Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial servicememory management

Ubuntu 20.04 LTS: USN-7392-3: critical: kernel denial of service

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7392-3 April 01, 2025 linux-aws vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-aws: Linux kernel for Amazon Web Services (AWS) systems Details: Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2025-0927) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - SuperH RISC architecture; - User-Mode Linux (UML); - x86 architecture; - Cryptographic API; - Virtio block driver; - Data acquisition framework and drivers; - Hardware crypto device drivers; - DMA engine subsystem; - EDAC drivers; - ARM SCPI message protocol; - GPIO subsystem; - GPU drivers; - HID subsystem; - Microsoft Hyper-V drivers; - I3C subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - LED subsystem; - Multiple devices driver; - Media drivers; - Multifunction device drivers; - MMC subsystem; - MTD block device drivers; - Network drivers; - Mellanoxnetwork drivers; - NVME drivers; - PCI subsystem; - Pin controllers subsystem; - x86 platform drivers; - Real Time Clock drivers; - SCSI subsystem; - SuperH / SH-Mobile drivers; - QCOM SoC drivers; - SPI subsystem; - USB Gadget drivers; - USB Serial drivers; - USB Type-C Port Controller Manager driver; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - BTRFS file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - File systems infrastructure; - JFFS2 file system; - JFS file system; - Network file system (NFS) client; - Network file system (NFS) server daemon; - NILFS2 file system; - Overlay file system; - Proc file system; - Diskquota system; - SMB network file system; - UBI file system; - Timer subsystem; - VLANs driver; - LAPB network protocol; - Kernel init infrastructure; - BPF subsystem; - Kernel CPU control infrastructure; - Tracing infrastructure; - Memory management; - 9P file system network protocol; - Bluetooth subsystem; - CAN network layer; - Networking core; - DCCP (Datagram Congestion Control Protocol); - IEEE802154.4 network protocol; - IPv4 networking; - IPv6 networking; - IEEE 802.15.4 subsystem; - Netfilter; - Netlink; - NET/ROM layer; - Packet sockets; - Network traffic control; - SCTP protocol; - Sun RPC protocol; - TIPC protocol; - eXpress Data Path; - SELinux security module; - USB sound devices; (CVE-2024-56532, CVE-2024-53127, CVE-2024-56574, CVE-2024-56576, CVE-2024-57922, CVE-2024-53135, CVE-2024-56606, CVE-2024-53155, CVE-2024-53136, CVE-2024-56769, CVE-2024-56690, CVE-2024-53150, CVE-2024-38588, CVE-2024-53171, CVE-2024-56748, CVE-2024-56558, CVE-2024-56595, CVE-2024-56670, CVE-2024-56637, CVE-2024-56739, CVE-2024-56681, CVE-2024-53158, CVE-2024-53172, CVE-2024-56700, CVE-2024-56645, CVE-2024-56723, CVE-2024-56572,CVE-2024-57889, CVE-2024-43098, CVE-2024-56614, CVE-2024-53197, CVE-2025-21640, CVE-2024-57938, CVE-2024-53140, CVE-2024-57929, CVE-2024-56593, CVE-2024-56691, CVE-2025-21687, CVE-2024-56770, CVE-2024-53131, CVE-2024-56531, CVE-2024-56603, CVE-2025-21653, CVE-2024-53239, CVE-2024-57946, CVE-2024-56581, CVE-2024-56694, CVE-2024-56597, CVE-2024-57849, CVE-2024-56601, CVE-2024-53156, CVE-2024-56747, CVE-2024-53146, CVE-2025-21664, CVE-2024-53217, CVE-2025-21638, CVE-2024-53157, CVE-2024-56688, CVE-2024-47707, CVE-2024-53173, CVE-2024-56605, CVE-2024-56619, CVE-2024-49925, CVE-2024-49936, CVE-2024-56586, CVE-2024-57892, CVE-2024-56562, CVE-2024-57902, CVE-2024-53148, CVE-2024-53194, CVE-2024-56720, CVE-2024-53121, CVE-2024-48881, CVE-2024-56767, CVE-2024-56780, CVE-2024-56548, CVE-2024-57931, CVE-2024-56724, CVE-2024-53142, CVE-2024-53214, CVE-2025-21639, CVE-2024-43900, CVE-2024-56659, CVE-2024-57908, CVE-2024-57913, CVE-2024-53181, CVE-2024-56630, CVE-2024-56598, CVE-2024-56539, CVE-2024-57951, CVE-2024-56600, CVE-2024-52332, CVE-2024-55916, CVE-2024-53130, CVE-2024-56587, CVE-2024-57911, CVE-2024-57901, CVE-2024-57807, CVE-2024-49996, CVE-2025-21697, CVE-2024-53198, CVE-2024