Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryimportantkernel

openSUSE: 2023:4378-1 Important: Kernel Security Update

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed:. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2023:4378-1 Rating: important References: * bsc#1208788 * bsc#1210778 * bsc#1211307 * bsc#1212423 * bsc#1212649 * bsc#1213705 * bsc#1213772 * bsc#1214842 * bsc#1215095 * bsc#1215104 * bsc#1215518 * bsc#1215955 * bsc#1215956 * bsc#1215957 * bsc#1215986 * bsc#1216062 * bsc#1216345 * bsc#1216510 * bsc#1216511 * bsc#1216512 * bsc#1216621 Cross-References: * CVE-2023-2163 * CVE-2023-31085 * CVE-2023-34324 * CVE-2023-3777 * CVE-2023-39189 * CVE-2023-39193 * CVE-2023-5178 CVSS scores: * CVE-2023-2163 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2023-2163 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N * CVE-2023-31085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-31085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-34324 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-3777 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3777 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-39189 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-39189 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L * CVE-2023-39193 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L * CVE-2023-39193 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-5178 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5178 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP4 * Development Tools Module 15-SP4 * Legacy Module 15-SP4 * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise HighAvailability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Workstation Extension 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves seven vulnerabilities and has 14 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2163: Fixed an incorrect verifier pruning in BPF that could lead to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape. (bsc#1215518) * CVE-2023-34324: Fixed a possible deadlock in Linux kernel event handling. (bsc#1215745). * CVE-2023-39189: Fixed a flaw in the Netfilter subsystem that could allow a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. (bsc#1216046) * CVE-2023-5178: Fixed an UAF in queue intialization setup. (bsc#1215768) * CVE-2023-31085: Fixed a divide-by-zero error in do_div(sz,mtd-> erasesize) that could cause a local DoS. (bsc#1210778) * CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem (bsc#1215860). * CVE-2023-3777: Fixed a use-after-free vulnerability in netfilter: nf_tables component can be exploited to achieve local privilege escalation. (bsc#1215095) The following non-security bugs were fixed: * 9p: virtio: make sure 'offs' is initialized in zc_request (git-fixes). * ACPI: irq: Fixincorrect return value in acpi_register_gsi() (git-fixes). * ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CBA (git-fixes). * ALSA: hda: Disable power save for solving pop issue on Lenovo ThinkCentre M70q (git-fixes). * ALSA: hda/realtek: Change model for Intel RVP board (git-fixes). * ALSA: usb-audio: Fix microphone sound on Opencomm2 Headset (git-fixes). * ASoC: codecs: wcd938x-sdw: fix runtime PM imbalance on probe errors (git- fixes). * ASoC: codecs: wcd938x-sdw: fix use after free on driver unbind (git-fixes). * ASoC: codecs: wcd938x: drop bogus bind error handling (git-fixes). * ASoC: codecs: wcd938x: fix unbind tear down order (git-fixes). * ASoC: fsl: imx-pcm-rpmsg: Add SNDRV_PCM_INFO_BATCH flag (git-fixes). * ASoC: imx-rpmsg: Set ignore_pmdown_time for dai_link (git-fixes). * ASoC: pxa: fix a memory leak in probe() (git-fixes). * ata: libata-core: Do not register PM operations for SAS ports (git-fixes). * ata: libata-core: Fix ata_port_request_pm() locking (git-fixes). * ata: libata-core: Fix port and device removal (git-fixes). * ata: libata-sata: increase PMP SRST timeout to 10s (git-fixes). * ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION CODES (git-fixes). * blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init (bsc#1216062). * blk-cgroup: support to track if policy is online (bsc#1216062). * Bluetooth: avoid memcmp() out of bounds warning (git-fixes). * Bluetooth: Avoid redundant authentication (git-fixes). * Bluetooth: btusb: add shutdown function for QCA6174 (git-fixes). * Bluetooth: Fix a refcnt underflow problem for hci_conn (git-fixes). * Bluetooth: hci_event: Fix coding style (git-fixes). * Bluetooth: hci_event: Fix using memcmp when comparing keys (git-fixes). * Bluetooth: hci_event: Ignore NULL link key (git-fixes). * Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name (git-fixes). * Bluetooth: hci_sock: fix slab oob read increate_monitor_event (git-fixes). * Bluetooth: Reject connection with the device which has same BD_ADDR (git- fixes). * Bluetooth: vhci: Fix race when opening vhci device (git-fixes). * bpf: propagate precision in ALU/ALU64 operations (git-fixes). * bus: ti-sysc: Fix missing AM35xx SoC matching (git-fixes). * bus: ti-sysc: Use fsleep() instead of usleep_range() in sysc_reset() (git- fixes). * cgroup: Remove duplicates in cgroup v1 tasks file (bsc#1211307). * cgroup/cpuset: Change references of cpuset_mutex to cpuset_rwsem (bsc#1215955). * clk: tegra: fix error return case for recalc_rate (git-fixes). * counter: microchip-tcb-capture: Fix the use of internal GCLK logic (git- fixes). * crypto: qat - add fw_counters debugfs file (PED-6401). * crypto: qat - add heartbeat counters check (PED-6401). * crypto: qat - add heartbeat feature (PED-6401). * crypto: qat - add internal timer for qat 4xxx (PED-6401). * crypto: qat - add measure clock frequency (PED-6401). * crypto: qat - add missing function declaration in adf_dbgfs.h (PED-6401). * crypto: qat - add qat_zlib_deflate (PED-6401). * crypto: qat - add support for 402xx devices (PED-6401). * crypto: qat - change value of default idle filter (PED-6401). * crypto: qat - delay sysfs initialization (PED-6401). * crypto: qat - do not export adf_init_admin_pm() (PED-6401). * crypto: qat - drop log level of msg in get_instance_node() (PED-6401). * crypto: qat - drop obsolete heartbeat interface (PED-6401). * crypto: qat - drop redundant adf_enable_aer() (PED-6401). * crypto: qat - expose pm_idle_enabled through sysfs (PED-6401). * crypto: qat - extend buffer list logic interface (PED-6401). * crypto: qat - extend configuration for 4xxx (PED-6401). * crypto: qat - fix apply custom thread-service mapping for dc service (PED-6401). * crypto: qat - fix concurrency issue when device state changes (PED-6401). * crypto: qat - fix crypto capability detection for 4xxx (PED-6401). * crypto: qat - fixspelling mistakes from 'bufer' to 'buffer' (PED-6401). * crypto: qat - Include algapi.h for low-level Crypto API (PED-6401). * crypto: qat - make fw images name constant (PED-6401). * crypto: qat - make state machine functions static (PED-6401). * crypto: qat - move dbgfs init to separate file (PED-6401). * crypto: qat - move returns to default case (PED-6401). * crypto: qat - refactor device restart logic (PED-6401). * crypto: qat - refactor fw config logic for 4xxx (PED-6401). * crypto: qat - remove ADF_STATUS_PF_RUNNING flag from probe (PED-6401). * crypto: qat - Remove unused function declarations (PED-6401). * crypto: qat - replace state machine calls (PED-6401). * crypto: qat - replace the if statement with min() (PED-6401). * crypto: qat - set deprecated capabilities as reserved (PED-6401). * crypto: qat - unmap buffer before free for DH (PED-6401). * crypto: qat - unmap buffers before free for RSA (PED-6401). * crypto: qat - update slice mask for 4xxx devices (PED-6401). * crypto: qat - use kfree_sensitive instead of memset/kfree() (PED-6401). * dmaengine: idxd: use spin_lock_irqsave before wait_event_lock_irq (git- fixes). * dmaengine: mediatek: Fix deadlock caused by synchronize_irq() (git-fixes). * dmaengine: stm32-mdma: abort resume if no ongoing transfer (git-fixes). * Documentation: qat: change kernel version (PED-6401). * Documentation: qat: rewrite description (PED-6401). * Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails (git- fixes). * Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs (git- fixes). * drm: panel-orientation-quirks: Add quirk for One Mix 2S (git-fixes). * drm/amd/display: Do not check registers, if using AUX BL control (git- fixes). * drm/amd/display: Do not set dpms_off for seamless boot (git-fixes). * drm/amdgpu: add missing NULL check (git-fixes). * drm/amdgpu: Handle null atom context in VBIOS info ioctl (git-fixes). * drm/i915: Retry gtt fault when out of fenceregisters (git-fixes). * drm/msm/dp: do not reinitialize phy unless retry during link training (git- fixes). * drm/msm/dpu: change _dpu_plane_calc_bw() to use u64 to avoid overflow (git- fixes). * drm/msm/dsi: fix irq_of_parse_and_map() error checking (git-fixes). * drm/msm/dsi: skip the wait for video mode done if not applicable (git- fixes). * drm/vmwgfx: fix typo of sizeof argument (git-fixes). * firmware: arm_ffa: Do not set the memory region attributes for MEM_LEND (git-fixes). * firmware: imx-dsp: Fix an error handling path in imx_dsp_setup_channels() (git-fixes). * gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config() (git- fixes). * gpio: pmic-eic-sprd: Add can_sleep flag for PMIC EIC chip (git-fixes). * gpio: pxa: disable pinctrl calls for MMP_GPIO (git-fixes). * gpio: tb10x: Fix an error handling path in tb10x_gpio_probe() (git-fixes). * gpio: timberdale: Fix potential deadlock on &tgpio-> lock (git-fixes). * gpio: vf610: set value before the direction to avoid a glitch (git-fixes). * gve: Do not fully free QPL pages on prefill errors (git-fixes). * HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event (git- fixes). * HID: intel-ish-hid: ipc: Disable and reenable ACPI GPE bit (git-fixes). * HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect (git- fixes). * HID: multitouch: Add required quirk for Synaptics 0xcd7e device (git-fixes). * HID: sony: Fix a potential memory leak in sony_probe() (git-fixes). * HID: sony: remove duplicate NULL check before calling usb_free_urb() (git- fixes). * i2c: i801: unregister tco_pdev in i801_probe() error path (git-fixes). * i2c: mux: Avoid potential false error message in i2c_mux_add_adapter (git- fixes). * i2c: mux: demux-pinctrl: check the return value of devm_kstrdup() (git- fixes). * i2c: mux: gpio: Add missing fwnode_handle_put() (git-fixes). * i2c: mux: gpio: Replace custom acpi_get_local_address() (git-fixes). * i2c:npcm7xx: Fix callback completion ordering (git-fixes). * IB/mlx4: Fix the size of a buffer in add_port_entries() (git-fixes) * ieee802154: ca8210: Fix a potential UAF in ca8210_probe (git-fixes). * iio: pressure: bmp280: Fix NULL pointer exception (git-fixes). * iio: pressure: dps310: Adjust Timeout Settings (git-fixes). * iio: pressure: ms5611: ms5611_prom_is_valid false negative bug (git-fixes). * Input: goodix - ensure int GPIO is in input for gpio_count == 1 && gpio_int_idx == 0 case (git-fixes). * Input: powermate - fix use-after-free in powermate_config_complete (git- fixes). * Input: psmouse - fix fast_reconnect function for PS/2 mode (git-fixes). * Input: xpad - add PXN V900 support (git-fixes). * iommu/amd: Add map/unmap_pages() iommu_domain_ops callback support (bsc#1212423). * iommu/amd/io-pgtable: Implement map_pages io_pgtable_ops callback (bsc#1212423). * iommu/amd/io-pgtable: Implement unmap_pages io_pgtable_ops callback (bsc#1212423). * kabi: blkcg_policy_data fix KABI (bsc#1216062). * kabi: workaround for enum nft_trans_phase (bsc#1215104). * kprobes: Prohibit probing on CFI preamble symbol (git-fixes). * KVM: s390: fix gisa destroy operation might lead to cpu stalls (git-fixes bsc#1216512). * KVM: SVM: Do not kill SEV guest if SMAP erratum triggers in usermode (git- fixes). * KVM: x86: add support for CPUID leaf 0x80000021 (bsc#1213772). * KVM: x86: Fix clang -Wimplicit-fallthrough in do_host_cpuid() (git-fixes). * KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code (bsc#1213772). * KVM: x86: Propagate the AMD Automatic IBRS feature to the guest (bsc#1213772). * KVM: x86: synthesize CPUID leaf 0x80000021h if useful (bsc#1213772). * KVM: x86: work around QEMU issue with synthetic CPUID leaves (git-fixes). * KVM: x86/mmu: Reconstruct shadow page root if the guest PDPTEs is changed (git-fixes). * leds: Drop BUG_ON check for LED_COLOR_ID_MULTI (git-fixes). * mm, memcg: reconsiderkmem.limit_in_bytes deprecation (bsc#1208788 bsc#1213705). * mmc: core: Capture correct oemid-bits for eMMC cards (git-fixes). * mmc: core: sdio: hold retuning if sdio in 1-bit mode (git-fixes). * mmc: mtk-sd: Use readl_poll_timeout_atomic in msdc_reset_hw (git-fixes). * mtd: physmap-core: Restore map_rom fallback (git-fixes). * mtd: rawnand: arasan: Ensure program page operations are successful (git- fixes). * mtd: rawnand: marvell: Ensure program page operations are successful (git- fixes). * mtd: rawnand: pl353: Ensure program page operations are successful (git- fixes). * mtd: rawnand: qcom: Unmap the right resource upon probe failure (git-fixes). * mtd: spinand: micron: correct bitmask for ecc status (git-fixes). * net: mana: Fix oversized sge0 for GSO packets (bsc#1215986). * net: mana: Fix TX CQE error handling (bsc#1215986). * net: nfc: llcp: Add lock when modifying device list (git-fixes). * net: rfkill: gpio: prevent value glitch during probe (git-fixes). * net: sched: add barrier to fix packet stuck problem for lockless qdisc (bsc#1216345). * net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog (bsc#1216345). * net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read (git- fixes). * net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (git- fixes). * net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (git- fixes). * net: usb: smsc95xx: Fix an error code in smsc95xx_reset() (git-fixes). * net/sched: fix netdevice reference leaks in attach_default_qdiscs() (git- fixes). * netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain (git-fixes). * netfilter: nf_tables: unbind non-anonymous set if rule construction fails (git-fixes). * nfc: nci: assert requested protocol is valid (git-fixes). * nfc: nci: fix possible NULL pointer dereference in send_acknowledge() (git- fixes). * nilfs2: fix potential use after free innilfs_gccache_submit_read_data() (git-fixes). * nvme-fc: Prevent null pointer dereference in nvme_fc_io_getuuid() (bsc#1214842). * phy: mapphone-mdm6600: Fix pinctrl_pm handling for sleep pins (git-fixes). * phy: mapphone-mdm6600: Fix runtime disable on probe (git-fixes). * phy: mapphone-mdm6600: Fix runtime PM for remove (git-fixes). * pinctrl: avoid unsafe code pattern in find_pinctrl() (git-fixes). * pinctrl: renesas: rzn1: Enable missing PINMUX (git-fixes). * platform/surface: platform_profile: Propagate error if profile registration fails (git-fixes). * platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to 0x2e (git-fixes). * platform/x86: asus-wmi: Map 0x2a code, Ignore 0x2b and 0x2c events (git- fixes). * platform/x86: think-lmi: Fix reference leak (git-fixes). * platform/x86: touchscreen_dmi: Add info for the Positivo C4128B (git-fixes). * power: supply: ucs1002: fix error code in ucs1002_get_property() (git- fixes). * r8152: check budget for r8152_poll() (git-fixes). * RDMA/cma: Fix truncation compilation warning in make_cma_ports (git-fixes) * RDMA/cma: Initialize ib_sa_multicast structure to 0 when join (git-fixes) * RDMA/core: Require admin capabilities to set system parameters (git-fixes) * RDMA/cxgb4: Check skb value for failure to allocate (git-fixes) * RDMA/mlx5: Fix NULL string error (git-fixes) * RDMA/siw: Fix connection failure handling (git-fixes) * RDMA/srp: Do not call scsi_done() from srp_abort() (git-fixes) * RDMA/uverbs: Fix typo of sizeof argument (git-fixes) * regmap: fix NULL deref on lookup (git-fixes). * regmap: rbtree: Fix wrong register marked as in-cache when creating new node (git-fixes). * ring-buffer: Avoid softlockup in ring_buffer_resize() (git-fixes). * ring-buffer: Do not attempt to read past "commit" (git-fixes). * ring-buffer: Fix bytes info in per_cpu buffer stats (git-fixes). * ring-buffer: Update "shortest_full" in polling (git-fixes). * s390: add z16 elf platform(git-fixes LTC#203789 bsc#1215956 LTC#203788 bsc#1215957). * s390/cio: fix a memleak in css_alloc_subchannel (git-fixes