Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 481 articles for you...
172

Ubuntu 26.04 libslirp Important Info Exposure CVE-2026-9539 Advisory 8550-1

libslirp could be made to expose sensitive information over the network.. ========================================================================== Ubuntu Security Notice USN-8550-1 July 15, 2026 libslirp vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: libslirp could be made to expose sensitive information over the network. Software Description: - libslirp: General purpose TCP-IP emulator library Details: It was discovered that libslirp incorrectly handled TCP urgent data. A privileged attacker inside a guest VM could possibly use this issue to obtain sensitive information from the host process memory. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libslirp0 4.9.1-1ubuntu1.1 Ubuntu 24.04 LTS libslirp0 4.7.0-1ubuntu3.1 Ubuntu 22.04 LTS libslirp0 4.6.1-1ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8550-1 CVE-2026-9539 Package Information: https://launchpad.net/ubuntu/+source/libslirp/4.9.1-1ubuntu1.1 https://launchpad.net/ubuntu/+source/libslirp/4.7.0-1ubuntu3.1 https://launchpad.net/ubuntu/+source/libslirp/4.6.1-1ubuntu0.2 . libslirp update for Ubuntu addresses critical confidentiality risk due to information exposure over the network.. Ubuntu libslirp security patch, network information exposure, Ubuntu advisory 8550-1, VM attack prevention, TCP-IP emulator security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Important Ubuntu
172

Ubuntu Dnsmasq Critical Denial Of Service And Info Leak 2026-8542-1

Several security issues were fixed in Dnsmasq.. ========================================================================== Ubuntu Security Notice USN-8542-1 July 14, 2026 dnsmasq vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Dnsmasq. Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server Details: Yiwei Hou discovered that Dnsmasq incorrectly handled logging of DS or DNSKEY. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2026-12725) It was discovered that Dnsmasq incorrectly validated the length of fixed-length DNS record fields when parsing NS section records. A remote attacker could possibly use this issue to cause Dnsmasq to read out of bounds, possibly exposing sensitive information. (CVE-2026-12969) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS dnsmasq 2.92-1ubuntu0.4 dnsmasq-base 2.92-1ubuntu0.4 dnsmasq-base-lua 2.92-1ubuntu0.4 dnsmasq-utils 2.92-1ubuntu0.4 Ubuntu 24.04 LTS dnsmasq 2.90-2ubuntu0.4 dnsmasq-base 2.90-2ubuntu0.4 dnsmasq-base-lua 2.90-2ubuntu0.4 dnsmasq-utils 2.90-2ubuntu0.4 Ubuntu 22.04 LTS dnsmasq 2.90-0ubuntu0.22.04.4 dnsmasq-base 2.90-0ubuntu0.22.04.4 dnsmasq-base-lua 2.90-0ubuntu0.22.04.4 dnsmasq-utils 2.90-0ubuntu0.22.04.4 Ubuntu 20.04 LTS dnsmasq 2.90-0ubuntu0.20.04.1+esm3 Available with Ubuntu Pro dnsmasq-base 2.90-0ubuntu0.20.04.1+esm3 Available with Ubuntu Pro dnsmasq-base-lua 2.90-0ubuntu0.20.04.1+esm3 Available with Ubuntu Pro dnsmasq-utils 2.90-0ubuntu0.20.04.1+esm3 Available with Ubuntu Pro Ubuntu 18.04 LTS dnsmasq 2.90-0ubuntu0.18.04.1+esm4 Available with Ubuntu Pro dnsmasq-base 2.90-0ubuntu0.18.04.1+esm4 Available with Ubuntu Pro dnsmasq-base-lua 2.90-0ubuntu0.18.04.1+esm4 Available with Ubuntu Pro dnsmasq-utils 2.90-0ubuntu0.18.04.1+esm4 Available with Ubuntu Pro Ubuntu 16.04 LTS dnsmasq 2.90-0ubuntu0.16.04.1+esm4 Available with Ubuntu Pro dnsmasq-base 2.90-0ubuntu0.16.04.1+esm4 Available with Ubuntu Pro dnsmasq-base-lua 2.90-0ubuntu0.16.04.1+esm4 Available with Ubuntu Pro dnsmasq-utils 2.90-0ubuntu0.16.04.1+esm4 Available with Ubuntu Pro After a standard system update you need to restart dnsmasq to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8542-1 CVE-2026-12725, CVE-2026-12969 Package Information: https://launchpad.net/ubuntu/+source/dnsmasq/2.92-1ubuntu0.4 https://launchpad.net/ubuntu/+source/dnsmasq/2.90-2ubuntu0.4 https://launchpad.net/ubuntu/+source/dnsmasq/2.90-0ubuntu0.22.04.4 . Resolve critical security issues in Dnsmasq for multiple Ubuntu LTS versions to prevent potential information exposure or denial of service.. Dnsmasq Security Advisories, Ubuntu LTS Patches, dnsmasq Exploit Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Critical Ubuntu
217

