Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
89
security advisorydenial of servicefedoraFedora 43 Insight Critical Denial of Service CVE-2026-0106837085
New upstream snapshot. Fixes CVEs 2025-11494, 2025-11495, 2026-2341, 2026-3441, 2026-3442. Fixes CVEs 2025-69644, 2025-69645, 2025-69646. Fixes FTBFS. Relax BR of itcl/itk/iwidgets.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0106837085 2026-03-15 00:55:01.242070+00:00 -------------------------------------------------------------------------------- Name : insight Product : Fedora 43 Version : 18.0.50.20260306 Release : 1.fc43 URL : https://www.sourceware.org/insight/ Summary : Graphical debugger based on GDB Description : Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for the latest GDB version. -------------------------------------------------------------------------------- Update Information: New upstream snapshot. Fixes CVEs 2025-11494, 2025-11495, 2026-2341, 2026-3441, 2026-3442. Fixes CVEs 2025-69644, 2025-69645, 2025-69646. Fixes FTBFS. Relax BR of itcl/itk/iwidgets. Patch "libtool_tag" to force C++ language tagging in libtool. -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 6 2026 Patrick Monnerat 18.0.50.20260306-1 - New upstream snapshot. - Fixes CVEs 2025-11494, 2025-11495, 2026-2341, 2026-3441, 2026-3442. https://bugzilla.redhat.com/show_bug.cgi?id=2402843 https://bugzilla.redhat.com/show_bug.cgi?id=2402846 https://bugzilla.redhat.com/show_bug.cgi?id=2438918 https://bugzilla.redhat.com/show_bug.cgi?id=2443834 - Fixes CVEs 2025-69644, 2025-69645, 2025-69646. https://bugzilla.redhat.com/show_bug.cgi?id=2445281 https://bugzilla.redhat.com/show_bug.cgi?id=2445284 https://bugzilla.redhat.com/show_bug.cgi?id=2446276 - Fixes FTBFS. https://bugzilla.redhat.com/show_bug.cgi?id=2434680 - Relax BR of itcl/itk/iwidgets. - Patch"libtool_tag" to force C++ language tagging in libtool. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2402843 - CVE-2025-11495 insight: GNU Binutils Linker heap-based overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2402843 [ 2 ] Bug #2402846 - CVE-2025-11494 insight: GNU Binutils Linker out-of-bounds read [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2402846 [ 3 ] Bug #2434680 - insight: FTBFS in Fedora rawhide/f44 https://bugzilla.redhat.com/show_bug.cgi?id=2434680 [ 4 ] Bug #2438918 - CVE-2026-2341 insight: libiberty: Application crash via crafted C++ symbol demangling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2438918 [ 5 ] Bug #2443834 - CVE-2026-3441 CVE-2026-3442 insight: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2443834 [ 6 ] Bug #2445276 - CVE-2025-69646 insight: Binutils: Denial of Service via malformed DWARF debug_rnglists data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445276 [ 7 ] Bug #2445281 - CVE-2025-69644 insight: Binutils: Denial of Service via crafted binary with malformed DWARF debug information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445281 [ 8 ] Bug #2445284 - CVE-2025-69645 insight: Binutils objdump: Denial of Service via crafted DWARF debug information [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2445284 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0106837085' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Mar 15, 2026
•Critical
Fedora
202
security advisorysecurity issueimportantopenSUSE 15.3: Kernel Important Security Fix 2025:4172-1
An update that solves three vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 60 for SUSE Linux Enterprise 15 SP3) Announcement ID: SUSE-SU-2025:4172-1 Release Date: 2025-11-23T20:05:00Z Rating: important References: * bsc#1250295 * bsc#1251228 * bsc#1251983 Cross-References: * CVE-2022-50388 * CVE-2022-50432 * CVE-2023-53673 CVSS scores: * CVE-2022-50388 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50388 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-50432 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50432 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53673 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-53673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.215 fixes various security issues The following security issues were fixed: * CVE-2022-50388: nvme: fix multipath crash caused by flush request when blktrace is enabled (bsc#1250295). * CVE-2022-50432: kernfs: fix use-after-free in __kernfs_remove (bsc#1251228). * CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251983). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap15.3 zypper in -t patch SUSE-2025-4172=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-4172=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_60-debugsource-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_215-default-debuginfo-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_215-default-6-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_215-preempt-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_215-preempt-debuginfo-6-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_60-debugsource-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_215-default-debuginfo-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_215-default-6-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-50388.html * https://www.suse.com/security/cve/CVE-2022-50432.html * https://www.suse.com/security/cve/CVE-2023-53673.html * https://bugzilla.suse.com/show_bug.cgi?id=1250295 * https://bugzilla.suse.com/show_bug.cgi?id=1251228 * https://bugzilla.suse.com/show_bug.cgi?id=1251983 . Update patch for openSUSE 15.3 addressing crucial kernel issues to enhance system stability and security.. openSUSE kernel patch important update. . Severity: Important. LinuxSecurity.com Team
Nov 24, 2025
•Important
OpenSUSE
197
security advisorydebianlocal attackDebian 11: pgagent Important Local Attack CVE-2025-0218 DLA-4338-1
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4338-1
Oct 18, 2025
•Important
Debian LTS
100
security advisorysecurity issueSuSESUSE: pam-config Important Security Update for CVE-2025-6018
* bsc#1243226 Cross-References: * CVE-2025-6018 . # Security update for pam-config Announcement ID: SUSE-SU-2025:20533-1 Release Date: 2025-07-28T14:36:18Z Rating: important References: * bsc#1243226 Cross-References: * CVE-2025-6018 CVSS scores: * CVE-2025-6018 ( SUSE ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-6018 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-6018 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for pam-config fixes the following issues: * CVE-2025-6018: Stop adding pam_env in AUTH stack, and be sure to put this module at the really end of the SESSION stack. (bsc#1243226) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-192=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * pam-config-2.11+git.20240906-slfo.1.1_2.1 * pam-config-debugsource-2.11+git.20240906-slfo.1.1_2.1 * pam-config-debuginfo-2.11+git.20240906-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6018.html * https://bugzilla.suse.com/show_bug.cgi?id=1243226 . SUSE pam-config has been updated to fix the CVE-2025-6018 security vulnerability that could let unauthorized users gain elevated privileges. Update now.. SUSE Security Update, pam-config Patch, CVE-2025-6018, SUSE Linux Micro, security issue resolution. . Severity: Important. LinuxSecurity.com Team
Aug 05, 2025
•Important
SuSE
203
security advisorysecurity issuesubversionMageia 9: MGASA-2025-0058 Critical Issue in Subversion Filename Validation
Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. (CVE-2024-46901) . MGASA-2025-0058 - Updated subversion packages fix security vulnerability Publication date: 12 Feb 2025 URL: https://advisories.mageia.org/MGASA-2025-0058.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-46901 Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. (CVE-2024-46901) References: - https://bugs.mageia.org/show_bug.cgi?id=33838 - https://www.openwall.com/lists/oss-security/2024/12/09/1 - https://www.cve.org/CVERecord?id=CVE-2024-46901 SRPMS: - 9/core/subversion-1.14.2-2.1.mga9 . Mageia has released a security advisory addressing Subversion vulnerabilities related to filename validation to help mitigate risks from malformed inputs affecting repositories. subversion, Mageia, security update, filename validation, commit access. . Severity: Critical. LinuxSecurity.com Team
Feb 12, 2025
•Critical
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!