Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 25 articles for you...
202
security advisorybuffer overflowimportantopenSUSE glusterfs Important Fixes Buffer Overflow Data Loss 2026-0104-1
An update that solves two vulnerabilities and has two fixes is now available.. openSUSE Security Update: Security update for glusterfs ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0104-1 Rating: important References: #1208517 #1208519 #1210894 #1212476 Cross-References: CVE-2022-48340 CVE-2023-26253 CVSS scores: CVE-2022-48340 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-26253 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for glusterfs fixes the following issues: - Update to release 11.2 * Next minor release tentative date: Release will be based on requirement only * Users are highly encouraged to upgrade to newer releases of GlusterFS. * Important fixes in this release - Regression suite tests failures are addressed - Fixed notify stack-based buffer over-read (boo#1208519, CVE-2023-26253) - Update to release 11.1 * Fix upgrade issue by reverting posix change related to storage.reserve value * Fix possible data loss during rebalance if there is any linkfile on the system - Disable IO_uring for now [boo#1210894] - Update to release 11 [boo#1208517] [boo#1208519] * Major performance impovement of ~36% with rmdir operations * Extension of ZFS support for snapshots * Qouta implimentation based on namespace * Major cleanups and readdir/readdirp improvements * Fixed use-after-free in dht_setxattr_mds_cbk (CVE-2022-48340) - Update to release 10.2 * Some 165 bugfixes with none particularly sticking out Patch Instructions: To install this openSUSE Security Update usethe SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2026-104=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): glusterfs-11.2-bp156.4.3.1 glusterfs-devel-11.2-bp156.4.3.1 libgfapi0-11.2-bp156.4.3.1 libgfchangelog0-11.2-bp156.4.3.1 libgfrpc0-11.2-bp156.4.3.1 libgfxdr0-11.2-bp156.4.3.1 libglusterfs0-11.2-bp156.4.3.1 - openSUSE Backports SLE-15-SP6 (noarch): python3-gluster-11.2-bp156.4.3.1 References: https://www.suse.com/security/cve/CVE-2022-48340.html https://www.suse.com/security/cve/CVE-2023-26253.html https://bugzilla.suse.com/1208517 https://bugzilla.suse.com/1208519 https://bugzilla.suse.com/1210894 https://bugzilla.suse.com/1212476 . Critical update for openSUSE glusterfs resolves important issues and two fixes, enhancing security and performance.. openSUSE glusterfs update important fixes security risk. . Severity: Important. LinuxSecurity.com Team
Mar 27, 2026
•Important
OpenSUSE
202
security advisorybuffer overflowDoSopenSUSE 2026-0099-1 glusterfs Important Buffer Overread DoS CVE-2022-48340
An update that solves two vulnerabilities and has two fixes is now available.. openSUSE Security Update: Security update for glusterfs ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0099-1 Rating: important References: #1208517 #1208519 #1210894 #1212476 Cross-References: CVE-2022-48340 CVE-2023-26253 CVSS scores: CVE-2022-48340 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-26253 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for glusterfs fixes the following issues: - Update to release 11.2 * Next minor release tentative date: Release will be based on requirement only * Users are highly encouraged to upgrade to newer releases of GlusterFS. * Important fixes in this release - Regression suite tests failures are addressed - Fixed notify stack-based buffer over-read (boo#1208519, CVE-2023-26253) - Update to release 11.1 * Fix upgrade issue by reverting posix change related to storage.reserve value * Fix possible data loss during rebalance if there is any linkfile on the system - Disable IO_uring for now [boo#1210894] - Update to release 11 [boo#1208517] [boo#1208519] * Major performance impovement of ~36% with rmdir operations * Extension of ZFS support for snapshots * Qouta implimentation based on namespace * Major cleanups and readdir/readdirp improvements * Fixed use-after-free in dht_setxattr_mds_cbk (CVE-2022-48340) - Update to release 10.2 * Some 165 bugfixes with none particularly sticking out Patch Instructions: To install this openSUSE Security Update usethe SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-99=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64): glusterfs-11.2-bp157.2.3.1 glusterfs-devel-11.2-bp157.2.3.1 libgfapi0-11.2-bp157.2.3.1 libgfchangelog0-11.2-bp157.2.3.1 libgfrpc0-11.2-bp157.2.3.1 libgfxdr0-11.2-bp157.2.3.1 libglusterfs0-11.2-bp157.2.3.1 - openSUSE Backports SLE-15-SP7 (noarch): python3-gluster-11.2-bp157.2.3.1 References: https://www.suse.com/security/cve/CVE-2022-48340.html https://www.suse.com/security/cve/CVE-2023-26253.html https://bugzilla.suse.com/1208517 https://bugzilla.suse.com/1208519 https://bugzilla.suse.com/1210894 https://bugzilla.suse.com/1212476 . This advisory reveals important updates for glusterfs addressing key vulnerabilities in openSUSE systems.. openSUSE updates, glusterfs vulnerabilities, Linux security patch, cloud storage security. . Severity: Important. LinuxSecurity.com Team
Mar 27, 2026
•Important
OpenSUSE
172
security advisorydenial of servicememory issueUbuntu 23.10: 6507-1 Moderate: GlusterFS Denial Of Service Risk
GlusterFS could be made to crash if it received a specially crafted request.. ========================================================================== Ubuntu Security Notice USN-6507-1 November 22, 2023 glusterfs vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 23.04 - Ubuntu 22.04 LTS Summary: GlusterFS could be made to crash if it received a specially crafted request. Software Description: - glusterfs: clustered file-system Details: It was discovered that GlusterFS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GlusterFS to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: glusterfs-client 10.3-5ubuntu0.1 glusterfs-common 10.3-5ubuntu0.1 glusterfs-server 10.3-5ubuntu0.1 Ubuntu 23.04: glusterfs-client 10.3-4ubuntu0.2 glusterfs-common 10.3-4ubuntu0.2 glusterfs-server 10.3-4ubuntu0.2 Ubuntu 22.04 LTS: glusterfs-client 10.1-1ubuntu0.2 glusterfs-common 10.1-1ubuntu0.2 glusterfs-server 10.1-1ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6507-1 CVE-2022-48340 Package Information: https://launchpad.net/ubuntu/+source/glusterfs/10.3-5ubuntu0.1 https://launchpad.net/ubuntu/+source/glusterfs/10.3-4ubuntu0.2 . Debian identifies a PostgreSQL vulnerability that may lead to service interruptions when processing specially formatted queries, impacting several versions.. GlusterFS Security, Denial Of Service, Ubuntu Update, Memory Crash Issue, Software Patch. . LinuxSecurity.com Team
