Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":550,"type":"x","order":1,"pct":78.57,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.29,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowsoftware update

SUSE 15 SP6: 2025:0586-1 important: grub2 heap overflow issues

* bsc#1229163 * bsc#1229164 * bsc#1233606 * bsc#1233608 * bsc#1233609 . # Security update for grub2 Announcement ID: SUSE-SU-2025:0586-1 Release Date: 2025-02-19T07:29:02Z Rating: important References: * bsc#1229163 * bsc#1229164 * bsc#1233606 * bsc#1233608 * bsc#1233609 * bsc#1233610 * bsc#1233612 * bsc#1233613 * bsc#1233614 * bsc#1233615 * bsc#1233616 * bsc#1233617 * bsc#1234958 * bsc#1236316 * bsc#1236317 * bsc#1237002 * bsc#1237006 * bsc#1237008 * bsc#1237009 * bsc#1237010 * bsc#1237011 * bsc#1237012 * bsc#1237013 * bsc#1237014 Cross-References: * CVE-2024-45774 * CVE-2024-45775 * CVE-2024-45776 * CVE-2024-45777 * CVE-2024-45778 * CVE-2024-45779 * CVE-2024-45780 * CVE-2024-45781 * CVE-2024-45782 * CVE-2024-45783 * CVE-2024-49504 * CVE-2024-56737 * CVE-2025-0622 * CVE-2025-0624 * CVE-2025-0677 * CVE-2025-0678 * CVE-2025-0684 * CVE-2025-0685 * CVE-2025-0686 * CVE-2025-0689 * CVE-2025-0690 * CVE-2025-1118 * CVE-2025-1125 CVSS scores: * CVE-2024-45774 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45774 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45775 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45775 ( NVD ): 5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2024-45776 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45776 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45777 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45778 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45779 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45780 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45781 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45781 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45782 ( SUSE ): 6.7CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45783 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45783 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49504 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49504 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-49504 ( NVD ): 7.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56737 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56737 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56737 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-0622 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0622 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0624 ( SUSE ): 7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2025-0677 ( SUSE ): 8.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0677 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0678 ( SUSE ): 8.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0678 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0684 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0685 ( SUSE ): 8.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0685 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0686 ( SUSE ): 8.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0686 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0689 ( SUSE ): 8.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0689 ( SUSE ): 6.4CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-0690 ( SUSE ): 7.3 CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-0690 ( SUSE ): 6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1118 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-1118 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2025-1125 ( SUSE ): 8.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-1125 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 23 vulnerabilities and has one security fix can now be installed. ## Description: This update for grub2 fixes the following issues: * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617) * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958) * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615) * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614) * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616) * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609) * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610) * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612) * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613) * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable modules. (bsc#1233606) * CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608) * CVE-2024-49504: Fixed an issue that can bypass TPM-bound disk encryption on SL(E)M encrypted Images. (bsc#1229164) * CVE-2025-0624: Fixed an out-of-bounds write during the network bootprocess. (bsc#1236316) * CVE-2025-0622: Fixed a use-after-free when handling hooks during module unload in command/gpg . (bsc#1236317) * CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds write through the read command. (bsc#1237012) * CVE-2025-1118: Fixed an issue where the dump command was not being blocked when grub was in lockdown mode. (bsc#1237013) * CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds write when handling symlinks in ufs. (bsc#1237002) * CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds write when handling symlinks in reiserfs. (bsc#1237008) * CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds write when handling symlinks in jfs. (bsc#1237009) * CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds write when handling symlinks in romfs. (bsc#1237010) * CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to arbitrary code execution. (bsc#1237011) * CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds write in hfs. (bsc#1237014) * CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds write in squash4. (bsc#1237006) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-586=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-586=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-586=1 openSUSE-SLE-15.6-2025-586=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * grub2-debuginfo-2.12-150600.8.18.2 * grub2-2.12-150600.8.18.2 * Basesystem Module 15-SP6 (noarch) *grub2-powerpc-ieee1275-2.12-150600.8.18.2 * grub2-systemd-sleep-plugin-2.12-150600.8.18.2 * grub2-x86_64-efi-2.12-150600.8.18.2 * grub2-snapper-plugin-2.12-150600.8.18.2 * grub2-i386-pc-2.12-150600.8.18.2 * grub2-arm64-efi-2.12-150600.8.18.2 * Basesystem Module 15-SP6 (aarch64 s390x x86_64) * grub2-debugsource-2.12-150600.8.18.2 * Basesystem Module 15-SP6 (s390x) * grub2-s390x-emu-2.12-150600.8.18.2 * Server Applications Module 15-SP6 (noarch) * grub2-x86_64-xen-2.12-150600.8.18.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * grub2-branding-upstream-2.12-150600.8.18.2 * grub2-debuginfo-2.12-150600.8.18.2 * grub2-2.12-150600.8.18.2 * openSUSE Leap 15.6 (aarch64 s390x x86_64 i586) * grub2-debugsource-2.12-150600.8.18.2 * openSUSE Leap 15.6 (noarch) * grub2-powerpc-ieee1275-2.12-150600.8.18.2 * grub2-x86_64-efi-extras-2.12-150600.8.18.2 * grub2-i386-pc-extras-2.12-150600.8.18.2 * grub2-x86_64-xen-debug-2.12-150600.8.18.2 * grub2-i386-efi-extras-2.12-150600.8.18.2 * grub2-arm64-efi-2.12-150600.8.18.2 * grub2-i386-pc-debug-2.12-150600.8.18.2 * grub2-x86_64-xen-2.12-150600.8.18.2 * grub2-i386-efi-debug-2.12-150600.8.18.2 * grub2-snapper-plugin-2.12-150600.8.18.2 * grub2-s390x-emu-extras-2.12-150600.8.18.2 * grub2-i386-xen-debug-2.12-150600.8.18.2 * grub2-powerpc-ieee1275-debug-2.12-150600.8.18.2 * grub2-systemd-sleep-plugin-2.12-150600.8.18.2 * grub2-i386-pc-2.12-150600.8.18.2 * grub2-arm64-efi-debug-2.12-150600.8.18.2 * grub2-i386-xen-2.12-150600.8.18.2 * grub2-arm64-efi-extras-2.12-150600.8.18.2 * grub2-x86_64-efi-debug-2.12-150600.8.18.2 * grub2-x86_64-xen-extras-2.12-150600.8.18.2 * grub2-powerpc-ieee1275-extras-2.12-150600.8.18.2 * grub2-x86_64-efi-2.12-150600.8.18.2 * grub2-i386-efi-2.12-150600.8.18.2 * grub2-i386-xen-extras-2.12-150600.8.18.2 * openSUSE Leap 15.6 (s390x) * grub2-s390x-emu-debug-2.12-150600.8.18.2 *grub2-s390x-emu-2.12-150600.8.18.2 ## References: * https://www.suse.com/security/cve/CVE-2024-45774.html * https://www.suse.com/security/cve/CVE-2024-45775.html * https://www.suse.com/security/cve/CVE-2024-45776.html * https://www.suse.com/security/cve/CVE-2024-45777.html * https://www.suse.com/security/cve/CVE-2024-45778.html * https://www.suse.com/security/cve/CVE-2024-45779.html * https://www.suse.com/security/cve/CVE-2024-45780.html * https://www.suse.com/security/cve/CVE-2024-45781.html * https://www.suse.com/security/cve/CVE-2024-45782.html * https://www.suse.com/security/cve/CVE-2024-45783.html * https://www.suse.com/security/cve/CVE-2024-49504.html * https://www.suse.com/security/cve/CVE-2024-56737.html * https://www.suse.com/security/cve/CVE-2025-0622.html * https://www.suse.com/security/cve/CVE-2025-0624.html * https://www.suse.com/security/cve/CVE-2025-0677.html * https://www.suse.com/security/cve/CVE-2025-0678.html * https://www.suse.com/security/cve/CVE-2025-0684.html * https://www.suse.com/security/cve/CVE-2025-0685.html * https://www.suse.com/security/cve/CVE-2025-0686.html * https://www.suse.com/security/cve/CVE-2025-0689.html * https://www.suse.com/security/cve/CVE-2025-0690.html * https://www.suse.com/security/cve/CVE-2025-1118.html * https://www.suse.com/security/cve/CVE-2025-1125.html * https://bugzilla.suse.com/show_bug.cgi?id=1229163 * https://bugzilla.suse.com/show_bug.cgi?id=1229164 * https://bugzilla.suse.com/show_bug.cgi?id=1233606 * https://bugzilla.suse.com/show_bug.cgi?id=1233608 * https://bugzilla.suse.com/show_bug.cgi?id=1233609 * https://bugzilla.suse.com/show_bug.cgi?id=1233610 * https://bugzilla.suse.com/show_bug.cgi?id=1233612 * https://bugzilla.suse.com/show_bug.cgi?id=1233613 * https://bugzilla.suse.com/show_bug.cgi?id=1233614 * https://bugzilla.suse.com/show_bug.cgi?id=1233615 * https://bugzilla.suse.com/show_bug.cgi?id=1233616 * https://bugzilla.suse.com/show_bug.cgi?id=1233617 *https://bugzilla.suse.com/show_bug.cgi?id=1234958 * https://bugzilla.suse.com/show_bug.cgi?id=1236316 * https://bugzilla.suse.com/show_bug.cgi?id=1236317 * https://bugzilla.suse.com/show_bug.cgi?id=1237002 * https://bugzilla.suse.com/show_bug.cgi?id=1237006 * https://bugzilla.suse.com/show_bug.cgi?id=1237008 * https://bugzilla.suse.com/show_bug.cgi?id=1237009 * https://bugzilla.suse.com/show_bug.cgi?id=1237010 * https://bugzilla.suse.com/show_bug.cgi?id=1237011 * https://bugzilla.suse.com/show_bug.cgi?id=1237012 * https://bugzilla.suse.com/show_bug.cgi?id=1237013 * https://bugzilla.suse.com/show_bug.cgi?id=1237014 . Important grub2 update for SUSE resolves several security flaws and vulnerabilities across different platforms.. SUSE Linux, grub2 update, security issues, system patching. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 19, 2025 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":550,"type":"x","order":1,"pct":78.57,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.29,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here