Oracle Linux 8 Grafana Important Update ELSA-2026-35830

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-35830 http://linux.oracle.com/errata/ELSA-2026-35830.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: grafana-9.2.10-31.0.1.el8_10.x86_64.rpm grafana-selinux-9.2.10-31.0.1.el8_10.x86_64.rpm aarch64: grafana-9.2.10-31.0.1.el8_10.aarch64.rpm grafana-selinux-9.2.10-31.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/grafana-9.2.10-31.0.1.el8_10.src.rpm Related CVEs: CVE-2026-39821 Description of changes: [9.2.10-31.0.1] - Fixes CVE-2024-1442 Add email verification when updating user email [Orabug: 38550520] [9.2.10-31] - Resolves RHEL-183728: CVE-2026-39821 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux updates for grafana resolve important security issues. Update to protect your systems efficiently.. Oracle Linux Grafana Security Important Updates. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Important Oracle
172

Ubuntu 26.04 LTS Libidn Critical DoS Information Exposure USN-8521-1

Libidn could be made to crash or expose sensitive information if it received specially crafted input.. ========================================================================== Ubuntu Security Notice USN-8521-1 July 09, 2026 libidn vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Libidn could be made to crash or expose sensitive information if it received specially crafted input. Software Description: - libidn: implementation of IETF IDN specifications Details: It was discovered that Libidn incorrectly handled certain internationalized domain name strings. An attacker could possibly use this issue to obtain sensitive information or cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libidn12 1.43-2ubuntu0.26.04.1 Ubuntu 24.04 LTS libidn12 1.42-1ubuntu0.1 Ubuntu 22.04 LTS libidn12 1.38-4ubuntu1.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8521-1 CVE-2026-57053 Package Information: https://launchpad.net/ubuntu/+source/libidn/1.43-2ubuntu0.26.04.1 https://launchpad.net/ubuntu/+source/libidn/1.42-1ubuntu0.1 https://launchpad.net/ubuntu/+source/libidn/1.38-4ubuntu1.1 . Libidn issues in Ubuntu could lead to system crash or information exposure if vulnerable inputs are received. Update recommended.. Ubuntu security update, libidn security vulnerability, Ubuntu critical advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 09, 2026 Critical Ubuntu
172

Ubuntu 24.04 Parsl Severe SQL Injection Notice USN-8505-1

Parsl could be made to expose sensitive information over the network.. ========================================================================== Ubuntu Security Notice USN-8505-1 July 06, 2026 python-parsl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Parsl could be made to expose sensitive information over the network. Software Description: - python-parsl: Create parallel programs composed of Python functions and external components Details: It was discovered that Parsl incorrectly constructed SQL queries using unsafe string formatting with user-supplied input in the parsl-visualize component. A remote attacker could possibly use this issue to perform SQL injection attacks, leading to data exfiltration or a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS python-parsl-doc 2024.02.26+ds-1ubuntu0.1~esm1 Available with Ubuntu Pro python3-parsl 2024.02.26+ds-1ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8505-1 CVE-2026-21892 . Parsl on Ubuntu could expose information due to improper SQL handling. Update recommended to prevent data breaches.. Ubuntu Parsl SQL Attack, Python Vulnerability, Sensitive Data Exposure. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Critical Ubuntu
172

