Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian DSA-5505-1 Critical: Lldpd Denial Of Service Risk Alert

Matteo Memelli reported an out-of-bounds read flaw when parsing CDP addresses in lldpd, an implementation of the IEEE 802.1ab (LLDP) protocol. A remote attacker can take advantage of this flaw to cause a denial of service via a specially crafted CDP PDU packet. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5505-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso September 25, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lldpd CVE ID : CVE-2023-41910 Matteo Memelli reported an out-of-bounds read flaw when parsing CDP addresses in lldpd, an implementation of the IEEE 802.1ab (LLDP) protocol. A remote attacker can take advantage of this flaw to cause a denial of service via a specially crafted CDP PDU packet. For the oldstable distribution (bullseye), this problem has been fixed in version 1.0.11-1+deb11u2. For the stable distribution (bookworm), this problem has been fixed in version 1.0.16-1+deb12u1. We recommend that you upgrade your lldpd packages. For the detailed security status of lldpd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/lldpd Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian DSA-5506-1 mitigates a buffer overflow flaw in network-manager, posing risks for service disruption. Upgrade is advised!. Debian Security,Lldpd Update,Network Security,LLDP Protocol,Denial Of Service. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 25, 2023 Critical Debian
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorymoderatedebian

Debian 10 Buster DLA-3578-1 Moderate: lldpd Remote Execution Risk

Matteo Memelli discovered a flaw in lldpd, an implementation of the IEEE 802.1ab protocol. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3578-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Markus Koschany September 22, 2023 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : lldpd Version : 1.0.3-1+deb10u2 CVE ID : CVE-2023-41910 Matteo Memelli discovered a flaw in lldpd, an implementation of the IEEE 802.1ab protocol. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. For Debian 10 buster, this problem has been fixed in version 1.0.3-1+deb10u2. We recommend that you upgrade your lldpd packages. For the detailed security status of lldpd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/lldpd Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A new Debian LTS Advisory addresses a security flaw in lldpd, which may allow remote attackers to exploit the system via specially crafted LLDP packets.. Debian LTS, lldpd, remote exploit. . LinuxSecurity.com Team

Calendar 2 Sep 22, 2023 Debian LTS
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

Ubuntu 22.04: 2023-45f7abc123 Serious: NetworkManager DoS And Memory Leak

Update to the latest 1.0.16: * Lots of updates, enhancements and fixes from 1.0.4 * CVEs: CVE-2020-27827, CVE-2021-43612. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-3e4feeadec 2023-04-20 05:23:47.393434 --------------------------------------------------------------------------------Name : lldpd Product : Fedora 36 Version : 1.0.16 Release : 1.fc36 URL : https://github.com/lldpd/ Summary : ISC-licensed implementation of LLDP Description : LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices. --------------------------------------------------------------------------------Update Information: Update to the latest 1.0.16: * Lots of updates, enhancements and fixes from 1.0.4 * CVEs: CVE-2020-27827, CVE-2021-43612 --------------------------------------------------------------------------------ChangeLog: * Tue Apr 11 2023 Peter Robinson - 1.0.16-1 - Update to 1.0.16 - Modernise spec file - CVEs: CVE-2020-27827, CVE-2020-27827, CVE-2021-43612 * Thu Jan 19 2023 Fedora Release Engineering - 1.0.4-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Thu Dec 8 2022 Florian Weimer - 1.0.4-11 - Port configure script to C99 * Thu Jul 21 2022 Fedora Release Engineering - 1.0.4-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1797336 - lldpd-1.0.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1797336 [ 2 ] Bug #1921441 - CVE-2020-27827 lldpd: lldp/openvswitch: denial of service via externally triggered memory leak [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1921441 [ 3 ] Bug #2040390 -CVE-2021-43612 lldpd: heap-based buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2040390 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-3e4feeadec' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Address critical NetworkManager DoS and memory leak vulnerabilities impacting Ubuntu 22.04 systems.. Fedora 36 Updates,Lldpd Security Fixes,CVE Patches for Lldpd. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 20, 2023 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorybuffer overflowsoftware update

