Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -1 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryDoS issuesecurity fix

openSUSE Leap 15.4: 2022:0210-2 Low: QEMU DoS and Crash Issues

An update that fixes two vulnerabilities is now available. . openSUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0210-2 Rating: low References: #1172033 #1181361 Cross-References: CVE-2020-13253 CVE-2021-20196 CVSS scores: CVE-2020-13253 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-13253 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2021-20196 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-20196 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L Affected Products: openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for qemu fixes the following issues: - CVE-2020-13253: Fixed an OOB access that could crash the guest resulting in DoS (bsc#1172033) - CVE-2021-20196: Fixed null pointer dereference that may lead to guest crash (bsc#1181361). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-210=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): qemu-s390-4.2.1-11.34.2 qemu-s390-debuginfo-4.2.1-11.34.2 References: https://www.suse.com/security/cve/CVE-2020-13253.html https://www.suse.com/security/cve/CVE-2021-20196.html https://bugzilla.suse.com/1172033 https://bugzilla.suse.com/1181361 . This release for Fedora addresses multiple vulnerabilities in qemu that could result in guest system failures. Instructions for implementing the patches are provided.. openSUSEUpdates, QEMU Security Fix, OpenSUSE Leap 15.4, Guest Crash Resolution, QEMU Vulnerability Management. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Feb 18, 2022 Low OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysoftware patchDoS

SUSE: 2022:0210-2 Low Severity: QEMU DoS and Crash Update

An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:0210-2 Rating: low References: #1172033 #1181361 Cross-References: CVE-2020-13253 CVE-2021-20196 CVSS scores: CVE-2020-13253 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-13253 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2021-20196 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-20196 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L Affected Products: SUSE Linux Enterprise Realtime Extension 15-SP2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for qemu fixes the following issues: - CVE-2020-13253: Fixed an OOB access that could crash the guest resulting in DoS (bsc#1172033) - CVE-2021-20196: Fixed null pointer dereference that may lead to guest crash (bsc#1181361). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Realtime Extension 15-SP2: zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-210=1 Package List: - SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch): qemu-ipxe-1.0.0+-11.34.2 qemu-microvm-4.2.1-11.34.2 qemu-seabios-1.12.1+-11.34.2 qemu-sgabios-8-11.34.2 qemu-vgabios-1.12.1+-11.34.2 - SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64): qemu-4.2.1-11.34.2 qemu-audio-alsa-4.2.1-11.34.2 qemu-audio-alsa-debuginfo-4.2.1-11.34.2 qemu-audio-pa-4.2.1-11.34.2 qemu-audio-pa-debuginfo-4.2.1-11.34.2 qemu-block-curl-4.2.1-11.34.2 qemu-block-curl-debuginfo-4.2.1-11.34.2 qemu-block-iscsi-4.2.1-11.34.2 qemu-block-iscsi-debuginfo-4.2.1-11.34.2 qemu-block-rbd-4.2.1-11.34.2 qemu-block-rbd-debuginfo-4.2.1-11.34.2 qemu-block-ssh-4.2.1-11.34.2 qemu-block-ssh-debuginfo-4.2.1-11.34.2 qemu-debuginfo-4.2.1-11.34.2 qemu-debugsource-4.2.1-11.34.2 qemu-guest-agent-4.2.1-11.34.2 qemu-guest-agent-debuginfo-4.2.1-11.34.2 qemu-kvm-4.2.1-11.34.2 qemu-lang-4.2.1-11.34.2 qemu-tools-4.2.1-11.34.2 qemu-tools-debuginfo-4.2.1-11.34.2 qemu-ui-curses-4.2.1-11.34.2 qemu-ui-curses-debuginfo-4.2.1-11.34.2 qemu-ui-gtk-4.2.1-11.34.2 qemu-ui-gtk-debuginfo-4.2.1-11.34.2 qemu-ui-spice-app-4.2.1-11.34.2 qemu-ui-spice-app-debuginfo-4.2.1-11.34.2 qemu-x86-4.2.1-11.34.2 qemu-x86-debuginfo-4.2.1-11.34.2 References: https://www.suse.com/security/cve/CVE-2020-13253.html https://www.suse.com/security/cve/CVE-2021-20196.html https://bugzilla.suse.com/1172033 https://bugzilla.suse.com/1181361 . A recent update to QEMU addresses two concerns, enhancing the security framework for SUSE Realtime Extension 15-SP2 through minor severity resolutions.. SUSE Linux Enterprise,qemu security update,DoS issue resolution,guest crash fix. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Feb 18, 2022 Low SuSE
Banner 2 1028x280 1708121730 1 1771599631
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity updatelow severity

