Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":1,"type":"x","order":1,"pct":33.33,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":66.67,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 8 articles for you...
202

openSUSE Leap 16.0 libjxl Important Heap Overflow Fix 2026-21100-1

An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for libjxl ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21100-1 Rating: important References: * bsc#1266460 Cross-References: * CVE-2025-70103 CVSS scores: * CVE-2025-70103 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-70103 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for libjxl fixes the following issue - CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks (bsc#1266460). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-965=1 Package List: - openSUSE Leap 16.0: gdk-pixbuf-loader-jxl-0.11.2-160000.2.1 jxl-thumbnailer-0.11.2-160000.2.1 libjxl-devel-0.11.2-160000.2.1 libjxl-tools-0.11.2-160000.2.1 libjxl0_11-0.11.2-160000.2.1 libjxl0_11-x86-64-v3-0.11.2-160000.2.1 References: * https://www.suse.com/security/cve/CVE-2025-70103.html . Critical openSUSE security update for libjxl addresses a heap buffer overflow issue and includes patch instructions.. openSUSE security libjxl update patch. . LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 OpenSUSE
100

SUSE libjxl Important Heap Buffer Overflow Vuln 2026-22174-1

An update that solves one vulnerability can now be installed.. # Security update for libjxl Announcement ID: SUSE-SU-2026:22174-1 Release Date: 2026-06-19T10:26:38Z Rating: important References: * bsc#1266460 Cross-References: * CVE-2025-70103 CVSS scores: * CVE-2025-70103 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-70103 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-70103 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for libjxl fixes the following issue * CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks (bsc#1266460). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-965=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-965=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libjxl0_11-debuginfo-0.11.2-160000.2.1 * libjxl-debugsource-0.11.2-160000.2.1 * libjxl-devel-0.11.2-160000.2.1 * libjxl0_11-0.11.2-160000.2.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * libjxl0_11-x86-64-v3-0.11.2-160000.2.1 * libjxl0_11-x86-64-v3-debuginfo-0.11.2-160000.2.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libjxl0_11-debuginfo-0.11.2-160000.2.1 * libjxl-debugsource-0.11.2-160000.2.1 * libjxl-devel-0.11.2-160000.2.1 * libjxl0_11-0.11.2-160000.2.1 * SUSE Linux Enterprise Server 16.0 (x86_64) *libjxl0_11-x86-64-v3-0.11.2-160000.2.1 * libjxl0_11-x86-64-v3-debuginfo-0.11.2-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-70103.html * https://bugzilla.suse.com/show_bug.cgi?id=1266460 . A critical update for SUSE addresses a heap buffer overflow in libjxl enhancing system security.. SUSE Security Update, Heap Buffer Overflow, libjxl, CVE-2025-70103, Important Patch. . LinuxSecurity.com Team

Calendar%202 Jun 23, 2026 SuSE
172

Ubuntu 26.04 LTS libjxl Severe Denial of Service USN-8397-1

libjxl could be made to crash or run programs if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-8397-1 June 08, 2026 jpeg-xl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 Summary: libjxl could be made to crash or run programs if it opened a specially crafted file. Software Description: - jpeg-xl: Reference codec implementation for JPEG XL compressed raster image format Details: It was discovered that libjxl did not properly handle certain crafted PBM images. An attacker could possibly use this issue to cause libjxl to crash, resulting in a denial of service, or execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libjxl-tools 0.11.1-6ubuntu4.2 libjxl0.11 0.11.1-6ubuntu4.2 Ubuntu 25.10 libjxl-tools 0.11.1-6ubuntu1.2 libjxl0.11 0.11.1-6ubuntu1.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8397-1 CVE-2025-70103 Package Information: https://launchpad.net/ubuntu/+source/jpeg-xl/0.11.1-6ubuntu4.2 https://launchpad.net/ubuntu/+source/jpeg-xl/0.11.1-6ubuntu1.2 . libjxl on Ubuntu could crash or run programs from malicious files. Immediate updates are needed for safety.. Ubuntu Updates, jpeg-xl Security, libjxl Threats, Denial of Service, Ubuntu Security. . LinuxSecurity.com Team

