Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 531
Alerts This Week
Warning Icon 1 531

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 77 articles for you...
219

Rocky Linux 8 Release Announcement RLSA-2023-5539 libvpx Memory Issue

Important: libvpx security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:5537", "synopsis": "Important: libvpx security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libvpx.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.\n\nSecurity Fix(es):\n\n* libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE-2023-5217)\n\n* libvpx: crash related to VP9 encoding in libvpx (CVE-2023-44488)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2241191", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2241191", "description": ""}, {"ticket": "2241806", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2241806", "description": ""}], "cves": [{"name": "CVE-2023-44488", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-44488", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-755"}, {"name": "CVE-2023-5217", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-5217", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-119"}], "references": [], "publishedAt": "2026-03-18T06:01:13.733535Z", "rpms": {"Rocky Linux 8": {"nvras": ["libvpx-0:1.7.0-10.el8_8.aarch64.rpm", "libvpx-0:1.7.0-10.el8_8.i686.rpm", "libvpx-0:1.7.0-10.el8_8.src.rpm", "libvpx-0:1.7.0-10.el8_8.x86_64.rpm","libvpx-debuginfo-0:1.7.0-10.el8_8.aarch64.rpm", "libvpx-debuginfo-0:1.7.0-10.el8_8.i686.rpm", "libvpx-debuginfo-0:1.7.0-10.el8_8.x86_64.rpm", "libvpx-debugsource-0:1.7.0-10.el8_8.aarch64.rpm", "libvpx-debugsource-0:1.7.0-10.el8_8.i686.rpm", "libvpx-debugsource-0:1.7.0-10.el8_8.x86_64.rpm", "libvpx-devel-0:1.7.0-10.el8_8.aarch64.rpm", "libvpx-devel-0:1.7.0-10.el8_8.i686.rpm", "libvpx-devel-0:1.7.0-10.el8_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Potential risks from libvpx issues on Rocky Linux include heap buffer overflow and VP9 crashes. Immediate updates recommended.. Rocky Linux libvpx updates heap buffer overflow VP9 crash. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 18, 2026 Important Rocky Linux
217

Oracle Linux 10 libvpx Important Vulnerability Advisory ELSA-2026-4629

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-4629 http://linux.oracle.com/errata/ELSA-2026-4629.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: libvpx-1.14.1-6.el10_1.x86_64.rpm libvpx-devel-1.14.1-6.el10_1.x86_64.rpm aarch64: libvpx-1.14.1-6.el10_1.aarch64.rpm libvpx-devel-1.14.1-6.el10_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/libvpx-1.14.1-6.el10_1.src.rpm Related CVEs: CVE-2026-2447 Description of changes: [1.14.1-6] - Add patch for superindex full Resolves: RHEL-150332 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updated libvpx for Oracle Linux 10 addresses important security issues. Prompt patching is recommended for system integrity.. Oracle Linux updates, libvpx security, security patches, important vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 17, 2026 Important Oracle
219

Rocky Linux RLSA-2026-4821 libvpx Notable Performance Drop CVE-2026-2501

Important: libvpx security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:4629", "synopsis": "Important: libvpx security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libvpx.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.\n\nSecurity Fix(es):\n\n* libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2440219", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2440219", "description": ""}], "cves": [{"name": "CVE-2026-2447", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2447", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}], "references": [], "publishedAt": "2026-03-17T12:07:50.329361Z", "rpms": {"Rocky Linux 10": {"nvras": ["libvpx-0:1.14.1-6.el10_1.src.rpm", "libvpx-debuginfo-0:1.14.1-6.el10_1.ppc64le.rpm", "libvpx-debuginfo-0:1.14.1-6.el10_1.aarch64.rpm", "libvpx-devel-0:1.14.1-6.el10_1.ppc64le.rpm", "libvpx-0:1.14.1-6.el10_1.s390x.rpm", "libvpx-devel-0:1.14.1-6.el10_1.x86_64.rpm", "libvpx-debugsource-0:1.14.1-6.el10_1.aarch64.rpm", "libvpx-debugsource-0:1.14.1-6.el10_1.x86_64.rpm", "libvpx-debugsource-0:1.14.1-6.el10_1.s390x.rpm", "libvpx-debuginfo-0:1.14.1-6.el10_1.x86_64.rpm", "libvpx-0:1.14.1-6.el10_1.ppc64le.rpm", "libvpx-debugsource-0:1.14.1-6.el10_1.ppc64le.rpm", "libvpx-0:1.14.1-6.el10_1.aarch64.rpm","libvpx-devel-0:1.14.1-6.el10_1.aarch64.rpm", "libvpx-0:1.14.1-6.el10_1.x86_64.rpm", "libvpx-debuginfo-0:1.14.1-6.el10_1.s390x.rpm", "libvpx-devel-0:1.14.1-6.el10_1.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. An important security update for libvpx in Rocky Linux addresses a critical buffer overflow issue identified as CVE-2026-2447.. Rocky Linux libvpx update buffer overflow CVE-2026-2447. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 17, 2026 Important Rocky Linux
219

