Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatesecurity issue

SUSE: 2025:02290-1 moderate: xen indirect target selection security fix

* bsc#1238043 * bsc#1243117 Cross-References: * CVE-2024-28956 . # Security update for xen Announcement ID: SUSE-SU-2025:02290-1 Release Date: 2025-07-11T11:13:27Z Rating: moderate References: * bsc#1238043 * bsc#1243117 Cross-References: * CVE-2024-28956 * CVE-2025-1713 CVSS scores: * CVE-2024-28956 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-28956 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-28956 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-28956 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-1713 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2025-1713 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-28956: Fixed Intel CPU: Indirect Target Selection (ITS) (XSA-469) (bsc#1243117) * CVE-2025-1713: Fixed deadlock potential with VT-d and legacy PCI device pass-through (XSA-467) (bsc#1238043) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2290=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * xen-debugsource-4.12.4_60-3.127.1 * xen-devel-4.12.4_60-3.127.1 * xen-doc-html-4.12.4_60-3.127.1 * xen-libs-debuginfo-32bit-4.12.4_60-3.127.1 * xen-libs-debuginfo-4.12.4_60-3.127.1 * xen-4.12.4_60-3.127.1 * xen-tools-domU-4.12.4_60-3.127.1 * xen-tools-domU-debuginfo-4.12.4_60-3.127.1 * xen-tools-debuginfo-4.12.4_60-3.127.1 * xen-libs-4.12.4_60-3.127.1 * xen-libs-32bit-4.12.4_60-3.127.1 * xen-tools-4.12.4_60-3.127.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28956.html * https://www.suse.com/security/cve/CVE-2025-1713.html * https://bugzilla.suse.com/show_bug.cgi?id=1238043 * https://bugzilla.suse.com/show_bug.cgi?id=1243117 . The urgent deployment of essential updates addressing security flaws in Xen for SUSE Linux Enterprise Server 12 SP5 calls for immediate attention.. SUSE Linux Enterprise,Xen patch,security update,moderate threat. . LinuxSecurity.com Team

Calendar 2 Jul 11, 2025 SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issueupdate

Fedora 41: FEDORA-2025-86f39c57ce critical: indirect target selection

x86: Indirect Target Selection [XSA-469, CVE-2024-28956]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-86f39c57ce 2025-05-29 02:06:15.465539+00:00 -------------------------------------------------------------------------------- Name : xen Product : Fedora 41 Version : 4.19.2 Release : 3.fc41 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: x86: Indirect Target Selection [XSA-469, CVE-2024-28956] -------------------------------------------------------------------------------- ChangeLog: * Tue May 13 2025 Michael Young - 4.19.2-3 - x86: Indirect Target Selection [XSA-469, CVE-2024-28956] -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-86f39c57ce' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Red Hat releases an important security notice about Hyper-V related to indirect object reference, tackling severe weaknesses.. Fedora Update Notification, indirect target selection, xen security advisory, XSA-469, CVE-2024-28956. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 29, 2025 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdateDebian

Debian: DSA-5924-1 critical: Intel microcode mitigates ITS and injection

This update ships updated CPU microcode for some types of Intel CPUs. In particular it provides mitigations for the Indirect Target Selection (ITS) vulnerability (CVE-2024-28956) and the Branch Privilege Injection vulnerability (CVE-2024-45332). . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5924-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso May 23, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : intel-microcode CVE ID : CVE-2024-28956 CVE-2024-43420 CVE-2024-45332 CVE-2025-20012 CVE-2025-20054 CVE-2025-20103 CVE-2025-20623 CVE-2025-24495 Debian Bug : 1105172 This update ships updated CPU microcode for some types of Intel CPUs. In particular it provides mitigations for the Indirect Target Selection (ITS) vulnerability (CVE-2024-28956) and the Branch Privilege Injection vulnerability (CVE-2024-45332). For CPUs affected to ITS (Indirect Target Selection), to fully mitigate the vulnerability it is also necessary to update the Linux kernel packages released in a separate, forthcoming DSA. For details on the Indirect Target Selection (ITS) vulnerability please refer to https://www.vusec.net/projects/training-solo/ and https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/indirect-target-selection.html . For details on the Branch Privilege Injection vulnerability please refer to https://comsec.ethz.ch/research/microarch/branch-privilege-injection/ For the stable distribution (bookworm), these problems have been fixed in version 3.20250512.1~deb12u1. We recommend that you upgrade your intel-microcode packages. For the detailed security status of intel-microcode please refer to its security tracker pageat: https://security-tracker.debian.org/tracker/source-package/intel-microcode Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian rolls out CPU microcode enhancements to mitigate Indirect Branch Prediction and Side-Channel Attack risks. System upgrade advised.. Debian Security, cpu microcode update, intel mitigation, linux kernel upgrades, security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 23, 2025 Critical Debian
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 42: 2025-b3d59fca78 critical: indirect target selection issue

x86: Indirect Target Selection [XSA-469, CVE-2024-28956]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-b3d59fca78 2025-05-17 02:01:28.575418+00:00 -------------------------------------------------------------------------------- Name : xen Product : Fedora 42 Version : 4.19.2 Release : 4.fc42 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: x86: Indirect Target Selection [XSA-469, CVE-2024-28956] -------------------------------------------------------------------------------- ChangeLog: * Mon May 12 2025 Michael Young - 4.19.2-4 - x86: Indirect Target Selection [XSA-469, CVE-2024-28956] -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-b3d59fca78' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Important patch for Fedora 42 resolves the indirect target selection vulnerability associated with Xen security notice XSA-469.. Fedora Security, Xen Monitor, Indirect Target Selection, Fedora Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 17, 2025 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here