Calendar%202 Jun 08, 2026 Ubuntu
100

SUSE 15 SP7 libjxl Important Heap Overflow Vuln 2026-2286-1

An update that solves one vulnerability can now be installed.. # Security update for libjxl Announcement ID: SUSE-SU-2026:2286-1 Release Date: 2026-06-05T12:16:51Z Rating: important References: * bsc#1266460 Cross-References: * CVE-2025-70103 CVSS scores: * CVE-2025-70103 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-70103 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-70103 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for libjxl fixes the following issues: Security fixes: * CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks (bsc#1266460). Other fixes: * Update to version 0.10.5: * fix tile dimension in low memory rendering pipeline. * fix number of channels for gray-to-gray color transform. * `djxl`: reject decoding JXL files if "packed" representation size overflows. * Changes from version 0.10.4: * Huffman lookup table size fix. * Check height limit in modular trees. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2286=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * libjxl-tools-debuginfo-0.10.5-150700.4.12.1 * libjxl0_10-0.10.5-150700.4.12.1 * libjxl-devel-0.10.5-150700.4.12.1 * libjxl0_10-debuginfo-0.10.5-150700.4.12.1 * libjxl-debugsource-0.10.5-150700.4.12.1 * libjxl-tools-0.10.5-150700.4.12.1 * SUSE Package Hub 15 15-SP7 (x86_64) * libjxl0_10-32bit-0.10.5-150700.4.12.1 * libjxl0_10-32bit-debuginfo-0.10.5-150700.4.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-70103.html * https://bugzilla.suse.com/show_bug.cgi?id=1266460 . SUSE updates libjxl to address important security issue related to heap buffer overflow risk.. SUSE Linux libjxl buffer overflow update. . LinuxSecurity.com Team

Calendar%202 Jun 05, 2026 SuSE
202

openSUSE Backports libjxl Important Input Length Issue CVE-2025-70103

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for libjxl ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0182-1 Rating: important References: #1266460 Cross-References: CVE-2025-70103 CVSS scores: CVE-2025-70103 (SUSE): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libjxl fixes the following issues: - CVE-2025-70103: take EC into account when checking required PNM input length (boo#1266460). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-182=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64): gdk-pixbuf-loader-jxl-0.8.5-bp157.2.6.1 gimp-plugin-jxl-0.8.5-bp157.2.6.1 libjxl-devel-0.8.5-bp157.2.6.1 libjxl-tools-0.8.5-bp157.2.6.1 libjxl0_8-0.8.5-bp157.2.6.1 - openSUSE Backports SLE-15-SP7 (aarch64_ilp32): libjxl0_8-64bit-0.8.5-bp157.2.6.1 - openSUSE Backports SLE-15-SP7 (noarch): jxl-thumbnailer-0.8.5-bp157.2.6.1 - openSUSE Backports SLE-15-SP7 (x86_64): libjxl0_8-32bit-0.8.5-bp157.2.6.1 References: https://www.suse.com/security/cve/CVE-2025-70103.html https://bugzilla.suse.com/1266460 . Update available for libjxl addressing CVE-2025-70103 with important severity. Ensure to apply the patch promptly.. libjxl security update, openSUSE patches, important vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Jun 02, 2026 OpenSUSE
202

