Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity issuesoftware update

Mageia 9: 2025-0131 moderate: xz heap-use-after-free advisory

XZ has a heap-use-after-free bug in threaded .xz decoder. (CVE-2025-31115) References: - https://bugs.mageia.org/show_bug.cgi?id=34164 . MGASA-2025-0131 - Updated xz packages fix security vulnerability Publication date: 10 Apr 2025 URL: https://advisories.mageia.org/MGASA-2025-0131.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-31115 XZ has a heap-use-after-free bug in threaded .xz decoder. (CVE-2025-31115) References: - https://bugs.mageia.org/show_bug.cgi?id=34164 - https://www.openwall.com/lists/oss-security/2025/04/03/1 - https://www.cve.org/CVERecord?id=CVE-2025-31115 SRPMS: - 9/core/xz-5.4.3-1.1.mga9 . Mageia 9 has released a notice concerning xz packages because of a heap-use-after-free vulnerability. Discover more about the resolution.. Mageia 9, xz security, heap use after free, software vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 10, 2025 Important Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraFedora

Fedora 40: FEDORA-2025-3e178bb819 moderate: vim heap use after free

The newest upstream commit Security fix for CVE-2025-26603. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-3e178bb819 2025-02-24 01:25:12.732958+00:00 -------------------------------------------------------------------------------- Name : vim Product : Fedora 40 Version : 9.1.1122 Release : 1.fc40 URL : http://www.vim.org/ Summary : The VIM editor Description : VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. -------------------------------------------------------------------------------- Update Information: The newest upstream commit Security fix for CVE-2025-26603 -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 19 2025 Zdenek Dohnal - 2:9.1.1122-1 - patchlevel 1122 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2346610 - CVE-2025-26603 vim: heap-use-after-free in function str_to_reg in vim/vim [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2346610 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-3e178bb819' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announcemailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Ubuntu 23.04 implements a critical patch for nano fixing a buffer overflow vulnerability. Update promptly to maintain system security.. Fedora 40 Security Update,vim Heap Use After Free,Fedora Advisory Notifications. . LinuxSecurity.com Team

Calendar 2 Feb 24, 2025 Fedora
Banner 4 1028x280 1708121825 1771600306
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderateupdate

Red Hat Enterprise Linux 9 RHSA-2022-8070:01 Moderate dnsmasq Heap Issue

An update for dnsmasq is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: dnsmasq security and bug fix update Advisory ID: RHSA-2022:8070-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:8070 Issue date: 2022-11-15 CVE Names: CVE-2022-0934 ==================================================================== 1. Summary: An update for dnsmasq is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server. Security Fix(es): * dnsmasq: Heap use after free in dhcp6_no_relay (CVE-2022-0934) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugsfixed (https://bugzilla.redhat.com/): 2057075 - CVE-2022-0934 dnsmasq: Heap use after free in dhcp6_no_relay 2120711 - dnsmasq high CPU usage in 4.11 spoke deployment or after 4.10.21 to 4.11.0-rc.1 upgrade on an SNO node [rhel9] 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: dnsmasq-2.85-5.el9.src.rpm aarch64: dnsmasq-2.85-5.el9.aarch64.rpm dnsmasq-debuginfo-2.85-5.el9.aarch64.rpm dnsmasq-debugsource-2.85-5.el9.aarch64.rpm dnsmasq-utils-2.85-5.el9.aarch64.rpm dnsmasq-utils-debuginfo-2.85-5.el9.aarch64.rpm ppc64le: dnsmasq-2.85-5.el9.ppc64le.rpm dnsmasq-debuginfo-2.85-5.el9.ppc64le.rpm dnsmasq-debugsource-2.85-5.el9.ppc64le.rpm dnsmasq-utils-2.85-5.el9.ppc64le.rpm dnsmasq-utils-debuginfo-2.85-5.el9.ppc64le.rpm s390x: dnsmasq-2.85-5.el9.s390x.rpm dnsmasq-debuginfo-2.85-5.el9.s390x.rpm dnsmasq-debugsource-2.85-5.el9.s390x.rpm dnsmasq-utils-2.85-5.el9.s390x.rpm dnsmasq-utils-debuginfo-2.85-5.el9.s390x.rpm x86_64: dnsmasq-2.85-5.el9.x86_64.rpm dnsmasq-debuginfo-2.85-5.el9.x86_64.rpm dnsmasq-debugsource-2.85-5.el9.x86_64.rpm dnsmasq-utils-2.85-5.el9.x86_64.rpm dnsmasq-utils-debuginfo-2.85-5.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-0934 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBY3PhKtzjgjWX9erEAQgcqA//UVdaCbRPgvRq3pa2LZhYeAH2eGZuGTCC dtMrzDVt83OI7mJI1QKAA6VWxytfw7RPr0zXECWroVIJp2TgcNhB6shuALxMod8e 1VFlmcPdyWIvFydDJa8f/kxrzPdVhF42qHmO+DBA9f2n1BPLtu3FHokab3zUGeln B6wWEPxsrivTpPZ+fdRY4n7kOxnNU7cWqIFP/A/FUHz8X4etDGV0rmJkxeTNIvfV abXJ5t0RNgmgEYOzqUGCHN3A85DU2eNhQiVQ401fpX8djsds9k6fPGu09Q3pQRer G8aWBk+X6jdJqDOLVOtcpUj/HleJArjSvTtABBHIhvfk5Fkhf+nbr1s+ssrAuEA7 96RIvq0Agwnf+IEfom6yVWACw0wJgsXVgbJv90adZIY9roUq3545iIq624KsDjGv aNu4qnPBgB4jxA0IVZvbsJFr+Dj/iRimBQ1cx3nC9onKFkR1WFsf71GhTQxeuWkf AnQajO3sJOzukLJiOoaC1agbvJMBJLKSHWr5NXf9lO6X0tn7EnL5mz7ymPPegFUT 1S2cAy5J6+4hHGWw4RQC2H8zMSeplwl1PbopBD5WZOajQ2s96ijVAMa+r8jJJXLd VhbXYTC7EcSJH4ZkTTeq2fFhtAFb0cxnhuMlw+J4gv6+FXGOMyuQld5TzoszpOsJ lFtrMQGZcHI=fHx1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Moderate: updated security patches and bug resolutions for dnsmasq on Red Hat Enterprise Linux 9, mitigating heap memory corruption vulnerability.. dnsmasq Update, Red Hat Security, Moderate Impact Fix, Linux Security Advisory. . LinuxSecurity.com Team

Calendar 2 Nov 15, 2022 Red Hat
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity updatecritical

Mageia 7, 8: MGASA-2021-0112 Critical: Xpdf Heap Use After Free

In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack-> cache`, which causes an `heap-use-after-free` problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to another char in the same Type 3 font (CVE-2020-25725). . MGASA-2021-0112 - Updated xpdf packages fix security vulnerabilities Publication date: 04 Mar 2021 URL: https://advisories.mageia.org/MGASA-2021-0112.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2020-25725, CVE-2020-35376 In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack-> cache`, which causes an `heap-use-after-free` problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to another char in the same Type 3 font (CVE-2020-25725). Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function (CVE-2020-35376). References: - https://bugs.mageia.org/show_bug.cgi?id=28474 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/VLOYVJSM54IL6I5RY4QTJGRS7PIEG44X/ - https://www.cve.org/CVERecord?id=CVE-2020-25725 - https://www.cve.org/CVERecord?id=CVE-2020-35376 SRPMS: - 8/core/xpdf-4.03-1.mga8 - 7/core/xpdf-4.03-1.mga7 . A security enhancement for Xpdf resolves critical heap-use-after-free vulnerabilities in Mageia versions 7 and 8, following the latest patches. Ensure your system is secure.. Xpdf Security,Mageia Update,Heap Use After Free,Type 1C Font Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 04, 2021 Critical Mageia
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical update

