Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
99
security advisorysecurity fixsoftware upgradeSlackware 15.0: 2022-124-04 Important Seamonkey Security Patch
New seamonkey packages are available for Slackware 15.0 and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] seamonkey (SSA:2022-124-03) New seamonkey packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/seamonkey-2.53.12-i686-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.seamonkey-project.org/releases/seamonkey2.53.12/ (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: Updated package for Slackware x86_64 15.0: Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 15.0 package: f3895f8590600532d6b8da3ae3cdf427 seamonkey-2.53.12-i686-1_slack15.0.txz Slackware x86_64 15.0 package: febbf2d0e3bf33a83b9044399ff552dd seamonkey-2.53.12-x86_64-1_slack15.0.txz Slackware -current package: 85e7ff1856034092cb8d0a8019776b9e xap/seamonkey-2.53.12-i686-1.txz Slackware x86_64 -current package: 20360955302064858ac85970acc6ed0b xap/seamonkey-2.53.12-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg seamonkey-2.53.12-i686-1_slack15.0.txz +-----+ . Updated SeaMonkey packages have been released to address critical vulnerabilities for both Slackware 15.0 and the -current versions.. Seamonkey Security, Slackware Updates, Security Package Upgrade. . Severity: Important. LinuxSecurity.com Team
May 04, 2022
•Important
Slackware
197
security advisoryinformation leakdebianDebian 9: DLA-2713-1 Critical: Linux Privilege Escalation Issues
Brief introduction CVE-2021-3609 . -------------------------------------------------------------------------Debian LTS Advisory DLA-2713-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Ben Hutchings July 20, 2021 https://wiki.debian.org/LTS -------------------------------------------------------------------------Package : linux Version : 4.9.272-2 CVE ID : CVE-2021-3609 CVE-2021-21781 CVE-2021-33909 CVE-2021-34693 Debian Bug : 990072 Brief introduction CVE-2021-3609 Norbert Slusarek reported a race condition vulnerability in the CAN BCM networking protocol, allowing a local attacker to escalate privileges. CVE-2021-21781 "Lilith > _> " of Cisco Talos discovered that the Arm initialisation code does not fully initialise the "sigpage" that is mapped into user-space processes to support signal handling. This could result in leaking sensitive information, particularly when the system is rebooted. CVE-2021-33909 The Qualys Research Labs discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer. An unprivileged local attacker able to create, mount, and then delete a deep directory structure whose total path length exceeds 1GB, can take advantage of this flaw for privilege escalation. Details can be found in the Qualys advisory at https://www.qualys.com/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linux.txt CVE-2021-34693 Norbert Slusarek discovered an information leak in the CAN BCM networking protocol. A local attacker can take advantage of this flaw to obtain sensitive information from kernel stack memory. For Debian 9 stretch, these problems have been fixed in version 4.9.272-2. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker pageat: https://security-tracker.debian.org/tracker/source-package/linux Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS --Ben Hutchings - Debian developer, member of kernel, installer and LTS teams . Ubuntu Security Notice USN-4906-1 addresses several vulnerabilities in the kernel packages. Urgent updates advised for system administrators.. Debian Security, Linux Update, Privilege Escalation, Information Leak. . Severity: Critical. LinuxSecurity.com Team
Jul 20, 2021
•Critical
Debian LTS
198
security advisorydenial of servicemedium riskArch Linux: ASA-201811-1 Low: Linux Denial of Service Issue
The package linux before version 4.18.13.arch1-1 is vulnerable to denial of service. . Arch Linux Security Advisory ASA-201811-1 ======================================== Severity: Low Date : 2018-11-01 CVE-ID : CVE-2018-18445 Package : linux Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-784 Summary ====== The package linux before version 4.18.13.arch1-1 is vulnerable to denial of service. Resolution ========= Upgrade to 4.18.13.arch1-1. # pacman -Syu "linux> =4.18.13.arch1-1" The problem has been fixed upstream in version 4.18.13.arch1. Workaround ========= None. Description ========== In the Linux kernel 4.14.x before 4.14.75 and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out- of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. Impact ===== A local attacker is able to crash the kernel and leak information using a specially crafted BPF program. References ========= https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/ https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.13 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.75 https://bugs.chromium.org/p/project-zero/issues/detail?id=1686 https://seclists.org/oss-sec/2018/q4/69 https://security.archlinux.org/CVE-2018-18445 . Arch Linux Security Advisory ASA-202109-2 discusses a minor severity vulnerability related to a denial of service in the linux kernel package.. Arch Linux, Linux Denial of Service, Security Advisory, Linux Package Update. . Severity: Low. LinuxSecurity.com Team
Nov 01, 2018
•Low
ArchLinux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!