Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":1,"type":"x","order":1,"pct":33.33,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":66.67,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 66 articles for you...
217

Oracle Linux 9 libcap Warning on Important TOCTOU Race Condition Issue

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-19346 http://linux.oracle.com/errata/ELSA-2026-19346.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libcap-2.48-10.el9_8.1.i686.rpm libcap-2.48-10.el9_8.1.x86_64.rpm libcap-devel-2.48-10.el9_8.1.i686.rpm libcap-devel-2.48-10.el9_8.1.x86_64.rpm aarch64: libcap-2.48-10.el9_8.1.aarch64.rpm libcap-devel-2.48-10.el9_8.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/libcap-2.48-10.el9_8.1.src.rpm Related CVEs: CVE-2026-4878 Description of changes: [2.48-10.1] - Fix TOCTOU race condition in cap_set_file() (CVE-2026-4878) Resolves: RHEL-169312 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updated rpms for Oracle Linux 9 addressing an important TOCTOU race condition in libcap. Immediate action required.. Oracle Linux, libcap, security advisory, race condition, package update. . LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Oracle
172

Ubuntu 20.04 libcap Significant Privilege Escalation Flaw USN-8193-2

libcap could be made to modify capabilities on arbitrary files.. ========================================================================== Ubuntu Security Notice USN-8193-2 June 23, 2026 libcap2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: libcap could be made to modify capabilities on arbitrary files. Software Description: - libcap2: POSIX 1003.1e capabilities library Details: USN-8193-1 fixed a vulnerability in libcap. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Ali Raza discovered that libcap incorrectly handled file capability updates. A local attacker could possibly use this issue to inject or strip capabilities into arbitrary executables and escalate privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS libcap-dev 1:2.32-1ubuntu0.2+esm1 Available with Ubuntu Pro libcap2 1:2.32-1ubuntu0.2+esm1 Available with Ubuntu Pro libcap2-bin 1:2.32-1ubuntu0.2+esm1 Available with Ubuntu Pro libpam-cap 1:2.32-1ubuntu0.2+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libcap-dev 1:2.25-1.2ubuntu0.1~esm2 Available with Ubuntu Pro libcap2 1:2.25-1.2ubuntu0.1~esm2 Available with Ubuntu Pro libcap2-bin 1:2.25-1.2ubuntu0.1~esm2 Available with Ubuntu Pro libpam-cap 1:2.25-1.2ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS libcap-dev 1:2.24-12ubuntu0.1~esm2 Available with Ubuntu Pro libcap2 1:2.24-12ubuntu0.1~esm2 Available with Ubuntu Pro libcap2-bin 1:2.24-12ubuntu0.1~esm2 Available with Ubuntu Pro libpam-cap 1:2.24-12ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 14.04 LTS libcap-dev 1:2.24-0ubuntu2+esm2 Available with Ubuntu Pro libcap2 1:2.24-0ubuntu2+esm2 Available with Ubuntu Pro libcap2-bin 1:2.24-0ubuntu2+esm2 Available with Ubuntu Pro libpam-cap 1:2.24-0ubuntu2+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8193-2 https://ubuntu.com/security/notices/USN-8193-1 CVE-2026-4878 . modification of file capabilities could allow unprivileged users to escalate privileges on Ubuntu systems. Update recommended!. Ubuntu Security Notice, libcap vulnerability, privilege escalation, capability modification. . LinuxSecurity.com Team

Calendar%202 Jun 23, 2026 Ubuntu
203

Mageia libcap Critical Privilege Escalation Vuln 2026-0221 CVE-2026-4878

Security update. Publication date: 18 Jun 2026 URL: https://advisories.mageia.org/MGASA-2026-0221.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-4878 Description: CVE-2026-4878. A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation. References: - https://bugs.mageia.org/show_bug.cgi?id=35329 - https://www.openwall.com/lists/oss-security/2026/04/07/4 - https://www.openwall.com/lists/oss-security/2026/04/07/14 - https://www.cve.org/CVERecord?id=CVE-2026-4878 SRPMS: - 9/core/libcap-2.52-5.2.mga9 . Local attackers can exploit a TOCTOU race condition in libcap, leading to privilege elevation risks in Mageia.. Mageia Security Update, Privilege Escalation Libcap, TOCTOU Race Conditions. . LinuxSecurity.com Team