-53145, CVE-2024-57910, CVE-2022-49034, CVE-2024-56629, CVE-2024-56570, CVE-2024-57948, CVE-2024-53227, CVE-2024-56643, CVE-2024-56602, CVE-2024-57904, CVE-2024-56594, CVE-2024-56615, CVE-2024-53690, CVE-2024-56650, CVE-2025-21699, CVE-2024-56644, CVE-2024-56631, CVE-2024-53183, CVE-2024-50051, CVE-2024-49884, CVE-2024-56569, CVE-2024-56596, CVE-2024-57912, CVE-2024-56781, CVE-2024-57802, CVE-2024-56704, CVE-2024-57850, CVE-2024-57906, CVE-2025-21678, CVE-2024-56634, CVE-2024-53138, CVE-2021-47219, CVE-2024-57890, CVE-2024-53112, CVE-2024-53174, CVE-2024-56756, CVE-2024-56779, CVE-2024-57884, CVE-2024-56746, CVE-2024-53161, CVE-2024-57900, CVE-2024-56567, CVE-2024-56633, CVE-2025-21694, CVE-2024-53165, CVE-2024-56642, CVE-2024-53184, CVE-2024-44938, CVE-2024-53124, CVE-2025-21689, CVE-2024-53680) Updateinstructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.4.0-1142-aws 5.4.0-1142.152 linux-image-aws-lts-20.04 5.4.0.1142.139 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7392-3 https://ubuntu.com/security/notices/USN-7392-2 https://ubuntu.com/security/notices/USN-7392-1 CVE-2021-47219, CVE-2022-49034, CVE-2024-23848, CVE-2024-38588, CVE-2024-43098, CVE-2024-43900, CVE-2024-44938, CVE-2024-47707, CVE-2024-48881, CVE-2024-49884, CVE-2024-49925, CVE-2024-49936, CVE-2024-49996, CVE-2024-50051, CVE-2024-52332, CVE-2024-53112, CVE-2024-53121, CVE-2024-53124, CVE-2024-53127, CVE-2024-53130, CVE-2024-53131, CVE-2024-53135, CVE-2024-53136, CVE-2024-53138, CVE-2024-53140, CVE-2024-53142, CVE-2024-53145, CVE-2024-53146, CVE-2024-53148, CVE-2024-53150, CVE-2024-53155, CVE-2024-53156, CVE-2024-53157, CVE-2024-53158, CVE-2024-53161, CVE-2024-53165, CVE-2024-53171, CVE-2024-53172, CVE-2024-53173, CVE-2024-53174, CVE-2024-53181, CVE-2024-53183, CVE-2024-53184, CVE-2024-53194, CVE-2024-53197, CVE-2024-53198, CVE-2024-53214, CVE-2024-53217, CVE-2024-53227, CVE-2024-53239, CVE-2024-53680, CVE-2024-53690, CVE-2024-55916, CVE-2024-56531, CVE-2024-56532, CVE-2024-56539, CVE-2024-56548, CVE-2024-56558, CVE-2024-56562, CVE-2024-56567, CVE-2024-56569, CVE-2024-56570, CVE-2024-56572, CVE-2024-56574, CVE-2024-56576, CVE-2024-56581,CVE-2024-56586, CVE-2024-56587, CVE-2024-56593, CVE-2024-56594, CVE-2024-56595, CVE-2024-56596, CVE-2024-56597, CVE-2024-56598, CVE-2024-56600, CVE-2024-56601, CVE-2024-56602, CVE-2024-56603, CVE-2024-56605, CVE-2024-56606, CVE-2024-56614, CVE-2024-56615, CVE-2024-56619, CVE-2024-56629, CVE-2024-56630, CVE-2024-56631, CVE-2024-56633, CVE-2024-56634, CVE-2024-56637, CVE-2024-56642, CVE-2024-56643, CVE-2024-56644, CVE-2024-56645, CVE-2024-56650, CVE-2024-56659, CVE-2024-56670, CVE-2024-56681, CVE-2024-56688, CVE-2024-56690, CVE-2024-56691, CVE-2024-56694, CVE-2024-56700, CVE-2024-56704, CVE-2024-56720, CVE-2024-56723, CVE-2024-56724, CVE-2024-56739, CVE-2024-56746, CVE-2024-56747, CVE-2024-56748, CVE-2024-56756, CVE-2024-56767, CVE-2024-56769, CVE-2024-56770, CVE-2024-56779, CVE-2024-56780, CVE-2024-56781, CVE-2024-57802, CVE-2024-57807, CVE-2024-57849, CVE-2024-57850, CVE-2024-57884, CVE-2024-57889, CVE-2024-57890, CVE-2024-57892, CVE-2024-57900, CVE-2024-57901, CVE-2024-57902, CVE-2024-57904, CVE-2024-57906, CVE-2024-57908, CVE-2024-57910, CVE-2024-57911, CVE-2024-57912, CVE-2024-57913, CVE-2024-57922, CVE-2024-57929, CVE-2024-57931, CVE-2024-57938, CVE-2024-57946, CVE-2024-57948, CVE-2024-57951, CVE-2025-0927, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21653, CVE-2025-21664, CVE-2025-21678, CVE-2025-21687, CVE-2025-21689, CVE-2025-21694, CVE-2025-21697, CVE-2025-21699 Package Information: https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1142.152 . A recent security bulletin reveals multiple flaws within the Ubuntu AWS kernel, addressing critical concerns such as potential service disruptions.. Ubuntu Linux Kernel Security, AWS Kernel Updates, Denial of Service Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 01, 2025 Critical Ubuntu
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryrsyncSUSE

