Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 8 articles for you...
217
security advisoryupdateimportantOracle Linux 8 ELSA-2025-9605 Important: perl-File-Find-Rule Security Fix
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-9605 http://linux.oracle.com/errata/ELSA-2025-9605.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: perl-File-Find-Rule-0.34-9.el8_10.noarch.rpm aarch64: perl-File-Find-Rule-0.34-9.el8_10.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/perl-File-Find-Rule-0.34-9.el8_10.src.rpm Related CVEs: CVE-2011-10007 Description of changes: [0.34-9] - Use 3 arg open in grep() (CVE-2011-10007) - Package tests _______________________________________________ El-errata mailing list
Jun 27, 2025
•Important
Oracle
172
security advisorydenial of servicecriticalUbuntu 22.04: USN-6359-1 Critical: File Tool Denial Of Service
file could be made to crash or run programs if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-6359-1 September 12, 2023 file vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: file could be made to crash or run programs if it opened a specially crafted file. Software Description: - file: Tool to determine file types Details: It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: file 1:5.41-3ubuntu0.1 libmagic1 1:5.41-3ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6359-1 CVE-2022-48554 Package Information: https://launchpad.net/ubuntu/+source/file/1:5.41-3ubuntu0.1 . An important vulnerability in Ubuntu 22.04 concerns the utility tool, which can permit attackers to disrupt systems or run unauthorized applications.. Ubuntu Security Notice, File Tool, Denial of Service, Update Instructions. . Severity: Critical. LinuxSecurity.com Team
Sep 12, 2023
•Critical
Ubuntu
172
security advisorydenial of servicesecurity issueUbuntu 19.10 USN-4172-1: Severe File Denial-of-Service Vulnerability
file could be made to crash or run programs if it opened a specially crafted file.. =========================================================================Ubuntu Security Notice USN-4172-1 October 30, 2019 file vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.10 - Ubuntu 19.04 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: file could be made to crash or run programs if it opened a specially crafted file. Software Description: - file: Tool to determine file types Details: It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: file 1:5.37-5ubuntu0.1 libmagic1 1:5.37-5ubuntu0.1 Ubuntu 19.04: file 1:5.35-4ubuntu0.1 libmagic1 1:5.35-4ubuntu0.1 Ubuntu 18.04 LTS: file 1:5.32-2ubuntu0.3 libmagic1 1:5.32-2ubuntu0.3 Ubuntu 16.04 LTS: file 1:5.25-2ubuntu1.3 libmagic1 1:5.25-2ubuntu1.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4172-1 CVE-2019-18218 Package Information: https://launchpad.net/ubuntu/+source/file/1:5.37-5ubuntu0.1 https://launchpad.net/ubuntu/+source/file/1:5.35-4ubuntu0.1 https://launchpad.net/ubuntu/+source/file/1:5.32-2ubuntu0.3 https://launchpad.net/ubuntu/+source/file/1:5.25-2ubuntu1.3 . The Ubuntu Security Bulletin USN-4172-1 pertains to a critical file flaw impacting several versions, along with remedial steps detailed for resolution.. Ubuntu Security, FileVulnerability, Denial of Service, Ubuntu Updates, Security Advisory. . Severity: Critical. LinuxSecurity.com Team
Oct 30, 2019
•Critical
Ubuntu
87
security advisorydenial of servicebuffer overflowDebian: DSA-4550-1 Urgent Warning: Vulnerability in File Buffer Overflow
A buffer overflow was found in file, a file type classification tool, which may result in denial of service or potentially the execution of arbitrary code if a malformed CDF (Composite Document File) file is processed. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4550-1
Oct 25, 2019
•Critical
Debian
197
security advisorybuffer overflowDebianDebian LTS: DLA-1969-1 Moderate: File Buffer Overflow Fix
An issue has been found in file, a tool to determine file types by using magic numbers. . Package : file Version : 1:5.22+15-2+deb8u6 CVE ID : CVE-2019-18218 An issue has been found in file, a tool to determine file types by using magic numbers. The number of CDF_VECTOR elements had to be restricted in order to prevent a heap-based buffer overflow (4-byte out-of-bounds write). For Debian 8 "Jessie", this problem has been fixed in version 1:5.22+15-2+deb8u6. We recommend that you upgrade your file packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A safety alert regarding the file package on Debian highlights a potential buffer overflow vulnerability and advises users to update their packages for enhanced reliability.. file security, Debian DLA 1969-1, buffer overflow risk, update recommendations. . LinuxSecurity.com Team
Oct 23, 2019
Debian LTS
202
security advisorymoderatedenial of serviceopenSUSE: 2019:0345-1 Moderate: File Denial Of Service Issues
