Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updateimportant

Red Hat Enterprise Linux 8 RHSA-2020-0559-01 Important: ksh Code Injection

An update for ksh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: ksh security update Advisory ID: RHSA-2020:0559-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:0559 Issue date: 2020-02-20 CVE Names: CVE-2019-14868 ==================================================================== 1. Summary: An update for ksh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: KornShell (ksh) is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell (sh) and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard (IEEE Std 1003.2-1992). Security Fix(es): * ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1757324 - CVE-2019-14868 ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: ksh-20120801-253.el8_1.src.rpm aarch64: ksh-20120801-253.el8_1.aarch64.rpm ksh-debuginfo-20120801-253.el8_1.aarch64.rpm ksh-debugsource-20120801-253.el8_1.aarch64.rpm ppc64le: ksh-20120801-253.el8_1.ppc64le.rpm ksh-debuginfo-20120801-253.el8_1.ppc64le.rpm ksh-debugsource-20120801-253.el8_1.ppc64le.rpm s390x: ksh-20120801-253.el8_1.s390x.rpm ksh-debuginfo-20120801-253.el8_1.s390x.rpm ksh-debugsource-20120801-253.el8_1.s390x.rpm x86_64: ksh-20120801-253.el8_1.x86_64.rpm ksh-debuginfo-20120801-253.el8_1.x86_64.rpm ksh-debugsource-20120801-253.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2019-14868 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXk6ZhNzjgjWX9erEAQiwGg//akKaWjLCS7bWNE9r6nb/hk0rhybrMsba 946SZHYTNMf2g534OWR4/bpH8ZfUb5gAeJrPjw2PGrBDRvSPQ3SeQB/9f77sMigh RvizySXwRVwHFOUgp0YpzBVV2fiyW7OE8ddEzRwWKwy3tXHy9IVsgKRsdEqBEQXb 8opZPKj/AoRx6FkHxW15aoBSegDihQCdAekpBRIY21lCBaOtmRi3i7/cYCrxIeq/ VL+JIg3M11bCDovW7dcbldrlxi02ClZRnZ4dqON0SO5I1XxGU/FKoXtwutM69VFC xxrq04MDd+G/r8Fj4KU8Y+LmnvwwjEJrwlIZ/qmaE696MylGSdKdFtr3hnYhXJqz Z2QLFjo0eMdWKpMbz/vI3QZ3nhhBZiRGQRvjnTL3A275WWdraWQusBZhMy8oHfdB 79if7C5SnY6p6dWBmxszWH6KgYLU1qszlWW8HThn7pGwR70RXCFSsjvHYUu1H3Pp bGFyCRL8YJbpIrPhOx/0gwaUpnqgS+pkTQX8CRYAj73ug6wOOaKe41d/drPknrBL zIcLqBEZZaHVdvZrhvPM3m+ck1w/ZVfh102TD0IK2eLEH2Z3kzNCVLt8cODYeOyY 5ds3/lHllH7CGpzR41o9TmmQhstwhcALBfk8IX18euVkJ3Oh3EobXsFxtAsN0Gne BlFkgBTvEiI=ESAw -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat reveals a significant security patch for KornShell in Enterprise Linux 8, addressing critical vulnerabilities related to code injection hazards.. kornshell security, red hat advisory, code injection fix, security update, enterprise linux security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 20, 2020 Important Red Hat
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracode injection

Fedora 31: FEDORA-2020-d940aca772 Critical: Ksh Env Var Vulnerability

Do not evaluate arithmetic expressions from environment variables at startup. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-d940aca772 2020-02-16 01:29:39.329571 --------------------------------------------------------------------------------Name : ksh Product : Fedora 31 Version : 2020.0.0 Release : 2.fc31 URL : http://www.kornshell.com/ Summary : The Original ATT Korn Shell Description : KornShell is a shell programming language, which is upward compatible with "sh" (the Bourne Shell). --------------------------------------------------------------------------------Update Information: Do not evaluate arithmetic expressions from environment variables at startup --------------------------------------------------------------------------------ChangeLog: * Fri Feb 7 2020 Siteshwar Vashisht - 1:2020.0.0-2 - Do not evaluate arithmetic expressions from environment variables at startup Resolves: #1790549 * Fri Oct 11 2019 Siteshwar Vashisht - 1:2020.0.0-1 - Rebase to 2020.0.0 --------------------------------------------------------------------------------References: [ 1 ] Bug #1790549 - CVE-2019-14868 ksh: environment variables on startup are interpreted as arithmetic expression leading to code injection [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1790549 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-d940aca772' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The latest Ksh patch for Fedora 31 addresses vulnerabilities in environment variable handling that could allow for potential code execution threats.. Fedora Update, Ksh Kernel, Environment Variable Risk, Shell Security Update, Arithmetic Expression Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 15, 2020 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here