SUSE: 2022:2959-1 Important: Rsync Critical File Write Problem

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for rsync ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2959-1 Rating: important References: #1201840 Cross-References: CVE-2022-29154 CVSS scores: CVE-2022-29154 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H CVE-2022-29154 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server for SAP 15-SP1 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE LinuxEnterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rsync fixes the following issues: - CVE-2022-29154: Fixed an arbitrary file write issue that could be triggered by a malicious remote server (bsc#1201840). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-2959=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2959=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2959=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2959=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2959=1 - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-2959=1 - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-2959=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2959=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2959=1 - SUSE LinuxEnterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-2959=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-2959=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2022-2959=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2959=1 - SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-2959=1 - SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-2959=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2959=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2959=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-2959=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-2959=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-2959=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-2959=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-2959=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-2959=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Manager Server 4.1 (ppc64le s390x x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Manager Proxy 4.1 (x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE LinuxEnterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Enterprise Storage 7 (aarch64 x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 - SUSE CaaS Platform 4.0 (x86_64): rsync-3.1.3-150000.4.13.1 rsync-debuginfo-3.1.3-150000.4.13.1 rsync-debugsource-3.1.3-150000.4.13.1 References: https://www.suse.com/security/cve/CVE-2022-29154.html https://bugzilla.suse.com/1201840 . This software alert highlights an essential wget enhancement that rectifies a severe directory access issue alongside setup guidelines.. SUSE Security Update, Rsync Patch, File Write Issue, Linux Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 31, 2022 Important SuSE
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryremote code executionprivilege escalation