Fedora 37 Lldpd 1.0.16 Advisory: Critical Memory Leak And Buffer Overflow

Update to the latest 1.0.16: * Lots of updates, enhancements and fixes from 1.0.4 * CVEs: CVE-2020-27827, CVE-2021-43612. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-c0c184a019 2023-04-20 02:53:04.598559 --------------------------------------------------------------------------------Name : lldpd Product : Fedora 37 Version : 1.0.16 Release : 1.fc37 URL : https://github.com/lldpd/ Summary : ISC-licensed implementation of LLDP Description : LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices. --------------------------------------------------------------------------------Update Information: Update to the latest 1.0.16: * Lots of updates, enhancements and fixes from 1.0.4 * CVEs: CVE-2020-27827, CVE-2021-43612 --------------------------------------------------------------------------------ChangeLog: * Tue Apr 11 2023 Peter Robinson - 1.0.16-1 - Update to 1.0.16 - Modernise spec file - CVEs: CVE-2020-27827, CVE-2020-27827, CVE-2021-43612 * Thu Jan 19 2023 Fedora Release Engineering - 1.0.4-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Thu Dec 8 2022 Florian Weimer - 1.0.4-11 - Port configure script to C99 --------------------------------------------------------------------------------References: [ 1 ] Bug #1797336 - lldpd-1.0.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1797336 [ 2 ] Bug #1921441 - CVE-2020-27827 lldpd: lldp/openvswitch: denial of service via externally triggered memory leak [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1921441 [ 3 ] Bug #2040390 - CVE-2021-43612 lldpd: heap-based buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2040390 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-c0c184a019' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Upgrade lldpd to version 1.0.16 on Fedora 37 to resolve critical memory leak and buffer overflow vulnerabilities implementing significant improvements.. lldpd update,Fedora security,buffer overflow fix,memory leak patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 20, 2023 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatefedora

Fedora 38: 2023-88991d2713 Moderate: lldpd DoS and Heap Overflow

Update to the latest 1.0.16: * Lots of updates, enhancements and fixes from 1.0.4 * CVEs: CVE-2020-27827, CVE-2021-43612. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-88991d2713 2023-04-19 01:38:17.099647 --------------------------------------------------------------------------------Name : lldpd Product : Fedora 38 Version : 1.0.16 Release : 1.fc38 URL : https://github.com/lldpd/ Summary : ISC-licensed implementation of LLDP Description : LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices. --------------------------------------------------------------------------------Update Information: Update to the latest 1.0.16: * Lots of updates, enhancements and fixes from 1.0.4 * CVEs: CVE-2020-27827, CVE-2021-43612 --------------------------------------------------------------------------------ChangeLog: * Tue Apr 11 2023 Peter Robinson - 1.0.16-1 - Update to 1.0.16 - Modernise spec file - CVEs: CVE-2020-27827, CVE-2020-27827, CVE-2021-43612 --------------------------------------------------------------------------------References: [ 1 ] Bug #1797336 - lldpd-1.0.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1797336 [ 2 ] Bug #1921441 - CVE-2020-27827 lldpd: lldp/openvswitch: denial of service via externally triggered memory leak [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1921441 [ 3 ] Bug #2040390 - CVE-2021-43612 lldpd: heap-based buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2040390 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-88991d2713' at the command line.For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Discover the Fedora 38 lldpd patch addressing severe vulnerabilities and improving overall performance. Access the comprehensive update information here.. Fedora 38,lldpd,security update,DoS fix,buffer overflow. . LinuxSecurity.com Team

Calendar 2 Apr 19, 2023 Fedora
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorymoderatedenial of service

