Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 3 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycriticalfile package

Mageia 8: MGASA-2023-0268 Critical Buffer Over-Read Issue Fix

File before 5.43 has a stack-based buffer over-read in file_copystr in funcs.c. (CVE-2022-48554) References: - https://bugs.mageia.org/show_bug.cgi?id=32282 . MGASA-2023-0268 - Updated file packages fix security vulnerability Publication date: 24 Sep 2023 URL: https://advisories.mageia.org/MGASA-2023-0268.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-48554 File before 5.43 has a stack-based buffer over-read in file_copystr in funcs.c. (CVE-2022-48554) References: - https://bugs.mageia.org/show_bug.cgi?id=32282 - https://ubuntu.com/security/notices/USN-6359-1 - https://www.cve.org/CVERecord?id=CVE-2022-48554 SRPMS: - 8/core/file-5.39-4.1.mga8 . Fedora 36 software patch enhances file integrity by rectifying buffer overflow flaw CVE-2022-48555, issued on September 30.. file security, buffer over-read, Mageia updates, security advisories. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 24, 2023 Critical Mageia
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisoryhigh severitysecurity issue

Arch Linux: ASA-202001-2 High: File Code Execution Threat

The package file before version 5.38-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-202001-2 ======================================== Severity: High Date : 2020-01-09 CVE-ID : CVE-2019-18218 Package : file Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1083 Summary ====== The package file before version 5.38-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 5.38-1. # pacman -Syu "file> =5.38-1" The problem has been fixed upstream in version 5.38. Workaround ========= None. Description ========== cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). Impact ===== An attacker is able to execute arbitrary code on the affected host by tricking a user to process a specially crafted file via libmagic or file. References ========= https://bugs.archlinux.org/task/64430 https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780 https://security.archlinux.org/CVE-2019-18218 . Ubuntu Security Notice USN-2021-03 identifies a severe flaw in the network utility that could permit unauthorized access.. Arch Linux Advisory, Code Execution Risk, File Package Update. . LinuxSecurity.com Team

Calendar 2 Jan 13, 2020 ArchLinux
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryDebianregression fix

Debian: DLA-1698-2 Important Update Fixes File Regression Issue

This update fixes a regression in introduced in 1:5.22+15-2+deb8u5 causing truncated output of the interpreter name, thanks to Christoph Biedl for reporting the problem and cause. . Package : file Version : 1:5.22+15-2+deb8u7 This update fixes a regression in introduced in 1:5.22+15-2+deb8u5 causing truncated output of the interpreter name, thanks to Christoph Biedl for reporting the problem and cause. For Debian 8 "Jessie", this problem has been fixed in version 1:5.22+15-2+deb8u7. We recommend that you upgrade your file packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . This enhancement addresses an issue within the file package of Debian, guaranteeing accurate representation of the interpreter's designation.. Debian LTS, file package update, regression fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 30, 2019 Important Debian LTS
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

Mageia 7: MGASA-2019-0308 Critical: CDF File Buffer Overflow

Updated file packages fix security vulnerability: A buffer overflow was found in file which may result in denial of service or potentially the execution of arbitrary code if a malformed CDF (Composite Document File) file is processed (CVE-2019-18218). . MGASA-2019-0308 - Updated file packages fix security vulnerability Publication date: 29 Oct 2019 URL: https://advisories.mageia.org/MGASA-2019-0308.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-18218 Updated file packages fix security vulnerability: A buffer overflow was found in file which may result in denial of service or potentially the execution of arbitrary code if a malformed CDF (Composite Document File) file is processed (CVE-2019-18218). References: - https://bugs.mageia.org/show_bug.cgi?id=25615 - https://lists.debian.org/debian-security-announce/2019/msg00202.html - https://www.cve.org/CVERecord?id=CVE-2019-18218 SRPMS: - 7/core/file-5.37-1.2.mga7 . Mageia 2020-0421 resolves a critical memory leak issue in systemd services, significantly improving platform stability and performance.. Mageia Security Update, Buffer Overflow Fix, File Package Security, Denial of Service Mitigation. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 29, 2019 Critical Mageia
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryupdatecritical

Mageia 6: 2019-0118 Moderate: File Stack Corruption Denial of Service

The updated file packages fix security vulnerabilities: do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360. (CVE-2019-8905) . MGASA-2019-0118 - Updated file packages fix security vulnerabilities Publication date: 29 Mar 2019 URL: https://advisories.mageia.org/MGASA-2019-0118.html Type: security Affected Mageia releases: 6 CVE: CVE-2019-8905, CVE-2019-8907 The updated file packages fix security vulnerabilities: do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360. (CVE-2019-8905) do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact. (CVE-2019-8907) References: - https://bugs.mageia.org/show_bug.cgi?id=24498 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/4JG7FM7W3R4C4P5R4PFNBYEGTQHASG2O/ - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/5DKJLTXLQCKG4GQNC5JUDGVGAJAJJ2K3/ - https://lists.suse.com/pipermail/sle-security-updates/2019-March/005176.html - https://ubuntu.com/security/notices/USN-3911-1 - - https://www.cve.org/CVERecord?id=CVE-2019-8905 - https://www.cve.org/CVERecord?id=CVE-2019-8907 SRPMS: - 6/core/file-5.25-5.2.mga6 . Revised Fedora software repositories mitigate significant risks associated with buffer overflow and service interruptions.. Mageia Security, Buffer Over-read, Denial of Service, Security Updates, File Package Fixes. . LinuxSecurity.com Team

