsetup security update Advisory ID: RHSA-2021:0258-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0258 Issue date: 2021-01-26 CVE Names: CVE-2020-14382 ==================================================================== 1. Summary: An update for cryptsetup is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64 3. Description: The cryptsetup packages provide a utility for setting up disk encryption using the dm-crypt kernel module. Security Fix(es): * cryptsetup: Out-of-bounds write when validating segments (CVE-2020-14382) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1874712 - CVE-2020-14382 cryptsetup: Out-of-bounds write when validating segments 6.Package List: Red Hat Enterprise Linux AppStream EUS (v. 8.2): aarch64: cryptsetup-debuginfo-2.2.2-1.el8_2.1.aarch64.rpm cryptsetup-debugsource-2.2.2-1.el8_2.1.aarch64.rpm cryptsetup-devel-2.2.2-1.el8_2.1.aarch64.rpm cryptsetup-libs-debuginfo-2.2.2-1.el8_2.1.aarch64.rpm cryptsetup-reencrypt-debuginfo-2.2.2-1.el8_2.1.aarch64.rpm integritysetup-debuginfo-2.2.2-1.el8_2.1.aarch64.rpm veritysetup-debuginfo-2.2.2-1.el8_2.1.aarch64.rpm ppc64le: cryptsetup-debuginfo-2.2.2-1.el8_2.1.ppc64le.rpm cryptsetup-debugsource-2.2.2-1.el8_2.1.ppc64le.rpm cryptsetup-devel-2.2.2-1.el8_2.1.ppc64le.rpm cryptsetup-libs-debuginfo-2.2.2-1.el8_2.1.ppc64le.rpm cryptsetup-reencrypt-debuginfo-2.2.2-1.el8_2.1.ppc64le.rpm integritysetup-debuginfo-2.2.2-1.el8_2.1.ppc64le.rpm veritysetup-debuginfo-2.2.2-1.el8_2.1.ppc64le.rpm s390x: cryptsetup-debuginfo-2.2.2-1.el8_2.1.s390x.rpm cryptsetup-debugsource-2.2.2-1.el8_2.1.s390x.rpm cryptsetup-devel-2.2.2-1.el8_2.1.s390x.rpm cryptsetup-libs-debuginfo-2.2.2-1.el8_2.1.s390x.rpm cryptsetup-reencrypt-debuginfo-2.2.2-1.el8_2.1.s390x.rpm integritysetup-debuginfo-2.2.2-1.el8_2.1.s390x.rpm veritysetup-debuginfo-2.2.2-1.el8_2.1.s390x.rpm x86_64: cryptsetup-debuginfo-2.2.2-1.el8_2.1.i686.rpm cryptsetup-debuginfo-2.2.2-1.el8_2.1.x86_64.rpm cryptsetup-debugsource-2.2.2-1.el8_2.1.i686.rpm cryptsetup-debugsource-2.2.2-1.el8_2.1.x86_64.rpm cryptsetup-devel-2.2.2-1.el8_2.1.i686.rpm cryptsetup-devel-2.2.2-1.el8_2.1.x86_64.rpm cryptsetup-libs-debuginfo-2.2.2-1.el8_2.1.i686.rpm cryptsetup-libs-debuginfo-2.2.2-1.el8_2.1.x86_64.rpm cryptsetup-reencrypt-debuginfo-2.2.2-1.el8_2.1.i686.rpm cryptsetup-reencrypt-debuginfo-2.2.2-1.el8_2.1.x86_64.rpm integritysetup-debuginfo-2.2.2-1.el8_2.1.i686.rpm integritysetup-debuginfo-2.2.2-1.el8_2.1.x86_64.rpm veritysetup-debuginfo-2.2.2-1.el8_2.1.i686.rpm veritysetup-debuginfo-2.2.2-1.el8_2.1.x86_64.rpm Red Hat Enterprise Linux BaseOS EUS (v.8.2): Source: cryptsetup-2.2.2-1.el8_2.1.src.rpm aarch64: cryptsetup-2.2.2-1.el8_2.1.aarch64.rpm