openSUSE Leap 15.3: 2022:0177-1 Low: QEMU Guest Crash Threat

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0177-1 Rating: low References: #1181361 Cross-References: CVE-2021-20196 CVSS scores: CVE-2021-20196 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-20196 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for qemu fixes the following issues: - CVE-2021-20196: Fixed null pointer dereference that may lead to guest crash (bsc#1181361). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-177=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): qemu-5.2.0-150300.109.2 qemu-arm-5.2.0-150300.109.2 qemu-arm-debuginfo-5.2.0-150300.109.2 qemu-audio-alsa-5.2.0-150300.109.2 qemu-audio-alsa-debuginfo-5.2.0-150300.109.2 qemu-audio-pa-5.2.0-150300.109.2 qemu-audio-pa-debuginfo-5.2.0-150300.109.2 qemu-audio-spice-5.2.0-150300.109.2 qemu-audio-spice-debuginfo-5.2.0-150300.109.2 qemu-block-curl-5.2.0-150300.109.2 qemu-block-curl-debuginfo-5.2.0-150300.109.2 qemu-block-dmg-5.2.0-150300.109.2 qemu-block-dmg-debuginfo-5.2.0-150300.109.2 qemu-block-gluster-5.2.0-150300.109.2 qemu-block-gluster-debuginfo-5.2.0-150300.109.2 qemu-block-iscsi-5.2.0-150300.109.2 qemu-block-iscsi-debuginfo-5.2.0-150300.109.2 qemu-block-nfs-5.2.0-150300.109.2 qemu-block-nfs-debuginfo-5.2.0-150300.109.2 qemu-block-rbd-5.2.0-150300.109.2 qemu-block-rbd-debuginfo-5.2.0-150300.109.2 qemu-block-ssh-5.2.0-150300.109.2 qemu-block-ssh-debuginfo-5.2.0-150300.109.2 qemu-chardev-baum-5.2.0-150300.109.2 qemu-chardev-baum-debuginfo-5.2.0-150300.109.2 qemu-chardev-spice-5.2.0-150300.109.2 qemu-chardev-spice-debuginfo-5.2.0-150300.109.2 qemu-debuginfo-5.2.0-150300.109.2 qemu-debugsource-5.2.0-150300.109.2 qemu-extra-5.2.0-150300.109.2 qemu-extra-debuginfo-5.2.0-150300.109.2 qemu-guest-agent-5.2.0-150300.109.2 qemu-guest-agent-debuginfo-5.2.0-150300.109.2 qemu-hw-display-qxl-5.2.0-150300.109.2 qemu-hw-display-qxl-debuginfo-5.2.0-150300.109.2 qemu-hw-display-virtio-gpu-5.2.0-150300.109.2 qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.109.2 qemu-hw-display-virtio-gpu-pci-5.2.0-150300.109.2 qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.109.2 qemu-hw-display-virtio-vga-5.2.0-150300.109.2 qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.109.2 qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.109.2 qemu-hw-s390x-virtio-gpu-ccw-debuginfo-5.2.0-150300.109.2 qemu-hw-usb-redirect-5.2.0-150300.109.2 qemu-hw-usb-redirect-debuginfo-5.2.0-150300.109.2 qemu-hw-usb-smartcard-5.2.0-150300.109.2 qemu-hw-usb-smartcard-debuginfo-5.2.0-150300.109.2 qemu-ivshmem-tools-5.2.0-150300.109.2 qemu-ivshmem-tools-debuginfo-5.2.0-150300.109.2 qemu-ksm-5.2.0-150300.109.2 qemu-lang-5.2.0-150300.109.2 qemu-linux-user-5.2.0-150300.109.2 qemu-linux-user-debuginfo-5.2.0-150300.109.2 qemu-linux-user-debugsource-5.2.0-150300.109.2 qemu-ppc-5.2.0-150300.109.2 qemu-ppc-debuginfo-5.2.0-150300.109.2 qemu-s390x-5.2.0-150300.109.2 qemu-s390x-debuginfo-5.2.0-150300.109.2 qemu-testsuite-5.2.0-150300.109.4 qemu-tools-5.2.0-150300.109.2 qemu-tools-debuginfo-5.2.0-150300.109.2 qemu-ui-curses-5.2.0-150300.109.2 qemu-ui-curses-debuginfo-5.2.0-150300.109.2 qemu-ui-gtk-5.2.0-150300.109.2 qemu-ui-gtk-debuginfo-5.2.0-150300.109.2 qemu-ui-opengl-5.2.0-150300.109.2 qemu-ui-opengl-debuginfo-5.2.0-150300.109.2 qemu-ui-spice-app-5.2.0-150300.109.2 qemu-ui-spice-app-debuginfo-5.2.0-150300.109.2 qemu-ui-spice-core-5.2.0-150300.109.2 qemu-ui-spice-core-debuginfo-5.2.0-150300.109.2 qemu-vhost-user-gpu-5.2.0-150300.109.2 qemu-vhost-user-gpu-debuginfo-5.2.0-150300.109.2 qemu-x86-5.2.0-150300.109.2 qemu-x86-debuginfo-5.2.0-150300.109.2 - openSUSE Leap 15.3 (s390x x86_64): qemu-kvm-5.2.0-150300.109.2 - openSUSE Leap 15.3 (noarch): qemu-ipxe-1.0.0+-150300.109.2 qemu-microvm-5.2.0-150300.109.2 qemu-seabios-1.14.0_0_g155821a-150300.109.2 qemu-sgabios-8-150300.109.2 qemu-skiboot-5.2.0-150300.109.2 qemu-vgabios-1.14.0_0_g155821a-150300.109.2 References: https://www.suse.com/security/cve/CVE-2021-20196.html https://bugzilla.suse.com/1181361 . Debian has issued a security patch for KVM fixing a virtual machine freeze concern categorized as low in criticality.. openSUSE Updates, QEMU Security Fix, Low Severity Patch, Leap Security Advisory. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Jan 25, 2022 Low OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysoftware fixlow severity

