Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
202
security advisoryupdatebug fixopenSUSE 16.0 go1.26 Important Security Update 2026-20571-1 CVE-2026-27140
An update that solves 10 vulnerabilities and has 11 bug fixes can now be installed.. openSUSE security update: security update for go1.26 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20571-1 Rating: important References: * bsc#1255111 * bsc#1261653 * bsc#1261654 * bsc#1261655 * bsc#1261656 * bsc#1261657 * bsc#1261658 * bsc#1261659 * bsc#1261660 * bsc#1261661 * bsc#1261662 Cross-References: * CVE-2026-27140 * CVE-2026-27143 * CVE-2026-27144 * CVE-2026-32280 * CVE-2026-32281 * CVE-2026-32282 * CVE-2026-32283 * CVE-2026-32288 * CVE-2026-32289 * CVE-2026-33810 CVSS scores: * CVE-2026-27140 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27143 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-27144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-32280 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32281 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32282 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-32283 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32288 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-32289 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-33810 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 10 vulnerabilities and has 11 bug fixes can now be installed. Description: This update for go1.26 fixes the following issues: - Update to version go1.26.2 (bsc#1255111). - CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG (bsc#1261653). - CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination (bsc#1261654). - CVE-2026-27144: cmd/compile: no-op interface conversion bypasses overlap checking(bsc#1261655). - CVE-2026-32280: crypto/x509: unexpected work during chain building (bsc#1261656). - CVE-2026-32281: crypto/x509: inefficient policy validation (bsc#1261657). - CVE-2026-32282: os: Root.Chmod can follow symlinks out of the root on Linux (bsc#1261658). - CVE-2026-32283: crypto/tls: multiple key update handshake messages can cause connection to deadlock (bsc#1261659). - CVE-2026-32288: archive/tar: unbounded allocation when parsing old format GNU sparse map (bsc#1261660). - CVE-2026-32289: html/template: JS template literal context incorrectly tracked (bsc#1261661). - CVE-2026-33810: crypto/x509: excluded DNS constraints not properly applied to wildcard domains (bsc#1261662). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-595=1 Package List: - openSUSE Leap 16.0: go1.26-1.26.2-160000.1.1 go1.26-doc-1.26.2-160000.1.1 go1.26-libstd-1.26.2-160000.1.1 go1.26-race-1.26.2-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2026-27140.html * https://www.suse.com/security/cve/CVE-2026-27143.html * https://www.suse.com/security/cve/CVE-2026-27144.html * https://www.suse.com/security/cve/CVE-2026-32280.html * https://www.suse.com/security/cve/CVE-2026-32281.html * https://www.suse.com/security/cve/CVE-2026-32282.html * https://www.suse.com/security/cve/CVE-2026-32283.html * https://www.suse.com/security/cve/CVE-2026-32288.html * https://www.suse.com/security/cve/CVE-2026-32289.html * https://www.suse.com/security/cve/CVE-2026-33810.html . Install important update for openSUSE go1.26 to fix 10 security issues and 11 bugs effectively. Get the details here.. openSUSE security fix, go1.26 update, important patches. . Severity: Important. LinuxSecurity.com Team
Apr 21, 2026
•Important
OpenSUSE
203
security advisoryimportantlibpngMageia 9 libpng Important Use-After-Free and OOB Read MGASA-2026-0070
MGASA-2026-0070 - Updated libpng packages fix security vulnerabilities. MGASA-2026-0070 - Updated libpng packages fix security vulnerabilities Publication date: 28 Mar 2026 URL: https://advisories.mageia.org/MGASA-2026-0070.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-33416, CVE-2026-33636 Description: Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE. (CVE-2026-33416) Out-of-bounds read/write in the palette expansion on ARM Neon. (CVE-2026-33636) References: - https://bugs.mageia.org/show_bug.cgi?id=35279 - https://www.openwall.com/lists/oss-security/2026/03/26/1 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33416 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33636 SRPMS: - 9/core/libpng-1.6.38-1.5.mga9 . Mageia 9 security advisory MGASA-2026-0070 addresses critical libpng vulnerabilities affecting package integrity.. Mageia, libpng, security advisory, cybersecurity, vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Mar 28, 2026
•Important
Mageia
100
security advisoryimportantkernelSUSE Linux Enterprise 15 SP4 Kernel Important Update 2026-0992-1
An update that solves 10 vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4) Announcement ID: SUSE-SU-2026:0992-1 Release Date: 2026-03-24T11:34:17Z Rating: important References: * bsc#1247240 * bsc#1254755 * bsc#1255053 * bsc#1255378 * bsc#1255402 * bsc#1255595 * bsc#1256624 * bsc#1256644 * bsc#1257118 * bsc#1257629 Cross-References: * CVE-2022-50697 * CVE-2023-53781 * CVE-2025-21738 * CVE-2025-38159 * CVE-2025-38488 * CVE-2025-40258 * CVE-2025-68284 * CVE-2025-68285 * CVE-2025-68813 * CVE-2025-71085 CVSS scores: * CVE-2022-50697 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-50697 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-53781 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-53781 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21738 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21738 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21738 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38159 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38159 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-38488 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38488 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38488 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-40258 