cryptsetup-debuginfo-2.2.2-1.el8_2.1.aarch64.rpm cryptsetup-debugsource-2.2.2-1.el8_2.1.aarch64.rpm cryptsetup-libs-2.2.2-1.el8_2.1.aarch64.rpm cryptsetup-libs-debuginfo-2.2.2-1.el8_2.1.aarch64.rpm cryptsetup-reencrypt-2.2.2-1.el8_2.1.aarch64.rpm cryptsetup-reencrypt-debuginfo-2.2.2-1.el8_2.1.aarch64.rpm integritysetup-2.2.2-1.el8_2.1.aarch64.rpm integritysetup-debuginfo-2.2.2-1.el8_2.1.aarch64.rpm veritysetup-2.2.2-1.el8_2.1.aarch64.rpm veritysetup-debuginfo-2.2.2-1.el8_2.1.aarch64.rpm ppc64le: cryptsetup-2.2.2-1.el8_2.1.ppc64le.rpm cryptsetup-debuginfo-2.2.2-1.el8_2.1.ppc64le.rpm cryptsetup-debugsource-2.2.2-1.el8_2.1.ppc64le.rpm cryptsetup-libs-2.2.2-1.el8_2.1.ppc64le.rpm cryptsetup-libs-debuginfo-2.2.2-1.el8_2.1.ppc64le.rpm cryptsetup-reencrypt-2.2.2-1.el8_2.1.ppc64le.rpm cryptsetup-reencrypt-debuginfo-2.2.2-1.el8_2.1.ppc64le.rpm integritysetup-2.2.2-1.el8_2.1.ppc64le.rpm integritysetup-debuginfo-2.2.2-1.el8_2.1.ppc64le.rpm veritysetup-2.2.2-1.el8_2.1.ppc64le.rpm veritysetup-debuginfo-2.2.2-1.el8_2.1.ppc64le.rpm s390x: cryptsetup-2.2.2-1.el8_2.1.s390x.rpm cryptsetup-debuginfo-2.2.2-1.el8_2.1.s390x.rpm cryptsetup-debugsource-2.2.2-1.el8_2.1.s390x.rpm cryptsetup-libs-2.2.2-1.el8_2.1.s390x.rpm cryptsetup-libs-debuginfo-2.2.2-1.el8_2.1.s390x.rpm cryptsetup-reencrypt-2.2.2-1.el8_2.1.s390x.rpm cryptsetup-reencrypt-debuginfo-2.2.2-1.el8_2.1.s390x.rpm integritysetup-2.2.2-1.el8_2.1.s390x.rpm integritysetup-debuginfo-2.2.2-1.el8_2.1.s390x.rpm veritysetup-2.2.2-1.el8_2.1.s390x.rpm veritysetup-debuginfo-2.2.2-1.el8_2.1.s390x.rpm x86_64: cryptsetup-2.2.2-1.el8_2.1.x86_64.rpm cryptsetup-debuginfo-2.2.2-1.el8_2.1.i686.rpm cryptsetup-debuginfo-2.2.2-1.el8_2.1.x86_64.rpm cryptsetup-debugsource-2.2.2-1.el8_2.1.i686.rpm cryptsetup-debugsource-2.2.2-1.el8_2.1.x86_64.rpm cryptsetup-libs-2.2.2-1.el8_2.1.i686.rpm cryptsetup-libs-2.2.2-1.el8_2.1.x86_64.rpm cryptsetup-libs-debuginfo-2.2.2-1.el8_2.1.i686.rpm cryptsetup-libs-debuginfo-2.2.2-1.el8_2.1.x86_64.rpm cryptsetup-reencrypt-2.2.2-1.el8_2.1.x86_64.rpm cryptsetup-reencrypt-debuginfo-2.2.2-1.el8_2.1.i686.rpm cryptsetup-reencrypt-debuginfo-2.2.2-1.el8_2.1.x86_64.rpm integritysetup-2.2.2-1.el8_2.1.x86_64.rpm integritysetup-debuginfo-2.2.2-1.el8_2.1.i686.rpm integritysetup-debuginfo-2.2.2-1.el8_2.1.x86_64.rpm veritysetup-2.2.2-1.el8_2.1.x86_64.rpm veritysetup-debuginfo-2.2.2-1.el8_2.1.i686.rpm veritysetup-debuginfo-2.2.2-1.el8_2.