Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 9 articles for you...
172
security advisorydenial of servicecritical issueUbuntu 22.04 LTS USN-7320-1 critical: gpac denial of service
Several security issues were fixed in GPAC.. ========================================================================== Ubuntu Security Notice USN-7320-1 March 04, 2025 gpac vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in GPAC. Software Description: - gpac: GPAC Project on Advanced Content Details: It was discovered that the GPAC MP4Box utility incorrectly handled certain AC3 files, which could lead to an out-of-bounds read. A remote attacker could use this issue to cause MP4Box to crash, resulting in a denial of service (system crash). This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2023-5520, CVE-2024-0322) It was discovered that the GPAC MP4Box utility incorrectly handled certain malformed text files. If a user or automated system using MP4Box were tricked into opening a specially crafted RST file, an attacker could use this issue to cause a denial of service (system crash) or execute arbitrary code. (CVE-2024-0321) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS gpac 2.2.1+dfsg1-3.1ubuntu0.1~esm2 Available with Ubuntu Pro gpac-modules-base 2.2.1+dfsg1-3.1ubuntu0.1~esm2 Available with Ubuntu Pro libgpac12t64 2.2.1+dfsg1-3.1ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 22.04 LTS gpac 2.0.0+dfsg1-2ubuntu0.1~esm2 Available with Ubuntu Pro gpac-modules-base 2.0.0+dfsg1-2ubuntu0.1~esm2 Available with Ubuntu Pro libgpac11 2.0.0+dfsg1-2ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 20.04 LTS gpac 0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2 Available with Ubuntu Pro gpac-modules-base 0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2 Available with Ubuntu Pro libgpac4 0.5.2-426-gc5ad4e4+dfsg5-5ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS gpac 0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1 Available with Ubuntu Pro gpac-modules-base 0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1 Available with Ubuntu Pro libgpac4 0.5.2-426-gc5ad4e4+dfsg5-3ubuntu0.1+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS gpac 0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2 Available with Ubuntu Pro gpac-modules-base 0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2 Available with Ubuntu Pro libgpac4 0.5.2-426-gc5ad4e4+dfsg5-1ubuntu0.1+esm2 Available with Ubuntu Pro Ubuntu 14.04 LTS gpac 0.5.0+svn4288~dfsg1-4ubuntu1+esm2 Available with Ubuntu Pro gpac-modules-base 0.5.0+svn4288~dfsg1-4ubuntu1+esm2 Available with Ubuntu Pro libgpac2 0.5.0+svn4288~dfsg1-4ubuntu1+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7320-1 CVE-2023-5520,CVE-2024-0321, CVE-2024-0322 . Multiple vulnerability patches have been released for GPAC, impacting various Ubuntu LTS editions, essential for maintaining system integrity.. GPAC Security, Ubuntu Update, Security Fix, Denial of Service, System Stability. . Severity: Critical. LinuxSecurity.com Team
Mar 05, 2025
•Critical
Ubuntu
197
security advisoryupdateDebianDebian 11: DLA-3928-1 critical: ffmpeg DoS and code exec prevention
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3928-1
Oct 21, 2024
•Critical
Debian LTS
172
security advisorydenial of servicecode executionUbuntu 18.04 LTS: USN-6408-2 Critical: LibXpm Denial of Service