Debian 10 Buster DLA-3389-1 Moderate: lldpd DoS Security Issue

* The following was previously incorrectly announced to this list * * as DLA-3388-1. The correct DLA identifier for this advisory is * * DLA-3389-1. * . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3389-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb April 10, 2023 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : lldpd Version : 1.0.3-1+deb10u1 CVE IDs : CVE-2020-27827 CVE-2021-43612 Debian Bug : 980132 * The following was previously incorrectly announced to this list * * as DLA-3388-1. The correct DLA identifier for this advisory is * * DLA-3389-1. * It was discovered that there were two potential denial of service (DoS) attacks in lldpd, a implementation of the IEEE 802.1ab (LLDP) protocol used to administer and monitor networking devices. For Debian 10 buster, these problems have been fixed in version 1.0.3-1+deb10u1. We recommend that you upgrade your lldpd packages. For the detailed security status of lldpd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/lldpd Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Uncover security patches for lldpd in Debian LTS DLA-3389-1 targeting denial-of-service vulnerabilities. Update advised.. Debian LTS,lldpd security,DoS attack,Debian update,security advisory. . LinuxSecurity.com Team

Calendar 2 Apr 12, 2023 Debian LTS
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian 10 Buster DLA-3388-1 Critical: lldpd Denial Of Service Threat

It was discovered that there were two potential denial of service (DoS) attacks in lldpd, a implementation of the IEEE 802.1ab (LLDP) protocol used to administer and monitor networking devices. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3388-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb April 10, 2023 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : lldpd Version : 1.0.3-1+deb10u1 CVE IDs : CVE-2020-27827 CVE-2021-43612 Debian Bug : 980132 It was discovered that there were two potential denial of service (DoS) attacks in lldpd, a implementation of the IEEE 802.1ab (LLDP) protocol used to administer and monitor networking devices. For Debian 10 buster, these problems have been fixed in version 1.0.3-1+deb10u1. We recommend that you upgrade your lldpd packages. For the detailed security status of lldpd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/lldpd Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Uncover the latest Denial of Service vulnerabilities in lldpd and important patches to strengthen Debian's security posture. Comprehensive information on available modules included.. Debian LTS,lldpd DoS,security update,networking devices,software remediation. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 10, 2023 Critical Debian LTS
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorymedium severityremote threat

Arch Linux: ASA-202101-29 Medium: Lldpd Information Leak Threat

The package lldpd before version 1.0.8-1 is vulnerable to information disclosure. . Arch Linux Security Advisory ASA-202101-29 ========================================= Severity: Medium Date : 2021-01-20 CVE-ID : CVE-2020-27827 Package : lldpd Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-1451 Summary ====== The package lldpd before version 1.0.8-1 is vulnerable to information disclosure. Resolution ========= Upgrade to 1.0.8-1. # pacman -Syu "lldpd> =1.0.8-1" The problem has been fixed upstream in version 1.0.8. Workaround ========= None. Description ========== A security issue was found in lldpd before version 1.0.8. A packet that contains multiple instances of certain TLVs will cause lldpd to continually allocate memory and leak the old memory. As an example, multiple instances of system name TLV will cause old values to be dropped by the decoding routine. Impact ===== A remote attack can leak information through crafted packets. References ========= https://github.com/lldpd/lldpd/blob/master/NEWS https://github.com/lldpd/lldpd/commit/a8d3c90feca548fc0656d95b5d278713db86ff61 https://mail.openvswitch.org/pipermail/ovs-announce/2021-January/000269.html https://github.com/openvswitch/ovs/pull/337 https://github.com/openvswitch/ovs/commit/f915f32f5667e3b9d460055d8b47fa5d204ce83a https://security.archlinux.org/CVE-2020-27827 . Ubuntu Security Notice USN-2022-1234-1 addresses a low severity vulnerability in apache2 before version 2.4.51-0.. Arch Linux Advisory,Lldpd Security Issue,Information Disclosure Upgrade. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Jan 28, 2021 Medium ArchLinux
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here