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-14382 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYA/7ptzjgjWX9erEAQi9eQ/+KOhQyphQhgBr3IOyfdJGTZ6zslQZ4nlI o2nBkSuIucstRk/4WYNB8VESvmVhTJ0iDaIpw5FQtsbGWsxObRWj1Lr8QOZN4/RO 2dwepA0khBEoDNaHXIfxsMeTJxJiFQju8Urd7Il2nSpQ3caXenonTHUSwVKVG79p +8GJrQInUvaQgQ7N4855/+WkjPDZlO+bG4iU/9kEsyHbfqw2GIta3l0jChbmzDSn /LSzHISNjpAn8MObpVri1dLmAvGLs8ZC6S3moO2cYKRtPmrOakei2kJ5xorhU5FN NhxeNw27rE08oBPQzDfbXaUuses8EiJdOI5TarixQJ51Hv3omnF5AbmWULcXegxr Pfzkrp9lob4fenKLaXCk+mKOHv+fDGIAlXA9TiUDnzj0ovd/Uu6VH0DqjaAXkswT JTL9PWZ8YAdG7ZqHjLMDkGaZ5vvcqy7ZLudybjY0AwS1xKbR6Xl47ESOzYngrnCo +PfGIepTnbk0O8fvzIFeHESadMXArbznyp66l+Dp9f1l0pUcYJWzmY49HlrIV5Yv SgtXTF3aAz1ZCudogmVV0NwCJmdBBTsxUY65J8mL2z7AwdZYlysfasXSweYEpNai YfIeshY03zaTx+PvOE0GFit5UVz7YMQqSnPYeiIiTLSrP1MSDPZ8opYGgSl7NmUE YqugkP/81Nc=AxK2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical cryptsetup patch released for Red Hat Enterprise Linux 8.2 resolving memory corruption vulnerability.. cryptsetup Update, Red Hat Advisory, Disk Encryption Fix. . LinuxSecurity.com Team

Calendar 2 Jan 26, 2021 Red Hat
Banner 4 1028x280 1708121825 1771600306
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity issue

RedHat: RHSA-2020-4542 Moderate: Cryptsetup Out-Of-Bounds Write

An update for cryptsetup is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: cryptsetup security, bug fix, and enhancement update Advisory ID: RHSA-2020:4542-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4542 Issue date: 2020-11-03 CVE Names: CVE-2020-14382 ==================================================================== 1. Summary: An update for cryptsetup is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The cryptsetup packages provide a utility for setting up disk encryption using the dm-crypt kernel module. The following packages have been upgraded to a later upstream version: cryptsetup (2.3.3). (BZ#1796826) Security Fix(es): * cryptsetup: Out-of-bounds write when validating segments (CVE-2020-14382) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the Referencessection. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1743891 - Attempting to use cryptsetup-reencrypt on new "cryptsetup reencrypt" formated luks device fails due to "Online reencryption in progress. Aborting." 1785748 - Expose crypt_safe_free in libcryptsetup public API 1796826 - Rebase cryptsetup to 2.3.0 1874712 - CVE-2020-14382 cryptsetup: Out-of-bounds write when validating segments 6. Package List: Red Hat Enterprise Linux AppStream (v.8): aarch64: cryptsetup-debuginfo-2.3.3-2.el8.aarch64.rpm cryptsetup-debugsource-2.3.3-2.el8.aarch64.rpm cryptsetup-devel-2.3.3-2.el8.aarch64.rpm cryptsetup-libs-debuginfo-2.3.3-2.el8.aarch64.rpm cryptsetup-reencrypt-debuginfo-2.3.3-2.el8.aarch64.rpm integritysetup-debuginfo-2.3.3-2.el8.aarch64.rpm veritysetup-debuginfo-2.3.3-2.el8.aarch64.rpm ppc64le: cryptsetup-debuginfo-2.3.3-2.el8.ppc64le.rpm cryptsetup-debugsource-2.3.3-2.el8.ppc64le.rpm