bsc#1216510). * s390/pci: fix iommu bitmap allocation (git-fixes bsc#1216511). * sched/cpuset: Bring back cpuset_mutex (bsc#1215955). * sched/deadline,rt: Remove unused parameter from pick_next_[rt|dl]_entity() (git fixes (sched)). * sched/rt: Fix live lock between select_fallback_rq() and RT push (git fixes (sched)). * sched/rt: Fix sysctl_sched_rr_timeslice intial value (git fixes (sched)). * serial: 8250_port: Check IRQ data before use (git-fixes). * soc: imx8m: Enable OCOTP clock for imx8mm before reading registers (git- fixes). * spi: nxp-fspi: reset the FLSHxCR1 registers (git-fixes). * spi: stm32: add a delay before SPI disable (git-fixes). * spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain (git-fixes). * spi: sun6i: reduce DMA RX transfer width to single byte (git-fixes). * thunderbolt: Check that lane 1 is in CL0 before enabling lane bonding (git- fixes). * thunderbolt: Workaround an IOMMU fault on certain systems with Intel Maple Ridge (git-fixes). * tracing: Have current_trace inc the trace array ref count (git-fixes). * tracing: Have event inject files inc the trace array ref count (git-fixes). * tracing: Have option files inc the trace array ref count (git-fixes). * tracing: Have tracing_max_latency inc the trace array ref count (git-fixes). * tracing: Increase trace array ref count on enable and filter files (git- fixes). * tracing: Make trace_marker{,_raw} stream-like (git-fixes). * usb: cdnsp: Fixes issue with dequeuing not queued requests (git-fixes). * usb: dwc3: Soft reset phy on probe for host (git-fixes). * usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call (git- fixes). * usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes). * usb: musb: Get the musb_qh poniter after musb_giveback (git-fixes). * usb: musb: Modify the "HWVers"register address (git-fixes). * usb: serial: option: add entry for Sierra EM9191 with new firmware (git- fixes). * usb: serial: option: add Fibocom to DELL custom modem FM101R-GL (git-fixes). * usb: serial: option: add Telit LE910C4-WWX 0x1035 composition (git-fixes). * usb: typec: altmodes/displayport: Signal hpd low when exiting mode (git- fixes). * usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer (git-fixes). * vmbus_testing: fix wrong python syntax for integer value comparison (git- fixes). * vringh: do not use vringh_kiov_advance() in vringh_iov_xfer() (git-fixes). * watchdog: iTCO_wdt: No need to stop the timer in probe (git-fixes). * watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running (git-fixes). * wifi: cfg80211: avoid leaking stack data into trace (git-fixes). * wifi: cfg80211: Fix 6GHz scan configuration (git-fixes). * wifi: iwlwifi: dbg_ini: fix structure packing (git-fixes). * wifi: iwlwifi: Ensure ack flag is properly cleared (git-fixes). * wifi: iwlwifi: mvm: Fix a memory corruption issue (git-fixes). * wifi: mac80211: allow transmitting EAPOL frames with tainted key (git- fixes). * wifi: mt76: mt76x02: fix MT76x0 external LNA gain handling (git-fixes). * wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet (git- fixes). * wifi: mwifiex: Fix tlv_buf_left calculation (git-fixes). * wifi: mwifiex: Sanity check tlv_len and tlv_bitmap_len (git-fixes). * x86/cpu, kvm: Add the NO_NESTED_DATA_BP feature (bsc#1213772). * x86/cpu, kvm: Add the Null Selector Clears Base feature (bsc#1213772). * x86/cpu, kvm: Add the SMM_CTL MSR not present feature (bsc#1213772). * x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf (bsc#1213772). * x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled (bsc#1213772). * x86/cpu: Support AMD Automatic IBRS (bsc#1213772). * x86/sev: Check for user-space IOIO pointing to kernel space (bsc#1212649). * x86/sev: Check IOBM for IOIOexceptions from user-space (bsc#1212649). * x86/sev: Disable MMIO emulation from user mode (bsc#1212649). * xen-netback: use default TX queue size for vifs (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4378=1 