SUSE: 2022:1123-3 Urgent: Linux Kernel Update for SLE 15 SP4

An update that fixes 8 vulnerabilities is now available. . SUSE Security Update: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP2) ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:0367-1 Rating: important References: #1179664 #1179779 #1179877 #1180008 #1180030 #1180032 #1180562 Cross-References: CVE-2020-0465 CVE-2020-0466 CVE-2020-29368 CVE-2020-29373 CVE-2020-29569 CVE-2020-29660 CVE-2020-29661 CVE-2020-36158 CVSS scores: CVE-2020-0465 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-0465 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-0466 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-0466 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-29368 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-29368 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-29373 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2020-29569 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2020-29569 (SUSE): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2020-29660 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N CVE-2020-29660 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-29661 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-29661 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-36158 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2020-36158 (SUSE): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Linux Enterprise Module forLive Patching 15-SP2 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for the Linux Kernel 5.3.18-24_15 fixes several issues. The following security issues were fixed: - CVE-2020-29373: Fixed an issue where kernel unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations (bsc#1179779). - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180562). - CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180030). - CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180032. - CVE-2020-29569: Fixed a use after free due to a logic error (bsc#1180008). - CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bsc#1179877). - CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179877). - CVE-2020-29368: Fixed an issue in copy-on-write implementation which could grant unintended write access because of a race condition in a THP mapcount check (bsc#1179664). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Live Patching 15-SP2: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2021-365=1 SUSE-SLE-Module-Live-Patching-15-SP2-2021-366=1 SUSE-SLE-Module-Live-Patching-15-SP2-2021-367=1 SUSE-SLE-Module-Live-Patching-15-SP2-2021-368=1 Package List: - SUSE Linux Enterprise Module for Live Patching15-SP2 (ppc64le s390x x86_64): kernel-livepatch-5_3_18-22-default-7-5.2 kernel-livepatch-5_3_18-22-default-debuginfo-7-5.2 kernel-livepatch-5_3_18-24_12-default-5-2.1 kernel-livepatch-5_3_18-24_12-default-debuginfo-5-2.1 kernel-livepatch-5_3_18-24_15-default-5-2.1 kernel-livepatch-5_3_18-24_15-default-debuginfo-5-2.1 kernel-livepatch-5_3_18-24_9-default-6-2.1 kernel-livepatch-5_3_18-24_9-default-debuginfo-6-2.1 kernel-livepatch-SLE15-SP2_Update_0-debugsource-7-5.2 kernel-livepatch-SLE15-SP2_Update_1-debugsource-6-2.1 kernel-livepatch-SLE15-SP2_Update_2-debugsource-5-2.1 kernel-livepatch-SLE15-SP2_Update_3-debugsource-5-2.1 References: https://www.suse.com/security/cve/CVE-2020-0465.html https://www.suse.com/security/cve/CVE-2020-0466.html https://www.suse.com/security/cve/CVE-2020-29368.html https://www.suse.com/security/cve/CVE-2020-29373.html https://www.suse.com/security/cve/CVE-2020-29569.html https://www.suse.com/security/cve/CVE-2020-29660.html https://www.suse.com/security/cve/CVE-2020-29661.html https://www.suse.com/security/cve/CVE-2020-36158.html https://bugzilla.suse.com/1179664 https://bugzilla.suse.com/1179779 https://bugzilla.suse.com/1179877 https://bugzilla.suse.com/1180008 https://bugzilla.suse.com/1180030 https://bugzilla.suse.com/1180032 https://bugzilla.suse.com/1180562 . This patch resolves various problems within the Linux Kernel, incorporating crucial updates to address security weaknesses.. Linux Kernel Security Patch,SUSE Live Patching Update,Kernel Live Patch Vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 10, 2021 Important SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorybuffer overflowFedora