cryptsetup-devel-2.3.3-2.el8.ppc64le.rpm cryptsetup-libs-debuginfo-2.3.3-2.el8.ppc64le.rpm cryptsetup-reencrypt-debuginfo-2.3.3-2.el8.ppc64le.rpm integritysetup-debuginfo-2.3.3-2.el8.ppc64le.rpm veritysetup-debuginfo-2.3.3-2.el8.ppc64le.rpm s390x: cryptsetup-debuginfo-2.3.3-2.el8.s390x.rpm cryptsetup-debugsource-2.3.3-2.el8.s390x.rpm cryptsetup-devel-2.3.3-2.el8.s390x.rpm cryptsetup-libs-debuginfo-2.3.3-2.el8.s390x.rpm cryptsetup-reencrypt-debuginfo-2.3.3-2.el8.s390x.rpm integritysetup-debuginfo-2.3.3-2.el8.s390x.rpm veritysetup-debuginfo-2.3.3-2.el8.s390x.rpm x86_64: cryptsetup-debuginfo-2.3.3-2.el8.i686.rpm cryptsetup-debuginfo-2.3.3-2.el8.x86_64.rpm cryptsetup-debugsource-2.3.3-2.el8.i686.rpm cryptsetup-debugsource-2.3.3-2.el8.x86_64.rpm cryptsetup-devel-2.3.3-2.el8.i686.rpm cryptsetup-devel-2.3.3-2.el8.x86_64.rpm cryptsetup-libs-debuginfo-2.3.3-2.el8.i686.rpm cryptsetup-libs-debuginfo-2.3.3-2.el8.x86_64.rpm cryptsetup-reencrypt-debuginfo-2.3.3-2.el8.i686.rpm cryptsetup-reencrypt-debuginfo-2.3.3-2.el8.x86_64.rpm integritysetup-debuginfo-2.3.3-2.el8.i686.rpm integritysetup-debuginfo-2.3.3-2.el8.x86_64.rpm veritysetup-debuginfo-2.3.3-2.el8.i686.rpm veritysetup-debuginfo-2.3.3-2.el8.x86_64.rpm Red Hat Enterprise Linux BaseOS (v.8): Source: cryptsetup-2.3.3-2.el8.src.rpm aarch64: cryptsetup-2.3.3-2.el8.aarch64.rpm cryptsetup-debuginfo-2.3.3-2.el8.aarch64.rpm cryptsetup-debugsource-2.3.3-2.el8.aarch64.rpm cryptsetup-libs-2.3.3-2.el8.aarch64.rpm cryptsetup-libs-debuginfo-2.3.3-2.el8.aarch64.rpm cryptsetup-reencrypt-2.3.3-2.el8.aarch64.rpm cryptsetup-reencrypt-debuginfo-2.3.3-2.el8.aarch64.rpm integritysetup-2.3.3-2.el8.aarch64.rpm integritysetup-debuginfo-2.3.3-2.el8.aarch64.rpm veritysetup-2.3.3-2.el8.aarch64.rpm veritysetup-debuginfo-2.3.3-2.el8.aarch64.rpm ppc64le: cryptsetup-2.3.3-2.el8.ppc64le.rpm cryptsetup-debuginfo-2.3.3-2.el8.ppc64le.rpm cryptsetup-debugsource-2.3.3-2.el8.ppc64le.rpm cryptsetup-libs-2.3.3-2.el8.ppc64le.rpm cryptsetup-libs-debuginfo-2.3.3-2.el8.ppc64le.rpm cryptsetup-reencrypt-2.3.3-2.el8.ppc64le.rpm cryptsetup-reencrypt-debuginfo-2.3.3-2.el8.ppc64le.rpm integritysetup-2.3.3-2.el8.ppc64le.rpm integritysetup-debuginfo-2.3.3-2.el8.ppc64le.rpm veritysetup-2.3.3-2.el8.ppc64le.rpm veritysetup-debuginfo-2.3.3-2.el8.ppc64le.rpm s390x: cryptsetup-2.3.3-2.el8.s390x.rpm cryptsetup-debuginfo-2.3.3-2.el8.s390x.rpm cryptsetup-debugsource-2.3.3-2.el8.s390x.rpm cryptsetup-libs-2.3.3-2.el8.s390x.rpm cryptsetup-libs-debuginfo-2.3.3-2.el8.s390x.rpm cryptsetup-reencrypt-2.3.3-2.el8.s390x.rpm cryptsetup-reencrypt-debuginfo-2.3.3-2.el8.s390x.rpm integritysetup-2.3.3-2.el8.s390x.rpm integritysetup-debuginfo-2.3.3-2.el8.s390x.rpm veritysetup-2.3.3-2.el8.s390x.rpm