SUSE-2023-4378=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2023-4378=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2023-4378=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-4378=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-4378=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-4378=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-4378=1 * Basesystem Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-4378=1 * Development Tools Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-4378=1 * Legacy Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-4378=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-4378=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-4378=1 * SUSE Linux Enterprise Workstation Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-4378=1 ## Package List: * openSUSE Leap 15.4 (noarch nosrc) *kernel-docs-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (noarch) * kernel-devel-5.14.21-150400.24.97.1 * kernel-source-5.14.21-150400.24.97.1 * kernel-source-vanilla-5.14.21-150400.24.97.1 * kernel-macros-5.14.21-150400.24.97.1 * kernel-docs-html-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-debuginfo-5.14.21-150400.24.97.1 * kernel-debug-devel-5.14.21-150400.24.97.1 * kernel-debug-debugsource-5.14.21-150400.24.97.1 * kernel-debug-livepatch-devel-5.14.21-150400.24.97.1 * kernel-debug-devel-debuginfo-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debuginfo-5.14.21-150400.24.97.1 * kernel-default-base-5.14.21-150400.24.97.1.150400.24.44.2 * kernel-default-base-rebuild-5.14.21-150400.24.97.1.150400.24.44.2 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.97.1 * kernel-kvmsmall-devel-5.14.21-150400.24.97.1 * kernel-kvmsmall-debugsource-5.14.21-150400.24.97.1 * kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.97.1 * dlm-kmp-default-5.14.21-150400.24.97.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.97.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.97.1 * gfs2-kmp-default-5.14.21-150400.24.97.1 * kernel-default-extra-5.14.21-150400.24.97.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.97.1 * kernel-obs-qa-5.14.21-150400.24.97.1 * cluster-md-kmp-default-5.14.21-150400.24.97.1 * kernel-default-devel-5.14.21-150400.24.97.1 * kernel-obs-build-debugsource-5.14.21-150400.24.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.97.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-livepatch-devel-5.14.21-150400.24.97.1 *kernel-default-optional-debuginfo-5.14.21-150400.24.97.1 * ocfs2-kmp-default-5.14.21-150400.24.97.1 * kernel-syms-5.14.21-150400.24.97.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.97.1 * reiserfs-kmp-default-5.14.21-150400.24.97.1 * kernel-default-debugsource-5.14.21-150400.24.97.1 * kernel-default-optional-5.14.21-150400.24.97.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-livepatch-5.14.21-150400.24.97.1 * kselftests-kmp-default-5.14.21-150400.24.97.1 * kernel-obs-build-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_20-debugsource-1-150400.9.3.2 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-1-150400.9.3.2 * kernel-livepatch-5_14_21-150400_24_97-default-1-150400.9.3.2 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.97.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (aarch64) * kernel-64kb-extra-5.14.21-150400.24.97.1 * dtb-xilinx-5.14.21-150400.24.97.1 * dtb-socionext-5.14.21-150400.24.97.1 * ocfs2-kmp-64kb-5.14.21-150400.24.97.1 * dtb-sprd-5.14.21-150400.24.97.1 * dlm-kmp-64kb-5.14.21-150400.24.97.1 * dtb-allwinner-5.14.21-150400.24.97.1 * reiserfs-kmp-64kb-5.14.21-150400.24.97.1 * dtb-amd-5.14.21-150400.24.97.1 * dtb-exynos-5.14.21-150400.24.97.1 * dtb-mediatek-5.14.21-150400.24.97.1 * dtb-arm-5.14.21-150400.24.97.1 * dtb-altera-5.14.21-150400.24.97.1 * dtb-lg-5.14.21-150400.24.97.1 * dtb-renesas-5.14.21-150400.24.97.1 * dtb-freescale-5.14.21-150400.24.97.1 *kernel-64kb-debuginfo-5.14.21-150400.24.97.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.97.1 * dtb-qcom-5.14.21-150400.24.97.1 * dtb-marvell-5.14.21-150400.24.97.1 * dtb-cavium-5.14.21-150400.24.97.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.97.1 * gfs2-kmp-64kb-5.14.21-150400.24.97.1 * kernel-64kb-optional-5.14.21-150400.24.97.1 * cluster-md-kmp-64kb-5.14.21-150400.24.97.1 * dtb-apm-5.14.21-150400.24.97.