SUSE MicroOS 5.1 Security Advisory: Low Risk qemu Guest Crash Fix

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:0177-1 Rating: low References: #1181361 Cross-References: CVE-2021-20196 CVSS scores: CVE-2021-20196 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-20196 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L Affected Products: SUSE MicroOS 5.1 SUSE Linux Enterprise Module for Server Applications 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for qemu fixes the following issues: - CVE-2021-20196: Fixed null pointer dereference that may lead to guest crash (bsc#1181361). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE MicroOS 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-177=1 - SUSE Linux Enterprise Module for Server Applications 15-SP3: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-177=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-177=1 Package List: - SUSE MicroOS 5.1 (aarch64 s390x x86_64): qemu-5.2.0-150300.109.2 qemu-debuginfo-5.2.0-150300.109.2 qemu-debugsource-5.2.0-150300.109.2 qemu-tools-5.2.0-150300.109.2 qemu-tools-debuginfo-5.2.0-150300.109.2 - SUSE MicroOS 5.1 (aarch64): qemu-arm-5.2.0-150300.109.2 qemu-arm-debuginfo-5.2.0-150300.109.2 - SUSE MicroOS 5.1 (noarch): qemu-ipxe-1.0.0+-150300.109.2 qemu-seabios-1.14.0_0_g155821a-150300.109.2 qemu-sgabios-8-150300.109.2 qemu-vgabios-1.14.0_0_g155821a-150300.109.2 - SUSE MicroOS 5.1 (x86_64): qemu-x86-5.2.0-150300.109.2 qemu-x86-debuginfo-5.2.0-150300.109.2 - SUSE MicroOS 5.1 (s390x): qemu-s390x-5.2.0-150300.109.2 qemu-s390x-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64): qemu-5.2.0-150300.109.2 qemu-block-curl-5.2.0-150300.109.2 qemu-block-curl-debuginfo-5.2.0-150300.109.2 qemu-block-iscsi-5.2.0-150300.109.2 qemu-block-iscsi-debuginfo-5.2.0-150300.109.2 qemu-block-rbd-5.2.0-150300.109.2 qemu-block-rbd-debuginfo-5.2.0-150300.109.2 qemu-block-ssh-5.2.0-150300.109.2 qemu-block-ssh-debuginfo-5.2.0-150300.109.2 qemu-chardev-baum-5.2.0-150300.109.2 qemu-chardev-baum-debuginfo-5.2.0-150300.109.2 qemu-debuginfo-5.2.0-150300.109.2 qemu-debugsource-5.2.0-150300.109.2 qemu-guest-agent-5.2.0-150300.109.2 qemu-guest-agent-debuginfo-5.2.0-150300.109.2 qemu-ksm-5.2.0-150300.109.2 qemu-lang-5.2.0-150300.109.2 qemu-ui-curses-5.2.0-150300.109.2 qemu-ui-curses-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le x86_64): qemu-audio-spice-5.2.0-150300.109.2 qemu-audio-spice-debuginfo-5.2.0-150300.109.2 qemu-chardev-spice-5.2.0-150300.109.2 qemu-chardev-spice-debuginfo-5.2.0-150300.109.2 qemu-hw-display-qxl-5.2.0-150300.109.2 qemu-hw-display-qxl-debuginfo-5.2.0-150300.109.2 qemu-hw-display-virtio-vga-5.2.0-150300.109.2 qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.109.2 qemu-hw-usb-redirect-5.2.0-150300.109.2 qemu-hw-usb-redirect-debuginfo-5.2.0-150300.109.2 qemu-ui-gtk-5.2.0-150300.109.2 qemu-ui-gtk-debuginfo-5.2.0-150300.109.2 qemu-ui-opengl-5.2.0-150300.109.2 qemu-ui-opengl-debuginfo-5.2.0-150300.109.2 qemu-ui-spice-app-5.2.0-150300.109.2 qemu-ui-spice-app-debuginfo-5.2.0-150300.109.2 qemu-ui-spice-core-5.2.0-150300.109.2 qemu-ui-spice-core-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (s390x x86_64): qemu-hw-display-virtio-gpu-5.2.0-150300.109.2 qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.109.2 qemu-hw-display-virtio-gpu-pci-5.2.0-150300.109.2 qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.109.2 qemu-kvm-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64): qemu-arm-5.2.0-150300.109.2 qemu-arm-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (ppc64le): qemu-ppc-5.2.0-150300.109.2 qemu-ppc-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (x86_64): qemu-audio-alsa-5.2.0-150300.109.2 qemu-audio-alsa-debuginfo-5.2.0-150300.109.2 qemu-audio-pa-5.2.0-150300.109.2 qemu-audio-pa-debuginfo-5.2.0-150300.109.2 qemu-x86-5.2.0-150300.109.2 qemu-x86-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch): qemu-ipxe-1.0.0+-150300.109.2 qemu-seabios-1.14.0_0_g155821a-150300.109.2 qemu-sgabios-8-150300.109.2 qemu-skiboot-5.2.0-150300.109.2 qemu-vgabios-1.14.0_0_g155821a-150300.109.2 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (s390x): qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.109.2 qemu-hw-s390x-virtio-gpu-ccw-debuginfo-5.2.0-150300.109.2 qemu-s390x-5.2.0-150300.109.2 qemu-s390x-debuginfo-5.2.0-150300.109.2 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): qemu-debuginfo-5.2.0-150300.109.2 qemu-debugsource-5.2.0-150300.109.2 qemu-tools-5.2.0-150300.109.2 qemu-tools-debuginfo-5.2.0-150300.109.2 References: https://www.suse.com/security/cve/CVE-2021-20196.html https://bugzilla.suse.com/1181361 . SUSE releases qemu patch addressing minor guest crash risk along with installation guidelines. Maintain your security!. SUSE qemu update, MicroOS security patch, guest crash fix. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Jan 25, 2022 Low SuSE
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoramanagement tool