veritysetup-debuginfo-2.3.3-2.el8.s390x.rpm x86_64: cryptsetup-2.3.3-2.el8.x86_64.rpm cryptsetup-debuginfo-2.3.3-2.el8.i686.rpm cryptsetup-debuginfo-2.3.3-2.el8.x86_64.rpm cryptsetup-debugsource-2.3.3-2.el8.i686.rpm cryptsetup-debugsource-2.3.3-2.el8.x86_64.rpm cryptsetup-libs-2.3.3-2.el8.i686.rpm cryptsetup-libs-2.3.3-2.el8.x86_64.rpm cryptsetup-libs-debuginfo-2.3.3-2.el8.i686.rpm cryptsetup-libs-debuginfo-2.3.3-2.el8.x86_64.rpm cryptsetup-reencrypt-2.3.3-2.el8.x86_64.rpm cryptsetup-reencrypt-debuginfo-2.3.3-2.el8.i686.rpm cryptsetup-reencrypt-debuginfo-2.3.3-2.el8.x86_64.rpm integritysetup-2.3.3-2.el8.x86_64.rpm integritysetup-debuginfo-2.3.3-2.el8.i686.rpm integritysetup-debuginfo-2.3.3-2.el8.x86_64.rpm veritysetup-2.3.3-2.el8.x86_64.rpm veritysetup-debuginfo-2.3.3-2.el8.i686.rpm veritysetup-debuginfo-2.3.3-2.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-14382 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX6I3UtzjgjWX9erEAQgFmA//Y1uQk4RbnHUQaGxIlggUScToTGrdd3VV MY49IUoz9mojBxnV9yA2l/DEVsxzdU5+FWj/HHUIyaBWcgmh5c274jyDSe4kZRjT x6wsParsrjlzU9Jpg/u7ttvHV33Enydr5v+1cHYCNpgQv16ovrwZuuTcyZrrprgR cAJ2HYYSYdEBQyUbvMniCaNu+7IyE09G5cvXJFySQlvCclzYe2WxKjE6LnLWBydD wSMiMC5fChopNjP8svoaWlTUUKpVBBfjPvrscYS2Z3Wju3JPg+mJidr6n2LmwGMZ dpXz82q7H6yw6eCPpySqNNSUrlZpJWIQ/VKRInBRJ0PA7QEN8zyz/cZ1D4v30t6l DsClFx5ePBWWM2EvsykoSKKqnmEBcQY8eX6BXO3m3lW1UEE3r/EotDEV7BZQ3vo9 oybCWp9qOEzqud85gAfy64MgK+dFAhAT82DK+YtzaWoJmWTG4qn0dAMJM7RGQ2TQ SFPU9dHxceDBeDdA7g7/ChxXAWYBvlPSPsuwIjmgW6BUyctw6YanpoNFQJXXCHVn UfzJt2qszGCeo4kvFSTa2E4aIRXqJHYwrmkARRDym6ptzdkZyykAq1r3FmLQM+i2 jCFHGWXxGaFAil5mKOweCBiI+ZUwedGLdmgUCCnK4fyW9CMV1I21qKmCBIv7dWkv 9wP3ueBaWlA=PPZS -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A significant enhancement has been implemented for cryptsetup within Red Hat Enterprise Linux 8, targeting vulnerabilities and introducing necessary patches to bolster security.. Cryptsetup Security Update, Red Hat Enterprise Linux, Linux Security Advisory, Disk Encryption Fixes. . LinuxSecurity.com Team

Calendar 2 Nov 04, 2020 Red Hat
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoradisk encryption

Fedora 33: FEDORA-2020-8c76e12e62 Critical: Cryptsetup Out-Of-Bounds

Update to cryptsetup 2.3.4. Security fix for CVE-2020-14382. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-8c76e12e62 2020-09-25 16:31:57.892812 --------------------------------------------------------------------------------Name : cryptsetup Product : Fedora 33 Version : 2.3.4 Release : 1.fc33 URL : https://gitlab.com/cryptsetup/cryptsetup Summary : A utility for setting up encrypted disks Description : The cryptsetup package contains a utility for setting up disk