Calendar%202 Jun 18, 2026 Mageia
217

Oracle Linux 8 libcap Important TOCTOU Race Condition ELSA-2026-13285

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-13285 http://linux.oracle.com/errata/ELSA-2026-13285.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libcap-2.48-6.el8_10.1.i686.rpm libcap-2.48-6.el8_10.1.x86_64.rpm libcap-devel-2.48-6.el8_10.1.i686.rpm libcap-devel-2.48-6.el8_10.1.x86_64.rpm aarch64: libcap-2.48-6.el8_10.1.aarch64.rpm libcap-devel-2.48-6.el8_10.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/libcap-2.48-6.el8_10.1.src.rpm Related CVEs: CVE-2026-4878 Description of changes: [2.48-6.1] - Fix TOCTOU race condition in cap_set_file() (CVE-2026-4878) Resolves: RHEL-169304 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 8 updates for libcap addressing CVE-2026-4878, a critical TOCTOU issue affecting system integrity.. Oracle Linux, security update, system integrity, libcap. . LinuxSecurity.com Team

Calendar%202 May 06, 2026 Oracle
219

Rocky Linux 8 RLSA-2026-12386 Security Update for libsec Permissions

Important: libcap security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:13285", "synopsis": "Important: libcap security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libcap.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Libcap is a library for getting and setting POSIX.1e (formerly POSIX 6) draft 15 capabilities.\n\nSecurity Fix(es):\n\n* libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() (CVE-2026-4878)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2451615", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451615", "description": ""}], "cves": [{"name": "CVE-2026-4878", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4878", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "6.7", "cwe": "CWE-367"}], "references": [], "publishedAt": "2026-05-06T06:00:43.332340Z", "rpms": {"Rocky Linux 8": {"nvras": ["libcap-0:2.48-6.el8_10.1.aarch64.rpm", "libcap-0:2.48-6.el8_10.1.i686.rpm", "libcap-0:2.48-6.el8_10.1.src.rpm", "libcap-0:2.48-6.el8_10.1.x86_64.rpm", "libcap-debuginfo-0:2.48-6.el8_10.1.aarch64.rpm", "libcap-debuginfo-0:2.48-6.el8_10.1.i686.rpm", "libcap-debuginfo-0:2.48-6.el8_10.1.x86_64.rpm", "libcap-debugsource-0:2.48-6.el8_10.1.aarch64.rpm", "libcap-debugsource-0:2.48-6.el8_10.1.i686.rpm", "libcap-debugsource-0:2.48-6.el8_10.1.x86_64.rpm", "libcap-devel-0:2.48-6.el8_10.1.aarch64.rpm", "libcap-devel-0:2.48-6.el8_10.1.i686.rpm", "libcap-devel-0:2.48-6.el8_10.1.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}.Important security update for libcap on Rocky Linux 8 addressing privilege escalation risks. Apply the update promptly.. libcap security update, Rocky Linux update, privilege escalation risk. . LinuxSecurity.com Team

Calendar%202 May 06, 2026 Rocky Linux
217

Oracle Linux 10 ELSA-2026-12423 libcap Important Race Condition

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-12423 http://linux.oracle.com/errata/ELSA-2026-12423.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: libcap-2.69-7.el10_1.1.x86_64.rpm libcap-devel-2.69-7.el10_1.1.x86_64.rpm aarch64: libcap-2.69-7.el10_1.1.aarch64.rpm libcap-devel-2.69-7.el10_1.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/libcap-2.69-7.el10_1.1.src.rpm Related CVEs: CVE-2026-4878 Description of changes: [2.69-7.1] - Fix TOCTOU race condition in cap_set_file() (CVE-2026-4878) Resolves: RHEL-169301 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Explore the important security fix for libcap in Oracle Linux addressing race conditions effectively.. Oracle Linux libcap security update race condition. . LinuxSecurity.com Team

