Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 36 articles for you...
203
security advisorydenial of servicecriticalMageia 9 dpkg Critical Denial of Service Advisory MGASA-2026-0144
MGASA-2026-0144 - Updated dpkg packages fix security vulnerabilities. MGASA-2026-0144 - Updated dpkg packages fix security vulnerabilities Publication date: 16 May 2026 URL: https://advisories.mageia.org/MGASA-2026-0144.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-2219 Description: It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU). References: - https://bugs.mageia.org/show_bug.cgi?id=35489 - https://lists.opensuse.org/archives/list/
May 16, 2026
•Critical
Mageia
172
security advisorydenial of serviceupdateUbuntu 25.10 dpkg Important Denial of Service Risk USN-8249-1
dpkg could be made to stop responding if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-8249-1 May 07, 2026 dpkg vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS Summary: dpkg could be made to stop responding if it opened a specially crafted file. Software Description: - dpkg: Debian package management system Details: Yashashree Gund discovered that the dpkg dpkg-deb tool incorrectly handled certain zstd-compressed .deb archives. If a user or automated system were tricked into manipulating a specially crafted .deb archive, a remote attacker could possibly use this issue to cause dpkg-deb to stop responding, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 dpkg 1.22.21ubuntu3.2 Ubuntu 24.04 LTS dpkg 1.22.6ubuntu6.6 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8249-1 CVE-2026-2219 Package Information: https://launchpad.net/ubuntu/+source/dpkg/1.22.21ubuntu3.2 https://launchpad.net/ubuntu/+source/dpkg/1.22.6ubuntu6.6 . dpkg exposes Ubuntu to DoS risks through specially crafted files. Update to mitigate this issue.. dpkg vulnerability, Ubuntu security, system update, denial of service, security patch. . Severity: Important. LinuxSecurity.com Team
May 07, 2026
•Important
Ubuntu
202
security advisorymoderatedenial of serviceopenSUSE Tumbleweed dpkg Moderate Update Threat CVE-2026-2219 2026-10675-1
An update that solves one vulnerability can now be installed.. # dpkg-1.22.22-1.1 on GA media Announcement ID: openSUSE-SU-2026:10675-1 Rating: moderate Cross-References: * CVE-2026-2219 CVSS scores: * CVE-2026-2219 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-2219 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the dpkg-1.22.22-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * dpkg 1.22.22-1.1 * dpkg-devel 1.22.22-1.1 * dpkg-lang 1.22.22-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2219.html . An update for openSUSE Tumbleweed dpkg addresses a moderate security risk. Learn more about the details and installation.. openSUSE updates, dpkg security, moderate threat assessment, Linux package management, software vulnerabilities. . LinuxSecurity.com Team
May 05, 2026
OpenSUSE
100
security advisorymoderatedenial of serviceSUSE Linux Micro 6.0 dpkg Advisory on Moderate Denial of Service Risk
An update that solves one vulnerability can now be installed.. # Security update for dpkg Announcement ID: SUSE-SU-2026:20795-1 Release Date: 2026-03-19T12:31:58Z Rating: moderate References: * bsc#1259385 Cross-References: * CVE-2026-2219 CVSS scores: * CVE-2026-2219 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-2219 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-2219 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for dpkg fixes the following issue: * CVE-2026-2219: dpkg-deb: malformed .deb archives can cause a denial of service (bsc#1259385). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-629=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * update-alternatives-debugsource-1.22.0-3.1 * update-alternatives-1.22.0-3.1 * update-alternatives-debuginfo-1.22.0-3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2219.html * https://bugzilla.suse.com/show_bug.cgi?id=1259385 . SUSE Linux Micro 6.0 receives moderate update for dpkg addressing denial of service risk due to malformed archives.. SUSE Linux Micro 6.0, dpkg security update, denial of service issue, SUSE patches. . LinuxSecurity.com Team
Mar 24, 2026
SuSE
100
security advisorymoderatedenial of serviceSUSE Linux Micro 6.1 dpkg Moderate Denial of Service Issue 2026-20766-1