Fedora 24: FEDORA-2016-fd44637912 Critical Bzip2 Heap Use After Free

CVE-2016-3189 bzip2: heap use after free in bzip2recover. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-fd44637912 2017-01-04 17:09:09.445954 -------------------------------------------------------------------------------- Name : bzip2 Product : Fedora 24 Version : 1.0.6 Release : 21.fc24 URL : http://www.bzip.org/ Summary : A file compression utility Description : Bzip2 is a freely available, patent-free, high quality data compressor. Bzip2 compresses files to within 10 to 15 percent of the capabilities of the best techniques available. However, bzip2 has the added benefit of being approximately two times faster at compression and six times faster at decompression than those techniques. Bzip2 is not the fastest compression utility, but it does strike a balance between speed and compression capability. Install bzip2 if you need a compression utility. -------------------------------------------------------------------------------- Update Information: CVE-2016-3189 bzip2: heap use after free in bzip2recover -------------------------------------------------------------------------------- References: [ 1 ] Bug #1348179 - CVE-2016-3189 bzip2: heap use after free in bzip2recover [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1348179 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade bzip2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe sendan email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Important patch released for zlib fixing a heap overflow vulnerability, accessible through apt on Ubuntu 20.04.. bzip2 Security Update, Heap Use After Free, Fedora 24 Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 04, 2017 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatesoftware update

Fedora 25: FEDORA-2016-e7b46c92ae Moderate: bzip2 Heap Use After Free

CVE-2016-3189 bzip2: heap use after free in bzip2recover. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-e7b46c92ae 2017-01-02 16:53:04.036978 -------------------------------------------------------------------------------- Name : bzip2 Product : Fedora 25 Version : 1.0.6 Release : 21.fc25 URL : http://www.bzip.org/ Summary : A file compression utility Description : Bzip2 is a freely available, patent-free, high quality data compressor. Bzip2 compresses files to within 10 to 15 percent of the capabilities of the best techniques available. However, bzip2 has the added benefit of being approximately two times faster at compression and six times faster at decompression than those techniques. Bzip2 is not the fastest compression utility, but it does strike a balance between speed and compression capability. Install bzip2 if you need a compression utility. -------------------------------------------------------------------------------- Update Information: CVE-2016-3189 bzip2: heap use after free in bzip2recover -------------------------------------------------------------------------------- References: [ 1 ] Bug #1348179 - CVE-2016-3189 bzip2: heap use after free in bzip2recover [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1348179 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade bzip2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora 25 has released a crucial bzip2 update to fix a heap use after free vulnerability. Users should apply this update to maintain security and integrity. bzip2 Security Update,Fedora 25,bzip2recover,heap use after free. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 02, 2017 Important Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware updateFedora

Fedora 22: FEDORA-2016-8e13ac5754 moderate: nghttp2 Heap Use-After-Free

- update to nghttp2-1.6.0 (fixes CVE-2015-8659). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-8e13ac5754 2016-01-12 04:14:59.558891 -------------------------------------------------------------------------------- Name : nghttp2 Product : Fedora 22 Version : 1.6.0 Release : 1.fc22 URL : https://nghttp2.org/ Summary : Experimental HTTP/2 client, server and proxy Description : This package contains the HTTP/2 client, server and proxy programs. -------------------------------------------------------------------------------- Update Information: - update to nghttp2-1.6.0 (fixes CVE-2015-8659) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1295351 - CVE-2015-8659 nghttp2: heap-use-after-free flaw in idle stream handling code https://bugzilla.redhat.com/show_bug.cgi?id=1295351 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nghttp2' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . The upgrade to nghttp2 version 1.6.0 resolves a heap use-after-free vulnerability in the management of idle streams for Fedora 22.. nghttp2 Security Update,Fedora Software Update,Heap Use After Free. . LinuxSecurity.com Team

Calendar 2 Jan 12, 2016 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here