Several security issues were fixed in libXpm.. ========================================================================== Ubuntu Security Notice USN-6408-2 October 23, 2023 libxpm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in libXpm. Software Description: - libxpm: X11 pixmap library Details: USN-6408-1 fixed several vulnerabilities in libXpm. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to consume memory, leading to a denial of service. (CVE-2023-43786) Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could use this issue to cause libXpm to crash, leading to a denial of service, or possibly execute arbitrary code. (CVE-2023-43787) Alan Coopersmith discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were tricked into opening a specially crafted XPM image file, a remote attacker could possibly use this issue to cause libXpm to crash, leading to a denial of service. (CVE-2023-43788, CVE-2023-43789) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): libxpm4 1:3.5.12-1ubuntu0.18.04.2+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): libxpm4 1:3.5.11-1ubuntu0.16.04.1+esm2 Ubuntu 14.04 LTS (Available with Ubuntu Pro): libxpm4 1:3.5.10-1ubuntu0.1+esm2 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6408-2 https://ubuntu.com/security/notices/USN-6408-1 CVE-2023-43786, CVE-2023-43787, CVE-2023-43788, CVE-2023-43789 . Essential patch for Ubuntu targeting libXpm vulnerabilities, eliminating risks of Denial of Service and potential arbitrary code execution threats.. Ubuntu Security, LibXpm Fixes, Denial of Service, Software Updates, Image File Issues. . Severity: Critical. LinuxSecurity.com Team
Oct 23, 2023
•Critical
Ubuntu
172
security advisorydenial of serviceubuntuUbuntu 18.04 LTS: 5456-1 Critical: ImageMagick Crash Due To Malformed Files
ImageMagick could be made to crash if it opened a specially crafted file.. =========================================================================Ubuntu Security Notice USN-5456-1 June 01, 2022 imagemagick vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: ImageMagick could be made to crash if it opened a specially crafted file. Software Description: - imagemagick: Image manipulation programs and library Details: It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: imagemagick 8:6.9.7.4+dfsg-16ubuntu6.13 imagemagick-6-common 8:6.9.7.4+dfsg-16ubuntu6.13 imagemagick-common 8:6.9.7.4+dfsg-16ubuntu6.13 libmagick++-6.q16-7 8:6.9.7.4+dfsg-16ubuntu6.13 libmagick++-6.q16hdri-7 8:6.9.7.4+dfsg-16ubuntu6.13 libmagickcore-6.q16-3 8:6.9.7.4+dfsg-16ubuntu6.13 libmagickcore-6.q16hdri-3 8:6.9.7.4+dfsg-16ubuntu6.13 Ubuntu 16.04 ESM: imagemagick 8:6.8.9.9-7ubuntu5.16+esm3 imagemagick-6.q16 8:6.8.9.9-7ubuntu5.16+esm3 imagemagick-common 8:6.8.9.9-7ubuntu5.16+esm3 libmagick++-6.q16-5v5 8:6.8.9.9-7ubuntu5.16+esm3 libmagickcore-6.q16-2 8:6.8.9.9-7ubuntu5.16+esm3 Ubuntu 14.04 ESM: imagemagick 8:6.7.7.10-6ubuntu3.13+esm2 imagemagick-common 8:6.7.7.10-6ubuntu3.13+esm2 libmagick++5 8:6.7.7.10-6ubuntu3.13+esm2 libmagickcore5 8:6.7.7.10-6ubuntu3.13+esm2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5456-1 CVE-2022-28463 Package Information: https://launchpad.net/ubuntu/+source/imagemagick/8:6.9.7.4+dfsg-16ubuntu6.13 . Using ImageMagick on Ubuntu might lead to crashes when handling specifically constructed files. Make sure to update your system to prevent this issue.. ImageMagick Vulnerability, Denial Of Service, Ubuntu Security Notice. . Severity: Critical. LinuxSecurity.com Team
Jun 01, 2022
•Critical
Ubuntu
197
security advisorycriticalsoftware updateDebian 9 Stretch: DLA-2851-1 Critical: libextractor Malformed File Issue
Invalid read for malformed DVI files was fixed in GNU libextractor, a library that extracts meta-data from files of arbitrary type. For Debian 9 stretch, this problem has been fixed in version . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2851-1
Dec 26, 2021
•Critical
Debian LTS
172
security advisoryupdatecriticalUbuntu 21.04, 20.04 LTS: 5078-3 Critical: Squashfs-Tools File Overwrite