Fedora 33: FEDORA-2020-64859a826b Critical: Xen Permissions Issues

xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) Xenstore: guests can disturb domain cleanup. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-64859a826b 2020-12-25 01:21:55.445209 --------------------------------------------------------------------------------Name : xen Product : Fedora 33 Version : 4.14.0 Release : 14.fc33 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483] (#1908087) oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485] (#1908000) undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566] (#1908085) oxenstored: node ownership can be changed by unprivileged clients [XSA-352, CVE-2020-29486] (#1908003) oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479] (#1908002) infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567] (#1907932) FIFO event channels control block related ordering [XSA-358, CVE-2020-29570] (#1907931) FIFO event channels controlstructure ordering [XSA-359, CVE-2020-29571] (#1908089) --------------------------------------------------------------------------------ChangeLog: * Tue Dec 15 2020 Michael Young - 4.14.0-14 - xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) - Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) - Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) - Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) - Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483] (#1905648) - oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485] (#1908000) - undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566] (#1908085) - oxenstored: node ownership can be changed by unprivileged clients [XSA-352, CVE-2020-29486] (#1908003) - oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479] (#1908003) - infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567] (#1907932) - FIFO event channels control block related ordering [XSA-358, CVE-2020-29570] (#1907931) - FIFO event channels control structure ordering [XSA-359, CVE-2020-29571] (#1908089) * Sat Dec 5 2020 Jeff Law - 4.14.0-13 - Work around another gcc-11 stringop-overflow diagnostic --------------------------------------------------------------------------------References: [ 1 ] Bug #1905623 - CVE-2020-29485 xen: oxenstored memory leak in reset_watches (XSA-330) https://bugzilla.redhat.com/show_bug.cgi?id=1905623 [ 2 ] Bug #1905626 - CVE-2020-29482 xen: Xenstore: wrong path length check (XSA-323) https://bugzilla.redhat.com/show_bug.cgi?id=1905626 [ 3 ] Bug #1905632 - CVE-2020-29481 xen: Xenstore: new domains inheriting existing node permissions (XSA-322) https://bugzilla.redhat.com/show_bug.cgi?id=1905632 [ 4 ] Bug #1905635 - CVE-2020-29484 xen: Xenstore: guests can crash xenstored viawatchs (XSA-324) https://bugzilla.redhat.com/show_bug.cgi?id=1905635 [ 5 ] Bug #1905648 - CVE-2020-29483 xen: Xenstore: guests can disturb domain cleanup (XSA-325) https://bugzilla.redhat.com/show_bug.cgi?id=1905648 [ 6 ] Bug #1905652 - CVE-2020-29486 xen: oxenstored: node ownership can be changed by unprivileged clients (XSA-352) https://bugzilla.redhat.com/show_bug.cgi?id=1905652 [ 7 ] Bug #1905656 - CVE-2020-29567 xen: infinite loop when cleaning up IRQ vectors (XSA-356) https://bugzilla.redhat.com/show_bug.cgi?id=1905656 [ 8 ] Bug #1905668 - CVE-2020-29479 xen: oxenstored: permissions not checked on root node (XSA-353) https://bugzilla.redhat.com/show_bug.cgi?id=1905668 [ 9 ] Bug #1905669 - CVE-2020-29566 xen: undue recursion in x86 HVM context switch code (XSA-348) https://bugzilla.redhat.com/show_bug.cgi?id=1905669 [ 10 ] Bug #1905672 - CVE-2020-29480 xen: xenstore watch notifications lacking permission checks (XSA-115) https://bugzilla.redhat.com/show_bug.cgi?id=1905672 [ 11 ] Bug #1905675 - CVE-2020-29570 xen: FIFO event channels control block related ordering (XSA-358) https://bugzilla.redhat.com/show_bug.cgi?id=1905675 [ 12 ] Bug #1905676 - CVE-2020-29571 xen: FIFO event channels control structure ordering https://bugzilla.redhat.com/show_bug.cgi?id=1905676 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-64859a826b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Important Fedora 33 patch for Xen addresses significant security vulnerabilities regarding access permissions and additional aspects for virtualization platforms.. Xen Security,Fedora Xen Update,Virtual Machine Monitor,Crash Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 24, 2020 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryinformation leakupdate