Fedora 31: 2020-a724cc7926 Medium: e2fsprogs Buffer Overflow Fix

Fixes ----- A maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck. (Addresses CVE-2019-5094) E2fsck now checks to make sure the casefold flag is only set on directories, and only when the casefold feature is enabled. E2fsck will not disable the low dtime checks when using a backup superblock where the last mount time is zero. This fixes a. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-a724cc7926 2020-01-21 01:37:55.769294 --------------------------------------------------------------------------------Name : e2fsprogs Product : Fedora 31 Version : 1.45.5 Release : 1.fc31 URL : Summary : Utilities for managing ext2, ext3, and ext4 file systems Description : The e2fsprogs package contains a number of utilities for creating, checking, modifying, and correcting any inconsistencies in second, third and fourth extended (ext2/ext3/ext4) file systems. E2fsprogs contains e2fsck (used to repair file system inconsistencies after an unclean shutdown), mke2fs (used to initialize a partition to contain an empty ext2 file system), debugfs (used to examine the internal structure of a file system, to manually repair a corrupted file system, or to create test cases for e2fsck), tune2fs (used to modify file system parameters), and most of the other core ext2fs file system utilities. You should install the e2fsprogs package if you need to manage the performance of an ext2, ext3, or ext4 file system. --------------------------------------------------------------------------------Update Information: Fixes ----- A maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck. (Addresses CVE-2019-5094) E2fsck now checks to make sure the casefold flag is only set on directories, and only when the casefold feature is enabled. E2fsck will not disable the low dtime checks when using a backup superblock where the last mounttime is zero. This fixes a failure in xfstests ext4/007. Fix e2fsck so that when it needs to recreate the root directory, the quota counts are correctly updated. Fix e2scrub_all cron script so it checks to make sure e2scrub_all exists, since the crontab and cron script might stick around after the e2fsprogs package is removed. (Addresses Debian Bug: #932622) Fix e2scrub_all so that it works when the free space is exactly the snapshot size. (Addresses Debian Bug: #935009) Avoid spurious lvm warnings when e2scrub_all is run out of cron on non-systemd systems (Addresses Debian Bug: #940240) Update the man pages to document the new fsverity feature, and improve the documentation for the casefold and encrypt features. E2fsck will no longer force a full file system check if time-based forced checks are disabled and the last mount time or last write time in the superblock are in the future. Fix a potential out of bounds write when checking a maliciously corrupted file system. This is probably not exploitable on 64-bit platforms, but may be exploitable on 32-bit binaries depending on how the compiler lays out the stack variables. (Addresses CVE-2019-5188) Fixed spurious weekly e-mails when e2scrub_all is run via a cron job on non-systemd systems. (Addresses Debian Bug: #944033) Remove an unnecessary sleep in e2scrub which could add up to an additional two second delay during the boot up. Also, avoid trying to reap aborted snapshots if it has been disabled via e2scrub.conf. (Addresses Debian Bug: #948193) If a mischievous system administrator mounts a pseudo-file system such as tmpfs with a device name that duplicates another mounted file system, this could potentially confuse resize2fs when it needs to find the mount point of a mounted file system. (Who would have guessed?) Add some sanity checking so that we can make libext2fs more robust against such insanity, at least on Linux. (GNU HURD doesn't support st_rdev.) Tune2fs now prohibits enabling or disabling uninit_bg ifthe file system is mounted, since this could result in the file system getting corrupted, and there is an unfortunate AskUbuntu article suggesting this as a way to modify a file system's UUID on a live file system. (Ext4 now has a way to do this safely, using the metadata_csum_seed feature, which was added in the 4.4 Linux kernel.) Fix potential crash in e2fsck when rebuilding very large directories on file systems which have the new large_dir feature enable. Fix support of 32-bit uid's and gid's in fuse2fs and in mke2fs -d. Fix mke2fs's setting bad blocks to bigalloc file systems. Fix a bug where fuse2fs would incorrectly report the i_blocks fields for bigalloc file systems. Resize2fs's minimum size estimates (via resize2fs -M) estimates are now more accurate when run on mounted file systems. Fixed potential memory leak in read_bitmap() in libext2fs. Fixed various UBsan failures found when fuzzing file system images. (Addresses Google Bug: #128130353) Updated and clarified various man pages. Performance, Internal Implementation, Development Support etc. -------------------------------------------------------------- Fixed various debian packaging issues. (Addresses Debian Bug: #933247, #932874, #932876, #932855, #932859, #932861, #932881, #932888) Fix false positive test failure in f_pre_1970_date_encoding on 32-bit systems with a 64-bit time_t. (Addresses Debian Bug: #932906) Fixed various compiler warnings. (Addresses Google Bug #118836063) Update the Czech, Dutch, French, German, Malay, Polish, Portuguese, Spanish, Swedish, Ukrainian, and Vietnamese translations from the Translation Project. Speed up e2fsck on file systems with a very large number of inodes caused by repeated calls to gettext(). The inode_io io_manager can now support files which are greater than 2GB. The ext2_off_t and ext2_off64_t are now signed types so that ext2fs_file_lseek() and ext2fs_file_llseek() can work correctly. Reserve codepoint for the fast_commit feature. Fixed variousDebian packaging issues. Fix portability problems for Illumous and on hurd/i386 (Addresses Debian Bug: #944649) Always compile the ext2fs_swap_* functions even on little-endian architectures, so that debian/libext2fs.symbols can be consistent across architectures. Synchronized changes from Android's AOSP e2fsprogs tree. Updated config.guess and config.sub with newer versions from the FSF. Update the Chinese and Malay translations from the translation project. --------------------------------------------------------------------------------ChangeLog: * Wed Jan 8 2020 Lukas Czerner - 1.45.5-1 - New upstream release * Thu Oct 3 2019 Lukas Czerner - 1.45.4-1 - New upstream release --------------------------------------------------------------------------------References: [ 1 ] Bug #1768556 - CVE-2019-5094 e2fsprogs: crafted ext4 partition leads to out-of-bounds write [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1768556 [ 2 ] Bug #1790049 - CVE-2019-5188 e2fsprogs: Out-of-bounds write in e2fsck/rehash.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1790049 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-a724cc7926' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Addressing e2fsprogs buffer overflow issues and enhancing e2fsck for improved Fedora system reliability.. Fedora Update,e2fsprogs,buffer overflow,e2fsck,file system repair. . LinuxSecurity.com Team

Calendar 2 Jan 20, 2020 Fedora
Banner 3 1028x280 1708121785 1771599793
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