Squashfs-Tools could be made to overwrite files.. =========================================================================Ubuntu Security Notice USN-5078-3 October 13, 2021 squashfs-tools vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.04 - Ubuntu 20.04 LTS Summary: Squashfs-Tools could be made to overwrite files. Software Description: - squashfs-tools: Tools to create and modify squashfs filesystems Details: USN-5078-1 fixed a vulnerability in Squashfs-Tools. That update was incomplete and could still result in Squashfs-Tools mishandling certain malformed SQUASHFS files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Richard Weinberger discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: squashfs-tools 1:4.4-2ubuntu0.3 Ubuntu 20.04 LTS: squashfs-tools 1:4.4-1ubuntu0.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5078-3 https://ubuntu.com/security/notices/USN-5078-1 CVE-2021-41072 Package Information: https://launchpad.net/ubuntu/+source/squashfs-tools/1:4.4-2ubuntu0.3 https://launchpad.net/ubuntu/+source/squashfs-tools/1:4.4-1ubuntu0.3 . Severe squashfs-tools vulnerability puts Ubuntu users at risk of file replacement. Ensure your system is updated to safeguard against potential exploits.. Squashfs Tools Security, Ubuntu Critical Update, File Overwrite Risk. . Severity: Critical. LinuxSecurity.com Team
Oct 13, 2021
•Critical
Ubuntu
172
security advisoryupdatecriticalUbuntu 16.04 ESM USN-5078-2: Critical Squashfs-Tools File Overwrite
Squashfs-Tools could be made to overwrite files.. =========================================================================Ubuntu Security Notice USN-5078-2 September 15, 2021 squashfs-tools vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: Squashfs-Tools could be made to overwrite files. Software Description: - squashfs-tools: Tools to create and modify squashfs filesystems Details: USN-5078-1 fixed several vulnerabilities in Squashfs-Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. (CVE-2021-40153) Richard Weinberger discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. (CVE-2021-41072) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: squashfs-tools 1:4.3-3ubuntu2.16.04.3+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5078-2 https://ubuntu.com/security/notices/USN-5078-1 CVE-2021-40153, CVE-2021-41072 . Security Notice regarding Squashfs-Tools flaw for Ubuntu 16.04 ESM, released on September 15, 2021.. Squashfs-Tools, File Overwrite, Ubuntu Advisory. . Severity: Critical. LinuxSecurity.com Team
Sep 15, 2021
•Critical
Ubuntu
203
security advisorymoderateheap corruptionMageia: 2021-0187 Moderate: GStreamer Memory Access Threats
GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files (SA-2021-0002). GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files (SA-2021-0003). . MGASA-2021-0187 - Updated gstreamer1.0 packages fix security vulnerabilities Publication date: 15 Apr 2021 URL: https://advisories.mageia.org/MGASA-2021-0187.html Type: security Affected Mageia releases: 7, 8 GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files (SA-2021-0002). GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files (SA-2021-0003). GStreamer before 1.18.4 might do an out-of-bounds read when handling certain RealMedia files or streams (SA-2021-0004). GStreamer before 1.18.4 might cause stack corruptions with streams that have more than 64 audio channels (SA-2021-0005). It might be possible for a malicious third party to trigger a crash in the application, but possibly also an arbitrary code execution with the privileges of the target user. References: - https://bugs.mageia.org/show_bug.cgi?id=28685 - - - - - SRPMS: - 7/core/gstreamer1.0-libav-1.16.0-1.1.mga7 - 7/core/gstreamer1.0-plugins-good-1.16.0-1.1.mga7 - 7/core/gstreamer1.0-plugins-ugly-1.16.0-1.1.mga7 - 7/tainted/gstreamer1.0-plugins-ugly-1.16.0-1.1.mga7.tainted - 8/tainted/gstreamer1.0-plugins-ugly-1.18.3-1.1.mga8.tainted - 8/core/gstreamer1.0-libav-1.18.3-1.1.mga8 - 8/core/gstreamer1.0-plugins-good-1.18.3-1.2.mga8 - 8/core/gstreamer1.0-plugins-ugly-1.18.3-1.1.mga8 . Revised gstreamer1.0 packages address various security vulnerabilities in Mageia related to memory management and heap integrity.. GStreamer Security Update,Mageia 7 Security,Mageia 8 Security,Memory Access Issues,Heap Corruption. . Severity: Important. LinuxSecurity.com Team
Apr 15, 2021
•Important
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!