Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
172
security advisorydenial of servicecriticalUbuntu 25.10: klibc Critical Integer Arithmetic DoS USN-7959-1
klibc could be made to crash if it received specially crafted input.. ========================================================================== Ubuntu Security Notice USN-7959-1 January 14, 2026 klibc vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: klibc could be made to crash if it received specially crafted input. Software Description: - klibc: Minimalistic libc subset for use with initramfs Details: It was discovered that zlib, vendored in klibc, did not properly handle integer arithmetic. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 klibc-utils 2.0.14-1ubuntu1.1 libklibc 2.0.14-1ubuntu1.1 Ubuntu 25.04 klibc-utils 2.0.13-4ubuntu1.1 libklibc 2.0.13-4ubuntu1.1 Ubuntu 24.04 LTS klibc-utils 2.0.13-4ubuntu0.2 libklibc 2.0.13-4ubuntu0.2 Ubuntu 22.04 LTS klibc-utils 2.0.10-4ubuntu0.2 libklibc 2.0.10-4ubuntu0.2 Ubuntu 20.04 LTS klibc-utils 2.0.7-1ubuntu5.2+esm1 Available with Ubuntu Pro libklibc 2.0.7-1ubuntu5.2+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS klibc-utils 2.0.4-9ubuntu2.2+esm2 Available with Ubuntu Pro libklibc 2.0.4-9ubuntu2.2+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS klibc-utils 2.0.4-8ubuntu1.16.04.4+esm3 Available with Ubuntu Pro libklibc 2.0.4-8ubuntu1.16.04.4+esm3 Available with Ubuntu Pro Ubuntu 14.04 LTS klibc-utils 2.0.3-0ubuntu1.14.04.3+esm4 Available with Ubuntu Pro libklibc 2.0.3-0ubuntu1.14.04.3+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7959-1 CVE-2016-9843 Package Information: https://launchpad.net/ubuntu/+source/klibc/2.0.13-4ubuntu1.1 https://launchpad.net/ubuntu/+source/klibc/2.0.13-4ubuntu0.2 https://launchpad.net/ubuntu/+source/klibc/2.0.10-4ubuntu0.2 . Update klibc for Ubuntu to fix critical integer arithmetic issues leading to crashes and potential DoS.. klibc udpate, Ubuntu security, Denial of Service, Ubuntu 25.10 klibc, Critical vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
Jan 14, 2026
•Critical
Ubuntu
172
security advisorymoderatearbitrary code executionUbuntu 24.04 LTS USN-6736-2 Moderate: Klibc Memory Issue
Several security issues were fixed in klibc.. ========================================================================== Ubuntu Security Notice USN-6736-2 May 23, 2024 klibc vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Several security issues were fixed in klibc. Software Description: - klibc: small utilities built with klibc for early boot Details: USN-6736-1 fixed vulnerabilities in klibc. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory details: It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841) Danilo Ramos discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2018-25032) Evgeny Legerov discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2022-37434) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS klibc-utils 2.0.13-4ubuntu0.1 libklibc 2.0.13-4ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6736-2 https://ubuntu.com/security/notices/USN-6736-1 CVE-2016-9840, CVE-2016-9841, CVE-2018-25032, CVE-2022-37434 Package Information: https://launchpad.net/ubuntu/+source/klibc/2.0.13-4ubuntu0.1 . A critical klibc update has been released to address several security vulnerabilities for Ubuntu users, ensuring enhanced system protection and stability. klibc Security Update, Ubuntu 24.04 LTS, zlib vulnerabilities. . Severity: Important. LinuxSecurity.com Team
May 23, 2024
•Important
Ubuntu
172
security advisorybuffer overflowcriticalUbuntu 23.10 USN-6736-1 Critical: Klibc Buffer Overflow Threat
Several security issues were fixed in klibc.. ========================================================================== Ubuntu Security Notice USN-6736-1 April 16, 2024 klibc vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in klibc. Software Description: - klibc: small utilities built with klibc for early boot Details: It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841) Danilo Ramos discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2018-25032) Evgeny Legerov discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain inflate operations. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. (CVE-2022-37434) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: klibc-utils 2.0.13-1ubuntu0.1 libklibc 2.0.13-1ubuntu0.1 Ubuntu 22.04 LTS: klibc-utils 2.0.10-4ubuntu0.1 libklibc 2.0.10-4ubuntu0.1 Ubuntu 20.04 LTS: klibc-utils 2.0.7-1ubuntu5.2 libklibc 2.0.7-1ubuntu5.2 Ubuntu 18.04 LTS (Available with Ubuntu Pro): klibc-utils 2.0.4-9ubuntu2.2+esm1 libklibc 2.0.4-9ubuntu2.2+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): klibc-utils 2.0.4-8ubuntu1.16.04.4+esm2 libklibc 2.0.4-8ubuntu1.16.04.4+esm2 Ubuntu 14.04 LTS (Available with Ubuntu Pro): klibc-utils 2.0.3-0ubuntu1.14.04.3+esm3 libklibc 2.0.3-0ubuntu1.14.04.3+esm3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6736-1 CVE-2016-9840, CVE-2016-9841, CVE-2018-25032, CVE-2022-37434 Package Information: . Numerous updates addressing vulnerabilities in klibc for different Ubuntu versions enhance overall system reliability and reduce the risk of potential threats.. Klibc Security, Ubuntu Updates, Early Boot Utilities, System Threats. . Severity: Critical. LinuxSecurity.com Team
Apr 16, 2024
•Critical
Ubuntu
172
security advisorydenial of serviceUbuntuUbuntu: USN-5379-1 Critical: Klibc Memory Issues and Denial of Service
Several security issues were fixed in klibc.. =========================================================================Ubuntu Security Notice USN-5379-1 April 18, 2022 klibc vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in klibc. Software Description: - klibc: small utilities built with klibc for early boot Details: It was discovered that klibc did not properly perform some mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31870) It was discovered that klibc did not properly handled some memory allocations on 64 bit systems. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31871) It was discovered that klibc did not properly handled some file sizes values on 32 bit systems. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31872) It was discovered that klibc did not properly handled some memory allocations. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31873) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: klibc-utils 2.0.7-1ubuntu5.1 libklibc 2.0.7-1ubuntu5.1 Ubuntu 18.04 LTS: klibc-utils 2.0.4-9ubuntu2.1 libklibc 2.0.4-9ubuntu2.1 Ubuntu 16.04 ESM: klibc-utils 2.0.4-8ubuntu1.16.04.4+esm1 libklibc 2.0.4-8ubuntu1.16.04.4+esm1 Ubuntu 14.04 ESM: klibc-utils 2.0.3-0ubuntu1.14.04.3+esm2 libklibc 2.0.3-0ubuntu1.14.04.3+esm2 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5379-1 CVE-2021-31870, CVE-2021-31871, CVE-2021-31872, CVE-2021-31873 Package Information: https://launchpad.net/ubuntu/+source/klibc/2.0.7-1ubuntu5.1 https://launchpad.net/ubuntu/+source/klibc/2.0.4-9ubuntu2.1 . Multiple vulnerabilities in klibc have been resolved through recent updates in Ubuntu. A comprehensive summary of the corrections implemented and the systems impacted is available.. Klibc Issues, Ubuntu Security, System Update Guide. . Severity: Critical. LinuxSecurity.com Team
Apr 18, 2022
•Critical
Ubuntu
197
security advisorymoderatecode executionDebian 9: DLA-2695-1 Moderate Security Issue with Klibc Exploit Risk
Several vulnerabilities have been discovered in klibc. Depending on how klibc is used, these could lead to the execution of arbitrary code, privilege escalation, or denial of service. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-2695-1
Jun 28, 2021
Debian LTS
91
security advisorygentoocommand injectionGentoo: 2013-09-21 Normal: Klibc Command Injection Risk
A vulnerability in klibc could allow remote attackers to execute arbitrary shell code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201309-21 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: klibc: Command Injection Date: September 26, 2013 Bugs: #369075 ID: 201309-21 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in klibc could allow remote attackers to execute arbitrary shell code. Background ========= klibc is a minimalistic libc used for making an initramfs. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/klibc < 1.5.25 > = 1.5.25 Description ========== The ipconfig utility in klibc writes DHCP options to /tmp/net-$DEVICE.conf, and this file is later sourced by other scripts to get defined variables. The options written to this file are not properly escaped. Impact ===== A remote attacker could send a specially crafted DHCP reply, which could execute arbitrary shell code with the privileges of any process which sources DHCP options. Workaround ========= There is no known workaround at this time. Resolution ========= All klibc users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-libs/klibc-1.5.25" References ========= [ 1 ] CVE-2011-1930 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1930 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201309-21 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Sep 27, 2013
Gentoo
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!