An update that solves four vulnerabilities and has one errata is now available.. openSUSE Security Update: Security update for file ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:0345-1 Rating: moderate References: #1096974 #1096984 #1126117 #1126118 #1126119 Cross-References: CVE-2018-10360 CVE-2019-8905 CVE-2019-8906 CVE-2019-8907 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for file fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-10360: Fixed an out-of-bounds read in the function do_core_note in readelf.c, which allowed remote attackers to cause a denial of service (application crash) via a crafted ELF file (bsc#1096974) - CVE-2019-8905: Fixed a stack-based buffer over-read in do_core_note in readelf.c (bsc#1126118) - CVE-2019-8906: Fixed an out-of-bounds read in do_core_note in readelf. c (bsc#1126119) - CVE-2019-8907: Fixed a stack corruption in do_core_note in readelf.c (bsc#1126117) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-345=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): file-5.32-lp150.6.3.1 file-debuginfo-5.32-lp150.6.3.1 file-debugsource-5.32-lp150.6.3.1 file-devel-5.32-lp150.6.3.1 libmagic1-5.32-lp150.6.3.1 libmagic1-debuginfo-5.32-lp150.6.3.1 python2-magic-5.32-lp150.6.3.1 python3-magic-5.32-lp150.6.3.1 - openSUSE Leap 15.0 (x86_64): file-devel-32bit-5.32-lp150.6.3.1 libmagic1-32bit-5.32-lp150.6.3.1 libmagic1-32bit-debuginfo-5.32-lp150.6.3.1 - openSUSE Leap 15.0 (noarch): file-magic-5.32-lp150.6.3.1 References: https://www.suse.com/security/cve/CVE-2018-10360.html https://www.suse.com/security/cve/CVE-2019-8905.html https://www.suse.com/security/cve/CVE-2019-8906.html https://www.suse.com/security/cve/CVE-2019-8907.html https://bugzilla.suse.com/1096974 https://bugzilla.suse.com/1096984 https://bugzilla.suse.com/1126117 https://bugzilla.suse.com/1126118 https://bugzilla.suse.com/1126119 -- . openSUSE Security Update: Security update for file _________________________________________________. update, solves, vulnerabilities, errata, opensuse, security. . LinuxSecurity.com Team
Mar 18, 2019
OpenSUSE
172
security advisorydenial of servicecriticalUbuntu 18.10, 18.04, and 16.04 LTS: USN-3911-1 Critical: File Issues
Several security issues were fixed in file.. =========================================================================Ubuntu Security Notice USN-3911-1 March 18, 2019 file vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in file. Software Description: - file: Tool to determine file types Details: It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: file 1:5.34-2ubuntu0.1 libmagic1 1:5.34-2ubuntu0.1 Ubuntu 18.04 LTS: file 1:5.32-2ubuntu0.2 libmagic1 1:5.32-2ubuntu0.2 Ubuntu 16.04 LTS: file 1:5.25-2ubuntu1.2 libmagic1 1:5.25-2ubuntu1.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3911-1 CVE-2019-8904, CVE-2019-8905, CVE-2019-8906, CVE-2019-8907 Package Information: https://launchpad.net/ubuntu/+source/file/1:5.34-2ubuntu0.1 https://launchpad.net/ubuntu/+source/file/1:5.32-2ubuntu0.2 https://launchpad.net/ubuntu/+source/file/1:5.25-2ubuntu1.2 . Solutions to address safety concerns in documentation: Service interruption and remote execution flaws impacting Ubuntu systems.. File Tool, Ubuntu Security Notice, Denial of Service, Security Issues in File. . Severity: Critical. LinuxSecurity.com Team
Mar 18, 2019
•Critical
Ubuntu
100
security advisorymoderatedenial of serviceSUSE: 2019:0571-1 moderate: file DoS and buffer overflow
An update that solves four vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for file ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:0571-1 Rating: moderate References: #1096974 #1096984 #1126117 #1126118 #1126119 Cross-References: CVE-2018-10360 CVE-2019-8905 CVE-2019-8906 CVE-2019-8907 Affected Products: SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for file fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-10360: Fixed an out-of-bounds read in the function do_core_note in readelf.c, which allowed remote attackers to cause a denial of service (application crash) via a crafted ELF file (bsc#1096974) - CVE-2019-8905: Fixed a stack-based buffer over-read in do_core_note in readelf.c (bsc#1126118) - CVE-2019-8906: Fixed an out-of-bounds read in do_core_note in readelf. c (bsc#1126119) - CVE-2019-8907: Fixed a stack corruption in do_core_note in readelf.c (bsc#1126117) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2019-571=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-571=1 Package List: - SUSE Linux Enterprise Module for Development Tools 15 (aarch64 ppc64le s390x x86_64): python3-magic-5.32-7.5.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): file-5.32-7.5.1 file-debuginfo-5.32-7.5.1 file-debugsource-5.32-7.5.1 file-devel-5.32-7.5.1 libmagic1-5.32-7.5.1 libmagic1-debuginfo-5.32-7.5.1 python2-magic-5.32-7.5.1 - SUSE Linux Enterprise Module for Basesystem 15 (noarch): file-magic-5.32-7.5.1 - SUSE Linux Enterprise Module for Basesystem 15 (x86_64): libmagic1-32bit-5.32-7.5.1 libmagic1-32bit-debuginfo-5.32-7.5.1 References: https://www.suse.com/security/cve/CVE-2018-10360.html https://www.suse.com/security/cve/CVE-2019-8905.html https://www.suse.com/security/cve/CVE-2019-8906.html https://www.suse.com/security/cve/CVE-2019-8907.html https://bugzilla.suse.com/1096974 https://bugzilla.suse.com/1096984 https://bugzilla.suse.com/1126117 https://bugzilla.suse.com/1126118 https://bugzilla.suse.com/1126119 _______________________________________________ sle-security-updates mailing list
Mar 08, 2019
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!