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.97.1 * kernel-64kb-livepatch-devel-5.14.21-150400.24.97.1 * dtb-rockchip-5.14.21-150400.24.97.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.97.1 * dtb-hisilicon-5.14.21-150400.24.97.1 * dtb-amlogic-5.14.21-150400.24.97.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.97.1 * dtb-amazon-5.14.21-150400.24.97.1 * kselftests-kmp-64kb-5.14.21-150400.24.97.1 * dtb-apple-5.14.21-150400.24.97.1 * dtb-nvidia-5.14.21-150400.24.97.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.97.1 * kernel-64kb-devel-5.14.21-150400.24.97.1 * dtb-broadcom-5.14.21-150400.24.97.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.97.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.97.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.97.1 * kernel-64kb-debugsource-5.14.21-150400.24.97.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.97.1 * openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.97.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * kernel-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-base-5.14.21-150400.24.97.1.150400.24.44.2 * kernel-default-debugsource-5.14.21-150400.24.97.1 * openSUSE Leap Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.97.1 * openSUSE Leap Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.97.1.150400.24.44.2 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) *kernel-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-debugsource-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.97.1.150400.24.44.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-debugsource-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.97.1.150400.24.44.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-debugsource-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.97.1.150400.24.44.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-debugsource-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.97.1.150400.24.44.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-debugsource-5.14.21-150400.24.97.1 * Basesystem Module 15-SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.97.1 * Basesystem Module 15-SP4 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150400.24.97.1 * kernel-64kb-debugsource-5.14.21-150400.24.97.1 * kernel-64kb-devel-5.14.21-150400.24.97.1 *kernel-64kb-debuginfo-5.14.21-150400.24.97.1 * Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.97.1 * Basesystem Module 15-SP4 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.97.1.150400.24.44.2 * Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150400.24.97.1 * kernel-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.97.1 * kernel-default-debugsource-5.14.21-150400.24.97.1 * Basesystem Module 15-SP4 (noarch) * kernel-macros-5.14.21-150400.24.97.1 * kernel-devel-5.14.21-150400.24.97.1 * Basesystem Module 15-SP4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.97.1 * Basesystem Module 15-SP4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.97.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.97.1 * Development Tools Module 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.97.1 * Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-5.14.21-150400.24.97.1 * kernel-syms-5.14.21-150400.24.97.1 * kernel-obs-build-5.14.21-150400.24.97.1 * Development Tools Module 15-SP4 (noarch) * kernel-source-5.14.21-150400.24.97.1 * Legacy Module 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.97.1 * Legacy Module 15-SP4 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-5.14.21-150400.24.97.1 * kernel-default-debuginfo-5.14.21-150400.24.97.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-debugsource-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-debugsource-5.14.21-150400.24.97.1 * kernel-default-livepatch-devel-5.14.21-150400.24.97.1 *kernel-default-livepatch-5.14.21-150400.24.97.1 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-1-150400.9.3.2 * kernel-livepatch-SLE15-SP4_Update_20-debugsource-1-150400.9.3.2 * kernel-livepatch-5_14_21-150400_24_97-default-1-150400.9.3.2 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.97.