An update that solves one vulnerability can now be installed.. # Security update for dpkg Announcement ID: SUSE-SU-2026:20766-1 Release Date: 2026-03-19T11:21:31Z Rating: moderate References: * bsc#1259385 Cross-References: * CVE-2026-2219 CVSS scores: * CVE-2026-2219 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-2219 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-2219 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for dpkg fixes the following issue: * CVE-2026-2219: dpkg-deb: malformed .deb archives can cause a denial of service (bsc#1259385). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-448=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * update-alternatives-1.22.0-slfo.1.1_3.1 * update-alternatives-debuginfo-1.22.0-slfo.1.1_3.1 * update-alternatives-debugsource-1.22.0-slfo.1.1_3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2219.html * https://bugzilla.suse.com/show_bug.cgi?id=1259385 . Install the latest SUSE update for dpkg to fix a moderate denial of service issue from CVE-2026-2219 now.. SUSE Update, dpkg Security, Denial of Service, SUSE Linux Micro. . LinuxSecurity.com Team
Mar 24, 2026
SuSE
172
security advisorydenial of serviceUbuntuUbuntu 25.04: dpkg Important Disk Space Denial of Service USN-7768-1
dpkg could be made to consume disk space if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-7768-1 September 24, 2025 dpkg vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: dpkg could be made to consume disk space if it opened a specially crafted file. Software Description: - dpkg: Debian package management system Details: It was discovered that dpkg incorrectly handled removing certain temporary directories. An attacker could possibly use this issue to consume disk space, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 dpkg 1.22.18ubuntu2.2 libdpkg-perl 1.22.18ubuntu2.2 Ubuntu 24.04 LTS dpkg 1.22.6ubuntu6.5 libdpkg-perl 1.22.6ubuntu6.5 Ubuntu 22.04 LTS dpkg 1.21.1ubuntu2.6 libdpkg-perl 1.21.1ubuntu2.6 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7768-1 CVE-2025-6297 Package Information: https://launchpad.net/ubuntu/+source/dpkg/1.22.6ubuntu6.5 . Ubuntu versions 25.04 and 24.04 LTS are facing significant vulnerabilities that necessitate urgent patches to dpkg as they pose denial of service threats. Immediate action is crucial!. Ubuntu dpkg update, disk space vulnerability, Linux package management. . Severity: Important. LinuxSecurity.com Team
Sep 24, 2025
•Important
Ubuntu
100
security advisorymoderateSuSESUSE: dpkg Moderate Security Update CVE-2025-6297 SUSE-SU-2025:20670-1
* bsc#1245573 Cross-References: * CVE-2025-6297 . # Security update for dpkg Announcement ID: SUSE-SU-2025:20670-1 Release Date: 2025-09-05T12:14:12Z Rating: moderate References: * bsc#1245573 Cross-References: * CVE-2025-6297 CVSS scores: * CVE-2025-6297 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-6297 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-6297 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for dpkg fixes the following issues: * CVE-2025-6297: Fixed cleanup for control member with restricted directories (bsc#1245573). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-249=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * update-alternatives-debugsource-1.22.0-slfo.1.1_2.1 * update-alternatives-1.22.0-slfo.1.1_2.1 * update-alternatives-debuginfo-1.22.0-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6297.html * https://bugzilla.suse.com/show_bug.cgi?id=1245573 . SUSE issues vital patch for dpkg resolving serious concerns linked to CVE-2025-6298. Urgent measures recommended.. SUSE dpkg security update CVE-2025-6297 moderate. . LinuxSecurity.com Team
Sep 10, 2025
SuSE
100
security advisorymoderateSuSESUSE Linux Micro 6.0: dpkg Moderate DoS Issue 2025:20562-1 CVE-2025-6297
* bsc#1245573 Cross-References: * CVE-2025-6297 . # Security update for dpkg Announcement ID: SUSE-SU-2025:20562-1 Release Date: 2025-08-20T11:43:20Z Rating: moderate References: * bsc#1245573 Cross-References: * CVE-2025-6297 CVSS scores: * CVE-2025-6297 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-6297 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-6297 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for dpkg fixes the following issues: * CVE-2025-6297: Fixed improper sanitization of directory permissions leading to DoS via disk quota exhaustion due to files left behind on cleanup (bsc#1245573) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-424=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * update-alternatives-1.22.0-2.1 * update-alternatives-debuginfo-1.22.0-2.1 * update-alternatives-debugsource-1.22.0-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6297.html * https://bugzilla.suse.com/show_bug.cgi?id=1245573 . This notice addresses a medium level concern regarding rpm on RedHat which impacts access control resulting in possible Denial of Service.. SUSE, dpkg, security advisory, CVE-2025-6297, DoS. . LinuxSecurity.com Team
Aug 28, 2025
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!