Ubuntu 26.04 LTS Linux Kernel Critical Security Update 8488-2

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8488-2 July 02, 2026 linux-raspi vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-raspi: Linux kernel for Raspberry Pi systems Details: It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. (CVE-2025-54505) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Rados block device (RBD) driver; - Compressed RAM block device driver; - Character device driver; - TPM device driver; - Hardware crypto device drivers; - EDAC drivers; - GPU drivers; - Greybus drivers; - HID subsystem; - Microsoft Hyper-V drivers; - Hardware monitoring drivers; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - LED subsystem; - Multiple devices driver; - Media drivers; - IBM Advanced System Management driver; - MTD block device drivers; - Network drivers; - Microsoft Azure Network Adapter (MANA) driver; - NTB driver; - NVME drivers; - Device tree and open firmware driver; - PCI subsystem; - Remote Processor subsystem; - SCSI subsystem; - SPI subsystem; - Realtek RTL8723BS SDIO drivers; - SM750 framebuffer staging driver; - Thermal drivers; - USB Gadget drivers; - USB over IP driver; - VFIO drivers; - Framebuffer layer; - 9P distributed file system; - AFS file system; - Cephdistributed file system; - File systems infrastructure; - EROFS file system; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - Journaling layer for block devices (JBD2); - NILFS2 file system; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - SMB network file system; - UDF file system; - XFS file system; - Codetag library; - Memory management; - Memory Management; - KVM subsystem; - Tracing infrastructure; - User-space API (UAPI); - io_uring subsystem; - Locking primitives; - Timer subsystem; - Scatterlist API; - Heterogeneous memory management; - KASAN memory debugging framework; - Bluetooth subsystem; - Ethernet bridge; - CAIF protocol; - CAN network layer; - Ceph Core library; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Netfilter; - NFC subsystem; - Packet sockets; - Qualcomm IPC Router (QRTR); - RDS protocol; - RxRPC session sockets; - SMC sockets; - Stream parser; - Landlock security; - SELinux security module; - ALSA framework; - Generic PCM loopback sound driver; - FireWire sound drivers; - Creative Sound Blaster X-Fi driver; - QCOM ASoC drivers; - USB sound devices; - Objtool; (CVE-2026-31532, CVE-2026-31574, CVE-2026-31575, CVE-2026-31576, CVE-2026-31577, CVE-2026-31578, CVE-2026-31579, CVE-2026-31580, CVE-2026-31581, CVE-2026-31582, CVE-2026-31583, CVE-2026-31584, CVE-2026-31585, CVE-2026-31586, CVE-2026-31587, CVE-2026-31588, CVE-2026-31589, CVE-2026-31590, CVE-2026-31591, CVE-2026-31592, CVE-2026-31593, CVE-2026-31594, CVE-2026-31595, CVE-2026-31596, CVE-2026-31597, CVE-2026-31598, CVE-2026-31599, CVE-2026-31600, CVE-2026-31601, CVE-2026-31602, CVE-2026-31603, CVE-2026-31604, CVE-2026-31605, CVE-2026-31606, CVE-2026-31607, CVE-2026-31608, CVE-2026-31609, CVE-2026-31610, CVE-2026-31611, CVE-2026-31612, CVE-2026-31613, CVE-2026-31614, CVE-2026-31615, CVE-2026-31616, CVE-2026-31617, CVE-2026-31618, CVE-2026-31619,CVE-2026-31620, CVE-2026-31621, CVE-2026-31622, CVE-2026-31623, CVE-2026-31624, CVE-2026-31625, CVE-2026-31626, CVE-2026-31627, CVE-2026-31628, CVE-2026-31629, CVE-2026-31686, CVE-2026-31694, CVE-2026-31696, CVE-2026-31697, CVE-2026-31698, CVE-2026-31699, CVE-2026-31700, CVE-2026-31701, CVE-2026-31702, CVE-2026-31703, CVE-2026-31704, CVE-2026-31705, CVE-2026-31706, CVE-2026-31707, CVE-2026-31708, CVE-