Nov 22, 2023
Ubuntu
217
security advisoryupdatesambaOracle Linux 8: ELSA-2023-4328 Moderate: Samba Memory Leak Issue
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-4328 https://linux.oracle.com/errata/ELSA-2023-4328.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: ctdb-4.17.5-3.0.1.el8_8.x86_64.rpm libnetapi-4.17.5-3.0.1.el8_8.i686.rpm libnetapi-4.17.5-3.0.1.el8_8.x86_64.rpm libsmbclient-4.17.5-3.0.1.el8_8.i686.rpm libsmbclient-4.17.5-3.0.1.el8_8.x86_64.rpm libwbclient-4.17.5-3.0.1.el8_8.i686.rpm libwbclient-4.17.5-3.0.1.el8_8.x86_64.rpm python3-samba-4.17.5-3.0.1.el8_8.i686.rpm python3-samba-4.17.5-3.0.1.el8_8.x86_64.rpm python3-samba-dc-4.17.5-3.0.1.el8_8.x86_64.rpm python3-samba-test-4.17.5-3.0.1.el8_8.x86_64.rpm samba-4.17.5-3.0.1.el8_8.x86_64.rpm samba-client-4.17.5-3.0.1.el8_8.x86_64.rpm samba-client-libs-4.17.5-3.0.1.el8_8.i686.rpm samba-client-libs-4.17.5-3.0.1.el8_8.x86_64.rpm samba-common-4.17.5-3.0.1.el8_8.noarch.rpm samba-common-libs-4.17.5-3.0.1.el8_8.i686.rpm samba-common-libs-4.17.5-3.0.1.el8_8.x86_64.rpm samba-common-tools-4.17.5-3.0.1.el8_8.x86_64.rpm samba-dc-libs-4.17.5-3.0.1.el8_8.i686.rpm samba-dc-libs-4.17.5-3.0.1.el8_8.x86_64.rpm samba-dcerpc-4.17.5-3.0.1.el8_8.x86_64.rpm samba-krb5-printing-4.17.5-3.0.1.el8_8.x86_64.rpm samba-ldb-ldap-modules-4.17.5-3.0.1.el8_8.x86_64.rpm samba-libs-4.17.5-3.0.1.el8_8.i686.rpm samba-libs-4.17.5-3.0.1.el8_8.x86_64.rpm samba-pidl-4.17.5-3.0.1.el8_8.noarch.rpm samba-test-4.17.5-3.0.1.el8_8.x86_64.rpm samba-test-libs-4.17.5-3.0.1.el8_8.x86_64.rpm samba-tools-4.17.5-3.0.1.el8_8.x86_64.rpm samba-usershares-4.17.5-3.0.1.el8_8.x86_64.rpm samba-vfs-iouring-4.17.5-3.0.1.el8_8.x86_64.rpm samba-winbind-4.17.5-3.0.1.el8_8.x86_64.rpm samba-winbind-clients-4.17.5-3.0.1.el8_8.x86_64.rpm samba-winbind-krb5-locator-4.17.5-3.0.1.el8_8.x86_64.rpm samba-winbind-modules-4.17.5-3.0.1.el8_8.i686.rpm samba-winbind-modules-4.17.5-3.0.1.el8_8.x86_64.rpm samba-winexe-4.17.5-3.0.1.el8_8.x86_64.rpm libnetapi-devel-4.17.5-3.0.1.el8_8.i686.rpm libnetapi-devel-4.17.5-3.0.1.el8_8.x86_64.rpm libsmbclient-devel-4.17.5-3.0.1.el8_8.i686.rpm libsmbclient-devel-4.17.5-3.0.1.el8_8.x86_64.rpm libwbclient-devel-4.17.5-3.0.1.el8_8.i686.rpm libwbclient-devel-4.17.5-3.0.1.el8_8.x86_64.rpm python3-samba-devel-4.17.5-3.0.1.el8_8.i686.rpm python3-samba-devel-4.17.5-3.0.1.el8_8.x86_64.rpm samba-devel-4.17.5-3.0.1.el8_8.i686.rpm samba-devel-4.17.5-3.0.1.el8_8.x86_64.rpm samba-vfs-glusterfs-4.17.5-3.0.1.el8_8.x86_64.rpm aarch64: samba-vfs-glusterfs-4.17.5-3.0.1.el8_8.aarch64.rpm ctdb-4.17.5-3.0.1.el8_8.aarch64.rpm libnetapi-4.17.5-3.0.1.el8_8.aarch64.rpm libsmbclient-4.17.5-3.0.1.el8_8.aarch64.rpm libwbclient-4.17.5-3.0.1.el8_8.aarch64.rpm python3-samba-4.17.5-3.0.1.el8_8.aarch64.rpm python3-samba-dc-4.17.5-3.0.1.el8_8.aarch64.rpm python3-samba-test-4.17.5-3.0.1.el8_8.aarch64.rpm samba-4.17.5-3.0.1.el8_8.aarch64.rpm samba-client-4.17.5-3.0.1.el8_8.aarch64.rpm samba-client-libs-4.17.5-3.0.1.el8_8.aarch64.rpm samba-common-4.17.5-3.0.1.el8_8.noarch.rpm samba-common-libs-4.17.5-3.0.1.el8_8.aarch64.rpm samba-common-tools-4.17.5-3.0.1.el8_8.aarch64.rpm samba-dc-libs-4.17.5-3.0.1.el8_8.aarch64.rpm samba-dcerpc-4.17.5-3.0.1.el8_8.aarch64.rpm samba-krb5-printing-4.17.5-3.0.1.el8_8.aarch64.rpm