CentOS: 2019-bae7fa40e1 Urgent: Kernel Security Flaw and VM Stability Issue

Information leak via crafted user-supplied CDROM [XSA-258] (#1571867) x86: PV guest may crash Xen with XPTI [XSA-259] (#1571878). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-dbebca30d0 2018-04-29 20:52:27.048562 --------------------------------------------------------------------------------Name : xen Product : Fedora 28 Version : 4.10.0 Release : 9.fc28 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: Information leak via crafted user-supplied CDROM [XSA-258] (#1571867) x86: PV guest may crash Xen with XPTI [XSA-259] (#1571878) --------------------------------------------------------------------------------ChangeLog: * Wed Apr 25 2018 Michael Young - 4.10.0-9 - Information leak via crafted user-supplied CDROM [XSA-258] (#1571867) - x86: PV guest may crash Xen with XPTI [XSA-259] (#1571878) --------------------------------------------------------------------------------References: [ 1 ] Bug #1566253 - xsa258 xen: Information leak via crafted user-supplied CDROM https://bugzilla.redhat.com/show_bug.cgi?id=1566253 [ 2 ] Bug #1566220 - xsa259 xen: x86 PV guest may crash Xen with XPTI https://bugzilla.redhat.com/show_bug.cgi?id=1566220 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-dbebca30d0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project canbe found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Uncover vital enhancements in Fedora 28 regarding Xen that tackle information exposure and virtual machine failures linked to XPTI.. Fedora Security,Audit Logs,Performance Metrics. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 29, 2018 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianescalation

Debian: DSA-3067-1 Critical: Qemu-KVM Privilege Escalation and Crashes

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. CVE-2014-3689 . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3067-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Salvatore Bonaccorso November 06, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : qemu-kvm CVE ID : CVE-2014-3689 CVE-2014-7815 Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. CVE-2014-3689 The Advanced Threat Research team at Intel Security reported that guest provided parameter were insufficiently validated in rectangle functions in the vmware-vga driver. A privileged guest user could use this flaw to write into qemu address space on the host, potentially escalating their privileges to those of the qemu host process. CVE-2014-7815 James Spadaro of Cisco reported insufficiently sanitized bits_per_pixel from the client in the QEMU VNC display driver. An attacker having access to the guest's VNC console could use this flaw to crash the guest. For the stable distribution (wheezy), these problems have been fixed in version 1.1.2+dfsg-6+deb7u5. We recommend that you upgrade your qemu-kvm packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian recommends updating qemu-kvm to address vulnerabilities that could permit privilege escalation and lead to guest operating system failures.. Debian Security Advisory,qemu-kvm update,virtualization issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 06, 2014 Critical Debian
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatprivilege escalation