2026-31709, CVE-2026-31710, CVE-2026-31711, CVE-2026-31712, CVE-2026-31713, CVE-2026-31714, CVE-2026-31715, CVE-2026-31716, CVE-2026-31717, CVE-2026-31718, CVE-2026-31719, CVE-2026-43058, CVE-2026-43071, CVE-2026-43072, CVE-2026-43073, CVE-2026-43348, CVE-2026-43349, CVE-2026-43350, CVE-2026-43491, CVE-2026-43493, CVE-2026-43499, CVE-2026-43501, CVE-2026-45986, CVE-2026-45987, CVE-2026-45988, CVE-2026-45989, CVE-2026-45990, CVE-2026-45991, CVE-2026-45994, CVE-2026-45995, CVE-2026-45996, CVE-2026-45997, CVE-2026-45999, CVE-2026-46001, CVE-2026-46002, CVE-2026-46003, CVE-2026-46004, CVE-2026-46005, CVE-2026-46006, CVE-2026-46007, CVE-2026-46008, CVE-2026-46009, CVE-2026-46010, CVE-2026-46011, CVE-2026-46012, CVE-2026-46013, CVE-2026-46014, CVE-2026-46015, CVE-2026-46016, CVE-2026-46018, CVE-2026-46019, CVE-2026-46020, CVE-2026-46021, CVE-2026-46022, CVE-2026-46023, CVE-2026-46024, CVE-2026-46025, CVE-2026-46026, CVE-2026-46027, CVE-2026-46028, CVE-2026-46029, CVE-2026-46030, CVE-2026-46031, CVE-2026-46032, CVE-2026-46033, CVE-2026-46034, CVE-2026-46035, CVE-2026-46036, CVE-2026-46037, CVE-2026-46038, CVE-2026-46039, CVE-2026-46040, CVE-2026-46041, CVE-2026-46042, CVE-2026-46043, CVE-2026-46044, CVE-2026-46045, CVE-2026-46046, CVE-2026-46047, CVE-2026-46049, CVE-2026-46050, CVE-2026-46051, CVE-2026-46052, CVE-2026-46053, CVE-2026-46054, CVE-2026-46056, CVE-2026-46057, CVE-2026-46058, CVE-2026-46059, CVE-2026-46060, CVE-2026-46061, CVE-2026-46062, CVE-2026-46063, CVE-2026-46064, CVE-2026-46065, CVE-2026-46066, CVE-2026-46067, CVE-2026-46068, CVE-2026-46069, CVE-2026-46070, CVE-2026-46071, CVE-2026-46072, CVE-2026-46073,CVE-2026-46074, CVE-2026-46075, CVE-2026-46076, CVE-2026-46077, CVE-2026-46078, CVE-2026-46079, CVE-2026-46080, CVE-2026-46081, CVE-2026-46082, CVE-2026-46083, CVE-2026-46084, CVE-2026-46085, CVE-2026-46086, CVE-2026-46087, CVE-2026-46088, CVE-2026-46089, CVE-2026-46090, CVE-2026-46091, CVE-2026-46092, CVE-2026-46093, CVE-2026-46094, CVE-2026-46095, CVE-2026-46096, CVE-2026-46097, CVE-2026-46098, CVE-2026-46099, CVE-2026-46100, CVE-2026-46101, CVE-2026-46102, CVE-2026-46103, CVE-2026-46115, CVE-2026-46119, CVE-2026-46135, CVE-2026-46137, CVE-2026-46155, CVE-2026-46185, CVE-2026-46195, CVE-2026-46243, CVE-2026-46244, CVE-2026-46276, CVE-2026-46277, CVE-2026-46278, CVE-2026-46279, CVE-2026-46280, CVE-2026-46281, CVE-2026-46282, CVE-2026-46283, CVE-2026-46284, CVE-2026-46285, CVE-2026-46286, CVE-2026-46287, CVE-2026-46288, CVE-2026-46289, CVE-2026-46316, CVE-2026-46332, CVE-2026-52904, CVE-2026-52905, CVE-2026-52906, CVE-2026-52907, CVE-2026-52933) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS linux-image-7.0.0-1014-raspi 7.0.0-1014.14 linux-image-7.0.0-1014-raspi-realtime 7.0.0-1014.14 linux-image-raspi 7.0.0-1014.14 linux-image-raspi-7.0 7.0.0-1014.14 linux-image-raspi-realtime 7.0.0-1014.14 linux-image-raspi-realtime-7.0 7.0.0-1014.14 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8488-2 https://ubuntu.com/security/notices/USN-8488-1 CVE-2025-54505, CVE-2026-31532,CVE-2026-31574, CVE-2026-31575, CVE-2026-31576, CVE-2026-31577, CVE-2026-31578, CVE-2026-31579, CVE-2026-31580, CVE-2026-31581, CVE-2026-31582, CVE-2026-31583, CVE-2026-31584, CVE-2026-31585, CVE-2026-31586, CVE-2026-31587, CVE-2026-31588, CVE-2026-31589, CVE-2026-31590, CVE-2026-31591, CVE-2026-31592, CVE-2026-31593, CVE-2026-31594, CVE-2026-31595, CVE-2026-31596, CVE-2026-31597, CVE-2026-31598, CVE-2026-31599, CVE-2026-31600, CVE-2026-31601, CVE-2026-31602, CVE-2026-31603, CVE-2026-31604, CVE-2026-31605, CVE-2026-