Calendar%202 May 04, 2026 Oracle
219

CentOS Stream 10 libcap Enhanced Privilege Control Release RLSB-2026-12510

Important: libcap security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:12423", "synopsis": "Important: libcap security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libcap.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Libcap is a library for getting and setting POSIX.1e (formerly POSIX 6) draft 15 capabilities.\n\nSecurity Fix(es):\n\n* libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() (CVE-2026-4878)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2451615", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451615", "description": ""}], "cves": [{"name": "CVE-2026-4878", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4878", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "6.7", "cwe": "CWE-367"}], "references": [], "publishedAt": "2026-05-03T12:06:49.800095Z", "rpms": {"Rocky Linux 10": {"nvras": ["libcap-debugsource-0:2.69-7.el10_1.1.ppc64le.rpm", "libcap-0:2.69-7.el10_1.1.src.rpm", "libcap-0:2.69-7.el10_1.1.ppc64le.rpm", "libcap-0:2.69-7.el10_1.1.x86_64.rpm", "libcap-devel-0:2.69-7.el10_1.1.aarch64.rpm", "libcap-debugsource-0:2.69-7.el10_1.1.aarch64.rpm", "libcap-debugsource-0:2.69-7.el10_1.1.s390x.rpm", "libcap-debuginfo-0:2.69-7.el10_1.1.x86_64.rpm", "libcap-devel-0:2.69-7.el10_1.1.x86_64.rpm", "libcap-debugsource-0:2.69-7.el10_1.1.x86_64.rpm", "libcap-0:2.69-7.el10_1.1.aarch64.rpm", "libcap-debuginfo-0:2.69-7.el10_1.1.aarch64.rpm", "libcap-devel-0:2.69-7.el10_1.1.ppc64le.rpm","libcap-debuginfo-0:2.69-7.el10_1.1.s390x.rpm", "libcap-0:2.69-7.el10_1.1.s390x.rpm", "libcap-debuginfo-0:2.69-7.el10_1.1.ppc64le.rpm", "libcap-devel-0:2.69-7.el10_1.1.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A libcap security update is crucial for Rocky Linux 10 users to mitigate a privilege escalation risk. Install the update.. Rocky Linux libcap security update, Important libcap update, privilege escalation fix. . LinuxSecurity.com Team

Calendar%202 May 03, 2026 Rocky Linux
219

Rocky Linux 9 RLSA-2026-12441 libcap Important Privilege Escalation Threat

Important: libcap security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:12441", "synopsis": "Important: libcap security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libcap.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Libcap is a library for getting and setting POSIX.1e (formerly POSIX 6) draft 15 capabilities.\n\nSecurity Fix(es):\n\n* libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() (CVE-2026-4878)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2451615", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451615", "description": ""}], "cves": [{"name": "CVE-2026-4878", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4878", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "6.7", "cwe": "CWE-367"}], "references": [], "publishedAt": "2026-05-03T12:03:41.515195Z", "rpms": {"Rocky Linux 9": {"nvras": ["libcap-0:2.48-10.el9_7.1.aarch64.rpm", "libcap-0:2.48-10.el9_7.1.i686.rpm", "libcap-0:2.48-10.el9_7.1.ppc64le.rpm", "libcap-0:2.48-10.el9_7.1.s390x.rpm", "libcap-0:2.48-10.el9_7.1.src.rpm", "libcap-0:2.48-10.el9_7.1.x86_64.rpm", "libcap-debuginfo-0:2.48-10.el9_7.1.aarch64.rpm", "libcap-debuginfo-0:2.48-10.el9_7.1.i686.rpm", "libcap-debuginfo-0:2.48-10.el9_7.1.ppc64le.rpm", "libcap-debuginfo-0:2.48-10.el9_7.1.s390x.rpm", "libcap-debuginfo-0:2.48-10.el9_7.1.x86_64.rpm", "libcap-debugsource-0:2.48-10.el9_7.1.aarch64.rpm", "libcap-debugsource-0:2.48-10.el9_7.1.i686.rpm", "libcap-debugsource-0:2.48-10.el9_7.1.ppc64le.rpm","libcap-debugsource-0:2.48-10.el9_7.1.s390x.rpm", "libcap-debugsource-0:2.48-10.el9_7.1.x86_64.rpm", "libcap-devel-0:2.48-10.el9_7.1.aarch64.rpm", "libcap-devel-0:2.48-10.el9_7.1.i686.rpm", "libcap-devel-0:2.48-10.el9_7.1.ppc64le.rpm", "libcap-devel-0:2.48-10.el9_7.1.s390x.rpm", "libcap-devel-0:2.48-10.el9_7.1.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important libcap update on Rocky Linux 9 addresses privilege escalation via TOCTOU race condition. Get security fix details!. libcap security update, Rocky Linux libcap update, privilege escalation, TOCTOU race condition, important security advisory. . LinuxSecurity.com Team

Calendar%202 May 03, 2026 Rocky Linux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":1,"type":"x","order":1,"pct":33.33,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":66.67,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here