samba-ldb-ldap-modules-4.17.5-3.0.1.el8_8.aarch64.rpm samba-libs-4.17.5-3.0.1.el8_8.aarch64.rpm samba-pidl-4.17.5-3.0.1.el8_8.noarch.rpm samba-test-4.17.5-3.0.1.el8_8.aarch64.rpm samba-test-libs-4.17.5-3.0.1.el8_8.aarch64.rpm samba-tools-4.17.5-3.0.1.el8_8.aarch64.rpm samba-usershares-4.17.5-3.0.1.el8_8.aarch64.rpm samba-vfs-iouring-4.17.5-3.0.1.el8_8.aarch64.rpm samba-winbind-4.17.5-3.0.1.el8_8.aarch64.rpm samba-winbind-clients-4.17.5-3.0.1.el8_8.aarch64.rpm samba-winbind-krb5-locator-4.17.5-3.0.1.el8_8.aarch64.rpm samba-winbind-modules-4.17.5-3.0.1.el8_8.aarch64.rpm libnetapi-devel-4.17.5-3.0.1.el8_8.aarch64.rpm libsmbclient-devel-4.17.5-3.0.1.el8_8.aarch64.rpm libwbclient-devel-4.17.5-3.0.1.el8_8.aarch64.rpm python3-samba-devel-4.17.5-3.0.1.el8_8.aarch64.rpm samba-devel-4.17.5-3.0.1.el8_8.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//samba-4.17.5-3.0.1.el8_8.src.rpm Related CVEs: CVE-2023-3347 Description of changes: [4.17.5-3.0.1] - Fix memleak in _nss_winbind_initgroups_dyn [Orabug: 34727815] - Gluster volumes not accessible via Samba due tomissing samba-vfs-glusterfs in OL8 [Orabug: 30205755] [4.17.5-3] - resolves: rhbz#2223601 - Fix trust relationship between workstation and DC - resolves: rhbz#2222895 - Fix CVE-2023-3347 _______________________________________________ El-errata mailing list
Aug 10, 2023
Oracle
172
security advisorydenial of servicecriticalUbuntu: 23.04, 22.10, 22.04 LTS USN-6157-1 Critical: GlusterFS DoS
GlusterFS could be made to crash if it received a specially crafted request.. =========================================================================Ubuntu Security Notice USN-6157-1 June 12, 2023 glusterfs vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.10 - Ubuntu 22.04 LTS Summary: GlusterFS could be made to crash if it received a specially crafted request. Software Description: - glusterfs: clustered file-system Details: Tao Lyu discovered that GlusterFS did not properly handle certain event notifications. An attacker could possibly use this issue to cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: glusterfs-client 10.3-4ubuntu0.1 glusterfs-common 10.3-4ubuntu0.1 glusterfs-server 10.3-4ubuntu0.1 Ubuntu 22.10: glusterfs-client 10.2-1ubuntu0.1 glusterfs-common 10.2-1ubuntu0.1 glusterfs-server 10.2-1ubuntu0.1 Ubuntu 22.04 LTS: glusterfs-client 10.1-1ubuntu0.1 glusterfs-common 10.1-1ubuntu0.1 glusterfs-server 10.1-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6157-1 CVE-2023-26253 Package Information: https://launchpad.net/ubuntu/+source/glusterfs/10.3-4ubuntu0.1 https://launchpad.net/ubuntu/+source/glusterfs/10.2-1ubuntu0.1 https://launchpad.net/ubuntu/+source/glusterfs/10.1-1ubuntu0.1 . The Ubuntu Security Announcement USN-6158-1 highlights a severe vulnerability in OpenSSL which might lead to potential unauthorized access through specially designed packets.. GlusterFS Denial Of Service, Ubuntu Security Update, GlusterFS Crash Fix. .Severity: Critical. LinuxSecurity.com Team
Jun 12, 2023
•Critical
Ubuntu
89
security advisorymoderatefedoraFedora 37 GlusterFS 10.4 Moderate Buffer Overflow Advisory