Scientific Linux: CVE-2010-1083 Important Kernel Security Fix

Important: kernel security and bug fix update. Date: Thu, 30 Sep 2010 10:44:10 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Important: kernel on SL5.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." Synopsis: Important: kernel security and bug fix update Issue date: 2010-09-29 CVE Names: CVE-2010-1083 CVE-2010-2492 CVE-2010-2798 CVE-2010-2938 CVE-2010-2942 CVE-2010-2943 CVE-2010-3015 This update fixes the following security issues: * A buffer overflow flaw was found in the ecryptfs_uid_hash() function in the Linux kernel eCryptfs implementation. On systems that have the eCryptfs netlink transport (Scientific Linux 5 does) or where the "/dev/ecryptfs" file has world writable permissions (which it does not, by default, on Scientific Linux 5), a local, unprivileged user could use this flaw to cause a denial of service or possibly escalate their privileges. (CVE-2010-2492, Important) * A miscalculation of the size of the free space of the initial directory entry in a directory leaf block was found in the Linux kernel Global File System 2 (GFS2) implementation. A local, unprivileged user with write access to a GFS2-mounted file system could perform a rename operation on that file system to trigger a NULL pointer dereference, possibly resulting in a denial of service or privilege escalation. (CVE-2010-2798, Important) * A flaw was found in the Xen hypervisor implementation when running a system that has an Intel CPU without Extended Page Tables (EPT) support. While attempting to dump information about a crashing fully-virtualized guest, the flaw could cause the hypervisor to crash the host as well. A user with permissions to configure a fully-virtualized guest system could use this flaw to crash the host. (CVE-2010-2938, Moderate) * Information leak flaws were found in the Linux kernel's Traffic Control Unit implementation. A local attacker could use these flaws to cause the kernel to leak kernel memory touser-space, possibly leading to the disclosure of sensitive information. (CVE-2010-2942, Moderate) * A flaw was found in the Linux kernel's XFS file system implementation. The file handle lookup could return an invalid inode as valid. If an XFS file system was mounted via NFS (Network File System), a local attacker could access stale data or overwrite existing data that reused the inodes. (CVE-2010-2943, Moderate) * An integer overflow flaw was found in the extent range checking code in the Linux kernel's ext4 file system implementation. A local, unprivileged user with write access to an ext4-mounted file system could trigger this flaw by writing to a file at a very large file offset, resulting in a local denial of service. (CVE-2010-3015, Moderate) * An information leak flaw was found in the Linux kernel's USB implementation. Certain USB errors could result in an uninitialized kernel buffer being sent to user-space. An attacker with physical access to a target system could use this flaw to cause an information leak. (CVE-2010-1083, Low) This update also fixes several bugs. The system must be rebooted for this update to take effect. SL 5.x SRPMS: kernel-2.6.18-194.17.1.el5.src.rpm i386: kernel-2.6.18-194.17.1.el5.i686.rpm kernel-debug-2.6.18-194.17.1.el5.i686.rpm kernel-debug-devel-2.6.18-194.17.1.el5.i686.rpm kernel-devel-2.6.18-194.17.1.el5.i686.rpm