encryption using dm-crypt kernel module. --------------------------------------------------------------------------------Update Information: Update to cryptsetup 2.3.4. Security fix for CVE-2020-14382 --------------------------------------------------------------------------------ChangeLog: * Thu Sep 3 2020 Milan Broz - 2.3.4-1 - Update to cryptsetup 2.3.4. - Fix for CVE-2020-14382 (#1874712) --------------------------------------------------------------------------------References: [ 1 ] Bug #1874712 - CVE-2020-14382 cryptsetup: Out-of-bounds write when validating segments https://bugzilla.redhat.com/show_bug.cgi?id=1874712 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-8c76e12e62' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Installing cryptsetup version 2.3.4 resolves critical out-of-bounds write vulnerabilities present in Fedora 33. Enhance your disk encryption safety right away.. Fedora 33, Disk Encryption, Cryptsetup Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 25, 2020 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorasecurity fix

Fedora 31: FEDORA-2020-5ed5af6275 Critical: Cryptsetup Out-Of-Bounds Write

Update to cryptsetup 2.3.4. Security fix for CVE-2020-14382. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-5ed5af6275 2020-09-19 22:44:26.739578 --------------------------------------------------------------------------------Name : cryptsetup Product : Fedora 31 Version : 2.3.4 Release : 1.fc31 URL : https://gitlab.com/cryptsetup/cryptsetup Summary : A utility for setting up encrypted disks Description : The cryptsetup package contains a utility for setting up disk encryption using dm-crypt kernel module. --------------------------------------------------------------------------------Update Information: Update to cryptsetup 2.3.4. Security fix for CVE-2020-14382 --------------------------------------------------------------------------------ChangeLog: * Thu Sep 3 2020 Milan Broz - 2.3.4-1 - Update to cryptsetup 2.3.4. - Fix for CVE-2020-14382 (#1874712) --------------------------------------------------------------------------------References: [ 1 ] Bug #1874712 - CVE-2020-14382 cryptsetup: Out-of-bounds write when validating segments https://bugzilla.redhat.com/show_bug.cgi?id=1874712 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-5ed5af6275' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora 31 enhances cryptsetup to version 2.3.4, fixing a security vulnerability related to an out-of-bounds writing problem.. Fedora Update, Disk Encryption, Security Fix, Cryptsetup Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 19, 2020 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here