31606, CVE-2026-31607, CVE-2026-31608, CVE-2026-31609, CVE-2026-31610, CVE-2026-31611, CVE-2026-31612, CVE-2026-31613, CVE-2026-31614, CVE-2026-31615, CVE-2026-31616, CVE-2026-31617, CVE-2026-31618, CVE-2026-31619, CVE-2026-31620, CVE-2026-31621, CVE-2026-31622, CVE-2026-31623, CVE-2026-31624, CVE-2026-31625, CVE-2026-31626, CVE-2026-31627, CVE-2026-31628, CVE-2026-31629, CVE-2026-31686, CVE-2026-31694, CVE-2026-31696, CVE-2026-31697, CVE-2026-31698, CVE-2026-31699, CVE-2026-31700, CVE-2026-31701, CVE-2026-31702, CVE-2026-31703, CVE-2026-31704, CVE-2026-31705, CVE-2026-31706, CVE-2026-31707, CVE-2026-31708, CVE-2026-31709, CVE-2026-31710, CVE-2026-31711, CVE-2026-31712, CVE-2026-31713, CVE-2026-31714, CVE-2026-31715, CVE-2026-31716, CVE-2026-31717, CVE-2026-31718, CVE-2026-31719, CVE-2026-43058, CVE-2026-43071, CVE-2026-43072, CVE-2026-43073, CVE-2026-43348, CVE-2026-43349, CVE-2026-43350, CVE-2026-43491, CVE-2026-43493, CVE-2026-43499, CVE-2026-43501, CVE-2026-45986, CVE-2026-45987, CVE-2026-45988, CVE-2026-45989, CVE-2026-45990, CVE-2026-45991, CVE-2026-45994, CVE-2026-45995, CVE-2026-45996, CVE-2026-45997, CVE-2026-45999, CVE-2026-46001, CVE-2026-46002, CVE-2026-46003, CVE-2026-46004, CVE-2026-46005, CVE-2026-46006, CVE-2026-46007, CVE-2026-46008, CVE-2026-46009, CVE-2026-46010, CVE-2026-46011, CVE-2026-46012, CVE-2026-46013, CVE-2026-46014, CVE-2026-46015, CVE-2026-46016, CVE-2026-46018, CVE-2026-46019, CVE-2026-46020, CVE-2026-46021,CVE-2026-46022, CVE-2026-46023, CVE-2026-46024, CVE-2026-46025, CVE-2026-46026, CVE-2026-46027, CVE-2026-46028, CVE-2026-46029, CVE-2026-46030, CVE-2026-46031, CVE-2026-46032, CVE-2026-46033, CVE-2026-46034, CVE-2026-46035, CVE-2026-46036, CVE-2026-46037, CVE-2026-46038, CVE-2026-46039, CVE-2026-46040, CVE-2026-46041, CVE-2026-46042, CVE-2026-46043, CVE-2026-46044, CVE-2026-46045, CVE-2026-46046, CVE-2026-46047, CVE-2026-46049, CVE-2026-46050, CVE-2026-46051, CVE-2026-46052, CVE-2026-46053, CVE-2026-46054, CVE-2026-46056, CVE-2026-46057, CVE-2026-46058, CVE-2026-46059, CVE-2026-46060, CVE-2026-46061, CVE-2026-46062, CVE-2026-46063, CVE-2026-46064, CVE-2026-46065, CVE-2026-46066, CVE-2026-46067, CVE-2026-46068, CVE-2026-46069, CVE-2026-46070, CVE-2026-46071, CVE-2026-46072, CVE-2026-46073, CVE-2026-46074, CVE-2026-46075, CVE-2026-46076, CVE-2026-46077, CVE-2026-46078, CVE-2026-46079, CVE-2026-46080, CVE-2026-46081, CVE-2026-46082, CVE-2026-46083, CVE-2026-46084, CVE-2026-46085, CVE-2026-46086, CVE-2026-46087, CVE-2026-46088, CVE-2026-46089, CVE-2026-46090, CVE-2026-46091, CVE-2026-46092, CVE-2026-46093, CVE-2026-46094, CVE-2026-46095, CVE-2026-46096, CVE-2026-46097, CVE-2026-46098, CVE-2026-46099, CVE-2026-46100, CVE-2026-46101, CVE-2026-46102, CVE-2026-46103, CVE-2026-46115, CVE-2026-46119, CVE-2026-46135, CVE-2026-46137, CVE-2026-46155, CVE-2026-46185, CVE-2026-46195, CVE-2026-46243, CVE-2026-46244, CVE-2026-46276, CVE-2026-46277, CVE-2026-46278, CVE-2026-46279, CVE-2026-46280, CVE-2026-46281, CVE-2026-46282, CVE-2026-46283, CVE-2026-46284, CVE-2026-46285, CVE-2026-46286, CVE-2026-46287, CVE-2026-46288, CVE-2026-46289, CVE-2026-46316, CVE-2026-46332, CVE-2026-52904, CVE-2026-52905, CVE-2026-52906, CVE-2026-52907, CVE-2026-52933 Package Information: https://launchpad.net/ubuntu/+source/linux-raspi/7.0.0-1014.14 . Critical security advisory for Ubuntu fixing multiple kernel security issues. Update suggested for Raspberry Pi.. Linux Kernel, Raspberry Pi,Security Advisory, Ubuntu Update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 02, 2026 Critical Ubuntu
202