kernel-doc-2.6.18-194.17.1.el5.noarch.rpm kernel-PAE-2.6.18-194.17.1.el5.i686.rpm kernel-PAE-devel-2.6.18-194.17.1.el5.i686.rpm kernel-xen-2.6.18-194.17.1.el5.i686.rpm kernel-xen-devel-2.6.18-194.17.1.el5.i686.rpm Dependancies: kernel-module-aufs-2.6.18-194.17.1.el5-0.20090202.cvs-6.sl5.i686.rpm kernel-module-aufs-2.6.18-194.17.1.el5PAE-0.20090202.cvs-6.sl5.i686.rpm kernel-module-aufs-2.6.18-194.17.1.el5xen-0.20090202.cvs-6.sl5.i686.rpm kernel-module-ipw3945-2.6.18-194.17.1.el5-1.2.0-2.sl5.i686.rpm kernel-module-ipw3945-2.6.18-194.17.1.el5PAE-1.2.0-2.sl5.i686.rpm kernel-module-ipw3945-2.6.18-194.17.1.el5xen-1.2.0-2.sl5.i686.rpm kernel-module-madwifi-2.6.18-194.17.1.el5-0.9.4-15.sl5.i686.rpm kernel-module-madwifi-2.6.18-194.17.1.el5PAE-0.9.4-15.sl5.i686.rpm kernel-module-madwifi-2.6.18-194.17.1.el5xen-0.9.4-15.sl5.i686.rpm kernel-module-madwifi-hal-2.6.18-194.17.1.el5-0.9.4-15.sl5.i686.rpm kernel-module-madwifi-hal-2.6.18-194.17.1.el5PAE-0.9.4-15.sl5.i686.rpm kernel-module-madwifi-hal-2.6.18-194.17.1.el5xen-0.9.4-15.sl5.i686.rpm kernel-module-ndiswrapper-2.6.18-194.17.1.el5-1.55-1.SL.i686.rpm kernel-module-ndiswrapper-2.6.18-194.17.1.el5PAE-1.55-1.SL.i686.rpm kernel-module-ndiswrapper-2.6.18-194.17.1.el5xen-1.55-1.SL.i686.rpm kernel-module-openafs-2.6.18-194.17.1.el5-1.4.12-79.sl5.i686.rpm kernel-module-openafs-2.6.18-194.17.1.el5PAE-1.4.12-79.sl5.i686.rpm kernel-module-openafs-2.6.18-194.17.1.el5xen-1.4.12-79.sl5.i686.rpm kernel-module-xfs-2.6.18-194.17.1.el5-0.4-2.sl5.i686.rpm kernel-module-xfs-2.6.18-194.17.1.el5PAE-0.4-2.sl5.i686.rpm kernel-module-xfs-2.6.18-194.17.1.el5xen-0.4-2.sl5.i686.rpm x86_64: kernel-2.6.18-194.17.1.el5.x86_64.rpm kernel-debug-2.6.18-194.17.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-194.17.1.el5.x86_64.rpm kernel-devel-2.6.18-194.17.1.el5.x86_64.rpm kernel-doc-2.6.18-194.17.1.el5.noarch.rpm kernel-headers-2.6.18-194.17.1.el5.x86_64.rpm kernel-xen-2.6.18-194.17.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-194.17.1.el5.x86_64.rpm Dependancies: kernel-module-aufs-2.6.18-194.17.1.el5-0.20090202.cvs-6.sl5.x86_64.rpm kernel-module-aufs-2.6.18-194.17.1.el5xen-0.20090202.cvs-6.sl5.x86_64.rpm kernel-module-ipw3945-2.6.18-194.17.1.el5-1.2.0-2.sl5.x86_64.rpm kernel-module-ipw3945-2.6.18-194.17.1.el5xen-1.2.0-2.sl5.x86_64.rpm kernel-module-madwifi-2.6.18-194.17.1.el5-0.9.4-15.sl5.x86_64.rpm kernel-module-madwifi-2.6.18-194.17.1.el5xen-0.9.4-15.sl5.x86_64.rpm kernel-module-madwifi-hal-2.6.18-194.17.1.el5-0.9.4-15.sl5.x86_64.rpm kernel-module-madwifi-hal-2.6.18-194.17.1.el5xen-0.9.4-15.sl5.x86_64.rpm kernel-module-ndiswrapper-2.6.18-194.17.1.el5-1.55-1.SL.x86_64.rpm kernel-module-ndiswrapper-2.6.18-194.17.1.el5xen-1.55-1.SL.x86_64.rpm kernel-module-openafs-2.6.18-194.17.1.el5-1.4.11-76.sl5.x86_64.rpm kernel-module-openafs-2.6.18-194.17.1.el5-1.4.12-79.sl5.x86_64.rpm kernel-module-openafs-2.6.18-194.17.1.el5xen-1.4.11-76.sl5.x86_64.rpm kernel-module-openafs-2.6.18-194.17.1.el5xen-1.4.12-79.sl5.x86_64.rpm -Connie Sieh -Troy Dawson . Important kernel patch for Scientific Linux tackling numerous vulnerabilities to maintain system security.. kernel Update, Scientific Linux Security, Buffer Overflow Fix, Denial Of Service, Security Management. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 30, 2010 Important Scientific Linux
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatkernel patch