Rocky Linux 9 RLSA-2026-5678 libjpeg Critical Buffer Overflow Patch

Important: libvpx security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:4447", "synopsis": "Important: libvpx security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libvpx.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.\n\nSecurity Fix(es):\n\n* libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2440219", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2440219", "description": ""}], "cves": [{"name": "CVE-2026-2447", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-2447", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}], "references": [], "publishedAt": "2026-03-13T12:03:59.563415Z", "rpms": {"Rocky Linux 9": {"nvras": ["libvpx-0:1.9.0-10.el9_7.aarch64.rpm", "libvpx-0:1.9.0-10.el9_7.i686.rpm", "libvpx-0:1.9.0-10.el9_7.ppc64le.rpm", "libvpx-0:1.9.0-10.el9_7.s390x.rpm", "libvpx-0:1.9.0-10.el9_7.src.rpm", "libvpx-0:1.9.0-10.el9_7.x86_64.rpm", "libvpx-debuginfo-0:1.9.0-10.el9_7.aarch64.rpm", "libvpx-debuginfo-0:1.9.0-10.el9_7.i686.rpm", "libvpx-debuginfo-0:1.9.0-10.el9_7.ppc64le.rpm", "libvpx-debuginfo-0:1.9.0-10.el9_7.s390x.rpm", "libvpx-debuginfo-0:1.9.0-10.el9_7.x86_64.rpm", "libvpx-debugsource-0:1.9.0-10.el9_7.aarch64.rpm", "libvpx-debugsource-0:1.9.0-10.el9_7.i686.rpm", "libvpx-debugsource-0:1.9.0-10.el9_7.ppc64le.rpm","libvpx-debugsource-0:1.9.0-10.el9_7.s390x.rpm", "libvpx-debugsource-0:1.9.0-10.el9_7.x86_64.rpm", "libvpx-devel-0:1.9.0-10.el9_7.aarch64.rpm", "libvpx-devel-0:1.9.0-10.el9_7.i686.rpm", "libvpx-devel-0:1.9.0-10.el9_7.ppc64le.rpm", "libvpx-devel-0:1.9.0-10.el9_7.s390x.rpm", "libvpx-devel-0:1.9.0-10.el9_7.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. ], 'cves': [], 'references': [], 'publishedAt': '2026-03-13T12:03:59.563415Z', 'rpms': }, 'rebootSug. important, libvpx, security, update, references', publishedat', 2026-03-13t12. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 13, 2026 Important Rocky Linux
217

Oracle Linux 9 ELSA-2026-4447 libvpx Important Buffer Overflow

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-4447 http://linux.oracle.com/errata/ELSA-2026-4447.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libvpx-1.9.0-10.el9_7.i686.rpm libvpx-1.9.0-10.el9_7.x86_64.rpm libvpx-devel-1.9.0-10.el9_7.i686.rpm libvpx-devel-1.9.0-10.el9_7.x86_64.rpm aarch64: libvpx-1.9.0-10.el9_7.aarch64.rpm libvpx-devel-1.9.0-10.el9_7.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/libvpx-1.9.0-10.el9_7.src.rpm Related CVEs: CVE-2026-2447 Description of changes: [1.9.0-10] - Add patch for superindex full Resolves: RHEL-150344 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 advisory ELSA-2026-4447 for libvpx provides important updates addressing a critical issue.. Oracle Linux, libvpx, security advisory, patching, updates. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 12, 2026 Important Oracle
217