openSUSE libjxl Important EC Input Length Issue 2026-0182-1 CVE-2025-70103

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for libjxl ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0182-1 Rating: important References: #1266460 Cross-References: CVE-2025-70103 CVSS scores: CVE-2025-70103 (SUSE): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libjxl fixes the following issues: - CVE-2025-70103: take EC into account when checking required PNM input length (boo#1266460). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-182=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 i586 ppc64le s390x x86_64): gdk-pixbuf-loader-jxl-0.8.5-bp157.2.6.1 gimp-plugin-jxl-0.8.5-bp157.2.6.1 libjxl-devel-0.8.5-bp157.2.6.1 libjxl-tools-0.8.5-bp157.2.6.1 libjxl0_8-0.8.5-bp157.2.6.1 - openSUSE Backports SLE-15-SP7 (aarch64_ilp32): libjxl0_8-64bit-0.8.5-bp157.2.6.1 - openSUSE Backports SLE-15-SP7 (noarch): jxl-thumbnailer-0.8.5-bp157.2.6.1 - openSUSE Backports SLE-15-SP7 (x86_64): libjxl0_8-32bit-0.8.5-bp157.2.6.1 References: https://www.suse.com/security/cve/CVE-2025-70103.html https://bugzilla.suse.com/1266460 . Update available for openSUSE to fix critical issue in libjxl affecting input length validation.. openSUSE security update libjxl CVE-2025-70103. . LinuxSecurity.com Team

Calendar%202 Jun 02, 2026 OpenSUSE
100

SUSE 2026 libxyz Resource Exhaustion Warning SUSE-SU-2026-2143-7

An update that solves one vulnerability can now be installed.. # Security update for libjxl Announcement ID: SUSE-SU-2026:1154-1 Release Date: 2026-03-31T09:04:48Z Rating: moderate References: * bsc#1233785 Cross-References: * CVE-2024-11498 CVSS scores: * CVE-2024-11498 ( SUSE ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2024-11498 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-11498 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for libjxl fixes the following issue: * CVE-2024-11498: Resource exhaustion via Stack overflow in libjxl (bsc#1233785). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1154=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * libjxl-debugsource-0.10.3-150700.4.9.1 * libjxl-tools-debuginfo-0.10.3-150700.4.9.1 * libjxl0_10-debuginfo-0.10.3-150700.4.9.1 * libjxl-devel-0.10.3-150700.4.9.1 * libjxl0_10-0.10.3-150700.4.9.1 * libjxl-tools-0.10.3-150700.4.9.1 * SUSE Package Hub 15 15-SP7 (x86_64) * libjxl0_10-32bit-debuginfo-0.10.3-150700.4.9.1 * libjxl0_10-32bit-0.10.3-150700.4.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11498.html * https://bugzilla.suse.com/show_bug.cgi?id=1233785 .Update for libjxl addresses resource exhaustion issues; patch now available for affected SUSE Linux distributions.. libjxl update, SUSE security patch, resource exhaustion issue, moderate severity update, Linux security advisory. . LinuxSecurity.com Team

Calendar%202 Mar 31, 2026 SuSE
202

openSUSE 2026-0107-1 libjxl Moderate Vulnerability Fix CVE-2025-12474

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for libjxl ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0107-1 Rating: moderate References: #1258090 Cross-References: CVE-2025-12474 CVSS scores: CVE-2025-12474 (SUSE): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libjxl fixes the following issues: - Update to release 0.8.5 (boo#1258090): * fix tile dimension in low memory rendering pipeline [CVE-2025-12474]. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2026-107=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 i586 s390x x86_64): gdk-pixbuf-loader-jxl-0.8.5-bp156.3.6.1 gimp-plugin-jxl-0.8.5-bp156.3.6.1 libjxl-devel-0.8.5-bp156.3.6.1 libjxl-tools-0.8.5-bp156.3.6.1 libjxl0_8-0.8.5-bp156.3.6.1 - openSUSE Backports SLE-15-SP6 (aarch64_ilp32): libjxl0_8-64bit-0.8.5-bp156.3.6.1 - openSUSE Backports SLE-15-SP6 (x86_64): libjxl0_8-32bit-0.8.5-bp156.3.6.1 - openSUSE Backports SLE-15-SP6 (noarch): jxl-thumbnailer-0.8.5-bp156.3.6.1 References: https://www.suse.com/security/cve/CVE-2025-12474.html https://bugzilla.suse.com/1258090 . openSUSE update addresses a moderate security flaw in libjxl, enhancing system safety through recommended patches.. openSUSE, libjxl, update, security patch, CVE-2025-12474. . LinuxSecurity.com Team

Calendar%202 Mar 30, 2026 OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":1,"type":"x","order":1,"pct":33.33,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":66.67,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here