Red Hat 5.4: RHSA-2010:0521-01 Moderate: GFS-KMOD Local Exploit

Updated gfs-kmod packages that fix one security issue are now available for Red Hat Enterprise Linux 5.4 Extended Update Support, kernel release 2.6.18-164.19.1.el5. [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: gfs-kmod security update Advisory ID: RHSA-2010:0521-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2010:0521.html Issue date: 2010-07-08 CVE Names: CVE-2010-0727 ==================================================================== 1. Summary: Updated gfs-kmod packages that fix one security issue are now available for Red Hat Enterprise Linux 5.4 Extended Update Support, kernel release 2.6.18-164.19.1.el5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Cluster-Storage (v. 5.4.Z server) - i386, ia64, ppc, x86_64 3. Description: The gfs-kmod packages contain modules that provide the ability to mount and use GFS file systems. A flaw was found in the gfs_lock() implementation. The GFS locking code could skip the lock operation for files that have the S_ISGID bit (set-group-ID on execution) in their mode set. A local, unprivileged user on a system that has a GFS file system mounted could use this flaw to cause a kernel panic. (CVE-2010-0727) These updated gfs-kmod packages are in sync with the latest kernel (2.6.18-164.19.1.el5). The modules in earlier gfs-kmod packages failed to load because they did not match the running kernel. It was possible to force-load the modules. With this update, however, users no longer need to. Users are advised to upgrade to these latest gfs-kmod packages, updated for use with the 2.6.18-164.19.1.el5 kernel, which contain a backported patch tocorrect this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 570863 - CVE-2010-0727 bug in GFS/GFS2 locking code leads to dos 6. Package List: RHEL Cluster-Storage (v. 5.4.Z server): Source: gfs-kmod-0.1.34-2.el5_4.3.src.rpm i386: gfs-kmod-debuginfo-0.1.34-2.el5_4.3.i686.rpm kmod-gfs-0.1.34-2.el5_4.3.i686.rpm kmod-gfs-PAE-0.1.34-2.el5_4.3.i686.rpm kmod-gfs-xen-0.1.34-2.el5_4.3.i686.rpm ia64: gfs-kmod-debuginfo-0.1.34-2.el5_4.3.ia64.rpm kmod-gfs-0.1.34-2.el5_4.3.ia64.rpm kmod-gfs-xen-0.1.34-2.el5_4.3.ia64.rpm ppc: gfs-kmod-debuginfo-0.1.34-2.el5_4.3.ppc64.rpm kmod-gfs-0.1.34-2.el5_4.3.ppc64.rpm x86_64: gfs-kmod-debuginfo-0.1.34-2.el5_4.3.x86_64.rpm kmod-gfs-0.1.34-2.el5_4.3.x86_64.rpm kmod-gfs-xen-0.1.34-2.el5_4.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2010-0727 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. . Critical gfs-kmod security patch released for Red Hat 5.4. Addresses essential kernel crash problem related to file permissions.. gfs-kmod Update, Kernel Security Patch, RHEL Advisory, Local Exploit. . LinuxSecurity.com Team

Calendar 2 Jul 13, 2010 Red Hat
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hat Linuxcritical

Red Hat Linux 9: RHSA-2004:004-02 Urgent: Kernel Vulnerability Detected

cvs can attempt to create files and directories in the root file system. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated CVS packages fix minor security issue Advisory ID: RHSA-2004:003-01 Issue date: 2004-01-05 Updated on: 2004-01-09 Product: Red Hat Linux Keywords: Cross references: Obsoletes: CVE Names: CAN-2003-0977 - --------------------------------------------------------------------- 1. Topic: Updated cvs packages closing a vulnerability that could allow cvs to attempt to create files and directories in the root file system are now available. 2. Relevant releases/architectures: Red Hat Linux 9 - i386 3. Problem description: CVS is a version control system frequently used to manage source code repositories. A flaw was found in versions of CVS prior to 1.11.10 where a malformed module request could cause the CVS server to attempt to create files or directories at the root level of the file system. However, normal file system permissions would prevent the creation of these misplaced directories. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0977 to this issue. Users of CVS are advised to upgrade to these erratum packages, which contain a patch correcting this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way toapply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. RPMs required: Red Hat Linux 9: SRPMS: i386: 6. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- d6a3c1f6e8403e5d069ab124b3b8ab86 9/en/os/SRPMS/cvs-1.11.2-13.src.rpm e6919ce0f562781a3926107d932becee 9/en/os/i386/cvs-1.11.2-13.i386.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://access.redhat.com/security/team/key You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 7. References: CVE -CVE-2003-0977 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/en/products Copyright 2003 Red Hat, Inc. . The Blue Shield announcement details a critical update tackling an issue concerning a Python directory traversal that may threaten system integrity.. Red Hat Security,CVS Update,System Updates,File Access Control. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 12, 2004 Critical Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here