Oracle Linux 8 libvpx Significant Buffer Overflow Resolution ELSA-2026-3967

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-3967 http://linux.oracle.com/errata/ELSA-2026-3967.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libvpx-1.7.0-13.el8_10.i686.rpm libvpx-1.7.0-13.el8_10.x86_64.rpm libvpx-devel-1.7.0-13.el8_10.i686.rpm libvpx-devel-1.7.0-13.el8_10.x86_64.rpm aarch64: libvpx-1.7.0-13.el8_10.aarch64.rpm libvpx-devel-1.7.0-13.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/libvpx-1.7.0-13.el8_10.src.rpm Related CVEs: CVE-2026-2447 Description of changes: [1.7.0-13] - Add patch for superframe index full Resolves: RHEL-150334 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 8 provides important updates for libvpx addressing potential security risks from identified issues.. oracle linux updates, libvpx security, important security advisory, linux security patches. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 10, 2026 Important Oracle
219

Rocky Linux 8 RLSA-2026-3967 libvpx Important Buffer Overflow Fix

Important: libvpx security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3967", "synopsis": "Important: libvpx security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libvpx.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format.\n\nSecurity Fix(es):\n\n* libvpx: Heap buffer overflow in libvpx (CVE-2026-2447)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2440219", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2440219", "description": ""}], "cves": [{"name": "CVE-2026-2447", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-2447", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}], "references": [], "publishedAt": "2026-03-10T12:01:15.755248Z", "rpms": {"Rocky Linux 8": {"nvras": ["libvpx-0:1.7.0-13.el8_10.aarch64.rpm", "libvpx-0:1.7.0-13.el8_10.i686.rpm", "libvpx-0:1.7.0-13.el8_10.src.rpm", "libvpx-0:1.7.0-13.el8_10.x86_64.rpm", "libvpx-debuginfo-0:1.7.0-13.el8_10.aarch64.rpm", "libvpx-debuginfo-0:1.7.0-13.el8_10.i686.rpm", "libvpx-debuginfo-0:1.7.0-13.el8_10.x86_64.rpm", "libvpx-debugsource-0:1.7.0-13.el8_10.aarch64.rpm", "libvpx-debugsource-0:1.7.0-13.el8_10.i686.rpm", "libvpx-debugsource-0:1.7.0-13.el8_10.x86_64.rpm", "libvpx-devel-0:1.7.0-13.el8_10.aarch64.rpm", "libvpx-devel-0:1.7.0-13.el8_10.i686.rpm", "libvpx-devel-0:1.7.0-13.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences":[]}. A critical libvpx buffer overflow fix available for Rocky Linux 8. Updates address important security aspects.. Rocky Linux vulnerabilities libvpx updates buffer overflow. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 10, 2026 Important Rocky Linux
197

Debian 11 libvpx Important Buffer Overflow DoS Advisory DLA-4489-1

A buffer overflow was discovered in libvpx, a library implementing the VP8/VP9 open video codecs, which could result in denial of service or potentially the execution of arbitrary code. For Debian 11 bullseye, this problem has been fixed in version 1.9.0-1+deb11u5.. Debian LTS Advisory DLA-4489-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz February 22, 2026 https://wiki.debian.org/LTS Package : libvpx Version : 1.9.0-1+deb11u5 CVE ID : CVE-2026-2447 A buffer overflow was discovered in libvpx, a library implementing the VP8/VP9 open video codecs, which could result in denial of service or potentially the execution of arbitrary code. For Debian 11 bullseye, this problem has been fixed in version 1.9.0-1+deb11u5. We recommend that you upgrade your libvpx packages. For the detailed security status of libvpx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/libvpx Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Buffer overflow found in libvpx could lead to DoS or arbitrary code execution on Debian 11. Update recommended.. libvpx update, Debian 11 security, buffer overflow, DoS risk, libvpx advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Feb 22, 2026 Important Debian LTS
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200