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-debuginfo-5.14.21-150400.24.97.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-debugsource-5.14.21-150400.24.97.1 * gfs2-kmp-default-5.14.21-150400.24.97.1 * ocfs2-kmp-default-5.14.21-150400.24.97.1 * cluster-md-kmp-default-5.14.21-150400.24.97.1 * dlm-kmp-default-5.14.21-150400.24.97.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.97.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Workstation Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.97.1 * SUSE Linux Enterprise Workstation Extension 15 SP4 (x86_64) * kernel-default-extra-5.14.21-150400.24.97.1 * kernel-default-debuginfo-5.14.21-150400.24.97.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.97.1 * kernel-default-debugsource-5.14.21-150400.24.97.1 ## References: * https://www.suse.com/security/cve/CVE-2023-2163.html * https://www.suse.com/security/cve/CVE-2023-31085.html * https://www.suse.com/security/cve/CVE-2023-34324.html * https://www.suse.com/security/cve/CVE-2023-3777.html * https://www.suse.com/security/cve/CVE-2023-39189.html * https://www.suse.com/security/cve/CVE-2023-39193.html * https://www.suse.com/security/cve/CVE-2023-5178.html * https://bugzilla.suse.com/show_bug.cgi?id=1208788 * https://bugzilla.suse.com/show_bug.cgi?id=1210778 * https://bugzilla.suse.com/show_bug.cgi?id=1211307 * https://bugzilla.suse.com/show_bug.cgi?id=1212423 *https://bugzilla.suse.com/show_bug.cgi?id=1212649 * https://bugzilla.suse.com/show_bug.cgi?id=1213705 * https://bugzilla.suse.com/show_bug.cgi?id=1213772 * https://bugzilla.suse.com/show_bug.cgi?id=1214842 * https://bugzilla.suse.com/show_bug.cgi?id=1215095 * https://bugzilla.suse.com/show_bug.cgi?id=1215104 * https://bugzilla.suse.com/show_bug.cgi?id=1215518 * https://bugzilla.suse.com/show_bug.cgi?id=1215955 * https://bugzilla.suse.com/show_bug.cgi?id=1215956 * https://bugzilla.suse.com/show_bug.cgi?id=1215957 * https://bugzilla.suse.com/show_bug.cgi?id=1215986 * https://bugzilla.suse.com/show_bug.cgi?id=1216062 * https://bugzilla.suse.com/show_bug.cgi?id=1216345 * https://bugzilla.suse.com/show_bug.cgi?id=1216510 * https://bugzilla.suse.com/show_bug.cgi?id=1216511 * https://bugzilla.suse.com/show_bug.cgi?id=1216512 * https://bugzilla.suse.com/show_bug.cgi?id=1216621 . Essential system patches for Ubuntu Linux. Tackling vulnerabilities and improving operational reliability.. SUSE Security Update, Kernel Patch, Linux Bug Fixes, Performance Enhancement. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 06, 2023 Important OpenSUSE
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycritical issueubuntu

Ubuntu 13.04 USN-1962-1 Critical: System Service Policy Bypass

ubuntu-system-service could be tricked into bypassing polkit authorizations.. =========================================================================Ubuntu Security Notice USN-1962-1 September 18, 2013 ubuntu-system-service vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 13.04 - Ubuntu 12.10 - Ubuntu 12.04 LTS Summary: ubuntu-system-service could be tricked into bypassing polkit authorizations. Software Description: - ubuntu-system-service: Dbus service to set various system-wide configurations Details: It was discovered that ubuntu-system-service was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 13.04: ubuntu-system-service 0.2.4.1 Ubuntu 12.10: ubuntu-system-service 0.2.3.1 Ubuntu 12.04 LTS: ubuntu-system-service 0.2.2.1 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-1962-1 CVE-2013-1062 Package Information: https://launchpad.net/ubuntu/+source/ubuntu-system-service/0.2.4.1 https://launchpad.net/ubuntu/+source/ubuntu-system-service/0.2.3.1 https://launchpad.net/ubuntu/+source/ubuntu-system-service/0.2.2.1 . Debian Security Notice DSN-4673-1 addresses an issue in debian-package-handler that enables unauthorized access to privileged functions.. ubuntu vulnerability, polkit exploit, local attacker threat. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 18, 2013 Critical Ubuntu
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here