openSUSE Tumbleweed OCaml Moderate Security Flaws Vuln 2026-11136-1

An update that solves 2 vulnerabilities can now be installed.. # ocaml-4.14.4-1.1 on GA media Announcement ID: openSUSE-SU-2026:11136-1 Rating: moderate Cross-References: * CVE-2026-28364 * CVE-2026-34353 CVSS scores: * CVE-2026-28364 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-28364 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-34353 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N * CVE-2026-34353 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the ocaml-4.14.4-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * ocaml 4.14.4-1.1 * ocaml-compiler-libs 4.14.4-1.1 * ocaml-compiler-libs-devel 4.14.4-1.1 * ocaml-ocamldoc 4.14.4-1.1 * ocaml-runtime 4.14.4-1.1 * ocaml-source 4.14.4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-28364.html * https://www.suse.com/security/cve/CVE-2026-34353.html . Crucial update for openSUSE addressing moderate security flaws in OCaml package. Essential for system integrity.. openSUSE Tumbleweed OCaml security patch. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 29, 2026 moderate OpenSUSE
89

Fedora 43 tigervnc Critical Info Exposure Denial of Service 2026-ad10afa9cd

Fixes CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-ad10afa9cd 2026-06-27 00:54:50.049697+00:00 -------------------------------------------------------------------------------- Name : tigervnc Product : Fedora 43 Version : 1.16.2 Release : 4.fc43 URL : https://www.tigervnc.com Summary : A TigerVNC remote display system Description : Virtual Network Computing (VNC) is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you to connect to other desktops running a VNC server. -------------------------------------------------------------------------------- Update Information: Fixes CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 18 2026 Jan Grulich - 1.16.2-4 - Rebuild (xorg-x11-server) Fixes CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264 * Fri Jun 12 2026 Yaakov Selkowitz - 1.16.2-3 - Rebuilt for openssl 4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2476414 - CVE-2026-34002 tigervnc: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476414 [ 2 ] Bug #2476956 - CVE-2026-33999 tigervnc: X.Org X server: Denial of Service via integer underflow inXKB compatibility map handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476956 [ 3 ] Bug #2476958 - CVE-2026-34001 tigervnc: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476958 [ 4 ] Bug #2476965 - CVE-2026-34003 tigervnc: X.Org X server: Information exposure and denial of service via out-of-bounds memory access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476965 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ad10afa9cd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical advisory for Fedora 43 regarding Tigervnc fixes for multiple CVEs. Immediate update is recommended.. Fedora 43,Tigervnc,remote display system,security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200