Red Hat Enterprise Linux 5 RHSA-2010:0088-02 Important KVM Security Update

Updated kvm packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: kvm security and bug fix update Advisory ID: RHSA-2010:0088-02 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2010:0088.html Issue date: 2010-02-09 CVE Names: CVE-2010-0297 CVE-2010-0298 CVE-2010-0306 CVE-2010-0309 ==================================================================== 1. Summary: Updated kvm packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Multi OS (v. 5 client) - x86_64 RHEL Virtualization (v. 5 server) - x86_64 3. Description: KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. The x86 emulator implementation was missing a check for the Current Privilege Level (CPL) and I/O Privilege Level (IOPL). A user in a guest could leverage these flaws to cause a denial of service (guest crash) or possibly escalate their privileges within that guest. (CVE-2010-0298, CVE-2010-0306) A flaw was found in the Programmable Interval Timer (PIT) emulation. Access to the internal data structure pit_state, which represents the data state of the emulated PIT, was not properly validated in the pit_ioport_read() function. A privileged guest user could use this flaw to crash the host. (CVE-2010-0309) A flaw was found in the USB passthrough handling code. Aspecially-crafted USB packet sent from inside a guest could be used to trigger a buffer overflow in the usb_host_handle_control() function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to cause a denial of service (guest hang or crash) or possibly escalate their privileges within the host. (CVE-2010-0297) This update also fixes the following bugs: * pvclock MSR values were not preserved during remote migration, causing time drift for guests. (BZ#537028) * SMBIOS table 4 data is now generated for Windows guests. (BZ#545874) * if the qemu-kvm "-net user" option was used, unattended Windows XP installations did not receive an IP address after reboot. (BZ#546562) * when being restored from migration, a race condition caused Windows Server 2008 R2 guests to hang during shutdown. (BZ#546563) * the kernel symbol checking on the kvm-kmod build process has a safety check for ABI changes. (BZ#547293) * on hosts without high-res timers, Windows Server 2003 guests experienced significant time drift. (BZ#547625) * in some situations, installing Windows Server 2008 R2 from an ISO image resulted in a blue screen "BAD_POOL_HEADER" stop error. (BZ#548368) * a bug in the grow_refcount_table() error handling caused infinite recursion in some cases. This caused the qemu-kvm process to hang and eventually crash. (BZ#552159) * for Windows Server 2003 R2, Service Pack 2, 32-bit guests, an "unhandled vm exit" error could occur during reboot on some systems. (BZ#552518) * for Windows guests, QEMU could attempt to stop a stopped audio device, resulting in a "snd_playback_stop: ASSERT playback_channel-> base.active failed" error. (BZ#552519) * the Hypercall driver did not reset the device on power-down. (BZ#552528) * mechanisms have been added to make older savevm versions to be emitted in some cases. (BZ#552529) * an error in the Makefile prevented users from using the source RPM to install KVM. (BZ#552530) * guests became unresponsive and could use up to 100% CPU whenrunning certain benchmark tests with more than 7 guests running simultaneously. (BZ#553249) * QEMU could terminate randomly with virtio-net and SMP enabled. (BZ#561022) All KVM users should upgrade to these updated packages, which contain backported patches to resolve these issues. Note: The procedure in the Solution section must be performed before this update will take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at The following procedure must be performed before this update will take effect: 1) Stop all KVM guest virtual machines. 