Calendar 2 Mar 29, 2019 Mageia
99
Ls Advisories Slackware Esm H240
Price Tag 1security advisorydenial of servicecritical

Slackware: 2018-212-01 Critical: File Package DoS Update

New file packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] file (SSA:2018-212-01) New file packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/file-5.34-i586-1_slack14.2.txz: Upgraded. Fixed a denial of service crash when processing a crafted ELF file. For more information, see: https://www.cve.org/CVERecord?id=CVE-2018-10360 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 14.0: Updated package for Slackware x86_64 14.0: Updated package for Slackware 14.1: Updated package for Slackware x86_64 14.1: Updated package for Slackware 14.2: Updated package for Slackware x86_64 14.2: Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 14.0 package: 594288bd638ab937ca124224185745c8 file-5.34-i486-1_slack14.0.txz Slackware x86_64 14.0 package: b0e7e6928c9cd5ab2e57bf8fe638ecea file-5.34-x86_64-1_slack14.0.txz Slackware 14.1 package: d1f2e67aa586b29106716bccca0c1254 file-5.34-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 6b80aff970625b044616f1b6d33174f1 file-5.34-x86_64-1_slack14.1.txz Slackware 14.2 package: cbf8105b10ed26f305b9f063dfcd9a56 file-5.34-i586-1_slack14.2.txz Slackware x86_64 14.2 package: db3ac31e11d8c21f160ceed3440ee741 file-5.34-x86_64-1_slack14.2.txz Slackware -current package: e38e06e16c568f5ac665141e922fa48e a/file-5.34-i586-1.txz Slackware x86_64 -current package: 33b43ec2735e90d73a51fa8ed7df2350 a/file-5.34-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg file-5.34-i586-1_slack14.2.txz +-----+ . Updated software distributions launched for Slackware 14.0, 14.1, 14.2, and -current to resolve a significant security vulnerability.. File Package Fix, Security Update, Denial of Service Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 31, 2018 Critical Slackware
Banner 3 1028x280 1708121785 1771599793
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorydenial of servicemedium severity

Arch Linux: ASA-201411-9 Medium: File DoS Due To Out-Of-Bounds Read

The package file before version 5.20-2 is vulnerable to denial of service through out-of-bounds read. . Arch Linux Security Advisory ASA-201411-9 ======================================== Severity: Medium Date : 2014-11-12 CVE-ID : CVE-2014-3710 Package : file Type : denial of service through out-of-bounds read Remote : No Link : https://wiki.archlinux.org/title/CVE-2014 Summary ====== The package file before version 5.20-2 is vulnerable to denial of service through out-of-bounds read. Resolution ========= Upgrade to 5.20-2. # pacman -Syu "file> =5.20-2" The problems have been fixed upstream [0] but no release version is available yet. Workaround ========= None. Description ========== An out-of-bounds read flaw was found in file's donote() function in the way the file utility determined the note headers of a elf file. This could possibly lead to file executable crash. Impact ===== A specially crafted elf file may lead to out-of-bounds read while parsing the note headers and lead to file executable crash. As readelf in file is widely used this could possibly lead to denial of service of middleware relying on it. References ========= [0] https://github.com/file/file/commit/39c7ac1106 https://access.redhat.com/security/cve/CVE-2014-3710 https://bugzilla.redhat.com/show_bug.cgi?id=1155071 https://bugs.archlinux.org/task/42759 . Arch Linux Security Advisory ASA-201411-9 ======================================== Severity: Medium . package, version, vulnerable, denial, service, through, out-of-bounds. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Nov 12, 2014 Medium ArchLinux
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian: DSA-3021-2 Critical File Detection Regression Fix

This update corrects DSA 3021-1, which introduced a regression in the detection of a some "Composite Document Files" (CDF), marking them look as corrupted, with the error: "Can't expand summary_info". . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3021-2 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Luciano Bello September 10, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : file CVE ID : CVE-2014-0207 CVE-2014-0237 CVE-2014-0238 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3538 CVE-2014-3587 This update corrects DSA 3021-1, which introduced a regression in the detection of a some "Composite Document Files" (CDF), marking them look as corrupted, with the error: "Can't expand summary_info". On additional information, 5.11-2+deb7u4 changed the detection of certain text files in the same way php5 did this in 5.4.4-14+deb7u13. Since the new output is more accurate and this change also restored the better detection as seen in the squeeze version of file, this is not being reverted. For reference, the original advisory text follows: Multiple security issues have been found in file, a tool to determine a file type. These vulnerabilities allow remote attackers to cause a denial of service, via resource consumption or application crash. For the stable distribution (wheezy), these problems have been fixed in version 5.11-2+deb7u5. We recommend that you upgrade your file packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Notice regarding DSA-3021-2 resolving file identification problems withinDebian, including a fix for regression in Composite Document Formats.. Debian Security Advisory, File Package Update, Composite Document Files. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 10, 2014 Critical Debian
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here