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40258 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68284 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68284 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-68285 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68285 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68813 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68813 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71085 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71085 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.176 fixes various security issues The following security issues were fixed: * CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255595). * CVE-2023-53781: smc: Fix use-after-free in tcp_write_timer_handler() (bsc#1254755). * CVE-2025-21738: ata: libata-sff: ensure that we cannot write outside the allocated buffer (bsc#1257118). * CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (bsc#1257629). * CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247240). * CVE-2025-40258: mptcp: fix race condition in mptcp_schedule_work() (bsc#1255053). * CVE-2025-68284: libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (bsc#1255378). * CVE-2025-68285:libceph: fix potential use-after-free in have_mon_and_osd_map() (bsc#1255402). * CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256644). * CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256624). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-992=1 SUSE-2026-995=1 SUSE-2026-994=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-994=1 SUSE-SLE- Module-Live-Patching-15-SP4-2026-992=1 SUSE-SLE-Module-Live- Patching-15-SP4-2026-995=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_41-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_44-debugsource-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_40-debugsource-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-14-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_41-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_44-debugsource-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-14-150400.2.1 *kernel-livepatch-SLE15-SP4_Update_40-debugsource-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-15-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-14-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-50697.html * https://www.suse.com/security/cve/CVE-2023-53781.html * https://www.suse.com/security/cve/CVE-2025-21738.html * https://www.suse.com/security/cve/CVE-2025-38159.html * https://www.suse.com/security/cve/CVE-2025-38488.html * https://www.suse.com/security/cve/CVE-2025-40258.html * https://www.suse.com/security/cve/CVE-2025-68284.html * https://www.suse.com/security/cve/CVE-2025-68285.html * https://www.suse.com/security/cve/CVE-2025-68813.html * https://www.suse.com/security/cve/CVE-2025-71085.html * https://bugzilla.suse.com/show_bug.cgi?id=1247240 * https://bugzilla.suse.com/show_bug.cgi?id=1254755 * https://bugzilla.suse.com/show_bug.cgi?id=1255053 * https://bugzilla.suse.com/show_bug.cgi?id=1255378 * https://bugzilla.suse.com/show_bug.cgi?id=1255402 * https://bugzilla.suse.com/show_bug.cgi?id=1255595 * https://bugzilla.suse.com/show_bug.cgi?id=1256624 * https://bugzilla.suse.com/show_bug.cgi?id=1256644 * https://bugzilla.suse.com/show_bug.cgi?id=1257118 * https://bugzilla.suse.com/show_bug.cgi?id=1257629 . Critical kernel vulnerabilities in SUSE Linux are addressed in this important update. Install patches now to protect your systems.. SUSE Linux, kernel patch, important update, security advisory, live patch. . Severity: Important. LinuxSecurity.com Team
Mar 24, 2026
•Important
SuSE
89
security advisoryfedoraDoSFedora 43 python3.12 Security Upgrade for DoS CVE-2025-13836
Security fix for CVE-2025-13836. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-06aa85da91 2026-01-25 00:53:48.092825+00:00 -------------------------------------------------------------------------------- Name : python3.12 Product : Fedora 43 Version : 3.12.12 Release : 3.fc43 URL : https://www.python.org/ Summary : Version 3.12 of the Python interpreter Description : Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.12-libs package, which should be installed automatically along with python3.12. The remaining parts of the Python standard library are broken out into the python3.12-tkinter and python3.12-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.12-docs package. Packages containing additional libraries for Python are generally named with the "python3.12-" prefix. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2025-13836 -------------------------------------------------------------------------------- ChangeLog: * Fri Jan 16 2026 Lumr Balhar - 3.12.12-3 - Security fix for CVE-2025-13836 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2428943 - CVE-2025-13836 python3.12: Excessive read buffering DoS in http.client [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2428943 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnfupgrade --advisory FEDORA-2026-06aa85da91' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Security fix for python3.12 addresses excessive read buffering issue in Fedora 43, enhancing system stability.. Fedora Update, Python Security Fix, python3.12, DoS vulnerability, Fedora 43 advisory. . Severity: Important. LinuxSecurity.com Team
Jan 25, 2026
•Important
Fedora
87
security advisorycode executiondebianDebian: DSA-3473-1 Moderate: Nginx DoS Threat and Code Exec Risk
Several vulnerabilities were discovered in the resolver in nginx, a small, powerful, scalable web/proxy server, leading to denial of service or, potentially, to arbitrary code execution. These only affect nginx if the "resolver" directive is used in a configuration file. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3473-1
Feb 11, 2016
•Important
Debian
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!