2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd. 3) Restart the KVM guest virtual machines. 5. Bugs fixed (http://bugzilla.redhat.com/): 537028 - pvclock msr values are not preserved across remote migration 545874 - Need to generate SMBIOS table 4 data for windows guests 546562 - Windows XP unattended install doesn't get an IP address after rebooting, if using -net user 546563 - Windows Server 2008 R2 shutdown hangs after restore from migration 547293 - kvm kmod package should filter only some specific ksym dependencies 547625 - time drift in win2k364 KVM guest 548368 - BSOD BAD_POOL_HEADER STOP 0x19 during boot of Windows Server 2008 R2 installer 552159 - qcow2: infinite recursion on grow_refcount_table() error handling 552518 - Rhev-Block driver causes 'unhandled vm exit' with 32bit win2k3r2sp2 Guest VM on restart 552519 - KVM : QEMU-Audio attempting to stop unactivated audio device (snd_playback_stop: ASSERT playback_channel-> base.active failed). 552528 - Hypercall driver doesn't reset device on power-down 552529 - kvm: migration: mechanism to makeolder savevm versions to be emitted on some cases 552530 - Build tree for RHEL 5.X and RHEL 5.4.z contains build bugs 553249 - hypercall device - Vm becomes non responsive on Sysmark benchmark (when more than 7 vm's running simultaneously) 557025 - CVE-2010-0297 kvm-userspace-rhel5: usb-linux.c: fix buffer overflow 559091 - CVE-2010-0298 kvm: emulator privilege escalation 560654 - CVE-2010-0306 kvm: emulator privilege escalation IOPL/CPL level check 560887 - CVE-2010-0309 kvm: cat /dev/port in guest cause the host hang 561022 - QEMU terminates without warning with virtio-net and SMP enabled 6. Package List: RHEL Desktop Multi OS (v. 5 client): Source: x86_64: kmod-kvm-83-105.el5_4.22.x86_64.rpm kvm-83-105.el5_4.22.x86_64.rpm kvm-debuginfo-83-105.el5_4.22.x86_64.rpm kvm-qemu-img-83-105.el5_4.22.x86_64.rpm kvm-tools-83-105.el5_4.22.x86_64.rpm RHEL Virtualization (v. 5 server): Source: x86_64: kmod-kvm-83-105.el5_4.22.x86_64.rpm kvm-83-105.el5_4.22.x86_64.rpm kvm-debuginfo-83-105.el5_4.22.x86_64.rpm kvm-qemu-img-83-105.el5_4.22.x86_64.rpm kvm-tools-83-105.el5_4.22.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2010-0297 https://access.redhat.com/security/cve/CVE-2010-0298 https://access.redhat.com/security/cve/CVE-2010-0306 https://access.redhat.com/security/cve/CVE-2010-0309 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLcVE6XlSAg2UNWIIRAsHiAKCpFKlrXkv7nFrGY+XEEzvaZOGxKgCfQ4CI LsIFiaziOI+yk3BCqvgg0hU=YAWH -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Canonical releases crucial QEMU security patch forUbuntu 18.04, targeting vulnerabilities that could result in VM failures and unauthorized access.. Red Hat Security Update, KVM Update, RHEL 5 Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 09, 2010 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here