GlusterFS 10.4 GA Security fix for CVE-2023-26253, CVE-2022-48340. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-5a54eea360 2023-04-12 01:32:13.145118 --------------------------------------------------------------------------------Name : glusterfs Product : Fedora 37 Version : 10.4 Release : 1.fc37 URL : https://docs.gluster.org/en/latest/ Summary : Distributed File System Description : GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over TCP/IP interconnect into one large parallel network filesystem. GlusterFS is one of the most sophisticated file systems in terms of features and extensibility. It borrows a powerful concept called Translators from GNU Hurd kernel. Much of the code in GlusterFS is in user space and easily manageable. This package includes the glusterfs binary, the glusterfsd daemon and the libglusterfs and glusterfs translator modules common to both GlusterFS server and client framework. --------------------------------------------------------------------------------Update Information: GlusterFS 10.4 GA Security fix for CVE-2023-26253, CVE-2022-48340 --------------------------------------------------------------------------------ChangeLog: * Thu Apr 6 2023 Kaleb S. KEITHLEY - 10.4-1 - 10.4 GA --------------------------------------------------------------------------------References: [ 1 ] Bug #2173922 - CVE-2022-48340 glusterfs: heap use-after-free in dht_setxattr_mds_cbk() in dht-common.c https://bugzilla.redhat.com/show_bug.cgi?id=2173922 [ 2 ] Bug #2173923 - CVE-2023-26253 glusterfs: stack-based buffer overflow in notify() in fuse-bridge.c https://bugzilla.redhat.com/show_bug.cgi?id=2173923 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade--advisory FEDORA-2023-5a54eea360' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 12, 2023
Fedora
172
security advisorydenial of servicecriticalUbuntu 16.04 ESM: USN-5990-1 High: MongoDB Information Disclosure
GlusterFS could be made to crash if it received a specially crafted request.. =========================================================================Ubuntu Security Notice USN-5989-1 March 30, 2023 glusterfs vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: GlusterFS could be made to crash if it received a specially crafted request. Software Description: - glusterfs: clustered file-system Details: Tao Lyu discovered that GlusterFS did not properly handle certain event notifications. An attacker could possibly use this issue to cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: glusterfs-client 3.7.6-1ubuntu1+esm2 glusterfs-common 3.7.6-1ubuntu1+esm2 glusterfs-server 3.7.6-1ubuntu1+esm2 In general, a standard system update will make all the necessary changes. References: CVE-2023-26253 . Issues with GlusterFS running on Ubuntu may result from specially crafted inputs, potentially compromising the system's reliability. Ensure updates are applied to maintain optimal performance.. GlusterFS Security Patch, Ubuntu Updates, Denial of Service Exploit. . LinuxSecurity.com Team
Mar 30, 2023
Ubuntu
197
security advisorymoderatebuffer overflowDebian: DLA-2806-1 Moderate: GlusterFS Multiple Security Issues
Multiple security vulnerabilities were discovered in GlusterFS, a clustered file system. Buffer overflows and path traversal issues may lead to information disclosure, denial-of-service or the execution of arbitrary code. . -------------------------------------------------------------------------Debian LTS Advisory DLA-2806-1
Nov 01, 2021
Debian LTS
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!