Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE libyang Important Buffer Overflow Advisory 2026-2381-1

Calendar White Jun 12, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE HPLIP Severe Code Execution Denial of Service 2026-2380-1

Calendar White Jun 12, 2026
Critical
Suse Large Esm H900
SuSE

openSUSE HPLIP Critical Escalation DoS Advisory SUSE-2026-2380-1

Calendar White Jun 12, 2026
Critical
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.2 python-Pygments Low Denial of Service CVE-2026-4539

Calendar White Jun 12, 2026
Low
Ubuntu Large Esm H900
Ubuntu

Ubuntu 16.04 LTS GStreamer Base Plugins Critical DoS CVE-2026-2921

Calendar White Jun 12, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 12 Linux Base Update Brings Important Security Fix DLA-4628-1

Calendar White Jun 12, 2026
Informational
Debianlts Large Esm H800
Debian LTS

Debian 12 Kernel-Wedge Update for Linux 6.12 DLA-4627-1

Calendar White Jun 12, 2026
Informational
Opensuse Large Esm H900
openSUSE

openSUSE NetworkManager-libreswan Important Security Update CVE-2024-9050

Calendar White Jun 12, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Rclone Critical Security Update CVE-2026-25680 CVE-2026-25681

Calendar White Jun 12, 2026
Critical
Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":555,"type":"x","order":1,"pct":78.72,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.26,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.82,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.2,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag%201security advisorycriticalFedora

Fedora 37: 2022-9f51d13fa3 Critical: Xenstore Crash and Memory Issues

x86: Multiple speculative security issues [XSA-422, CVE-2022-23824] ---- x86: unintended memory sharing between guests [XSA-412, CVE-2022-42327] Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309] Xenstore: Guests can create orphaned Xenstore nodes [XSA-415, CVE-2022-42310] Xenstore: guests can let run xenstored out of memory [XSA-326, CVE-2022-42311, CVE-2022-42312,. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-9f51d13fa3 2022-11-24 01:24:26.774334 --------------------------------------------------------------------------------Name : xen Product : Fedora 37 Version : 4.16.2 Release : 4.fc37 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: x86: Multiple speculative security issues [XSA-422, CVE-2022-23824] ---- x86: unintended memory sharing between guests [XSA-412, CVE-2022-42327] Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309] Xenstore: Guests can create orphaned Xenstore nodes [XSA-415, CVE-2022-42310] Xenstore: guests can let run xenstored out of memory [XSA-326, CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318] Xenstore: Guests can cause Xenstore to not free temporary memory [XSA-416, CVE-2022-42319] Xenstore: Guests can get access to Xenstore nodes of deleted domains [XSA-417, CVE-2022-42320] Xenstore: Guests can crash xenstored via exhausting the stack [XSA-418, CVE-2022-42321] Xenstore: Cooperating guests can create arbitrary numbers of nodes [XSA-419, CVE-2022-42322, CVE-2022-42323] Oxenstored 32-> 31 bit integer truncation issues [XSA-420, CVE-2022-42324] Xenstore: Guests can create arbitrary numberof nodes via transactions [XSA-421, CVE-2022-42325, CVE-2022-42326] --------------------------------------------------------------------------------ChangeLog: * Tue Nov 8 2022 Michael Young - 4.16.2-4 - x86: Multiple speculative security issues [XSA-422, CVE-2022-23824] * Tue Nov 1 2022 Michael Young - 4.16.2-3 - x86: unintended memory sharing between guests [XSA-412, CVE-2022-42327] - Xenstore: Guests can crash xenstored [XSA-414, CVE-2022-42309] - Xenstore: Guests can create orphaned Xenstore nodes [XSA-415, CVE-2022-42310] - Xenstore: guests can let run xenstored out of memory [XSA-326, CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318] - Xenstore: Guests can cause Xenstore to not free temporary memory [XSA-416, CVE-2022-42319] - Xenstore: Guests can get access to Xenstore nodes of deleted domains [XSA-417, CVE-2022-42320] - Xenstore: Guests can crash xenstored via exhausting the stack [XSA-418, CVE-2022-42321] - Xenstore: Cooperating guests can create arbitrary numbers of nodes [XSA-419, CVE-2022-42322, CVE-2022-42323] - Oxenstored 32-> 31 bit integer truncation issues [XSA-420, CVE-2022-42324] - Xenstore: Guests can create arbitrary number of nodes via transactions [XSA-421, CVE-2022-42325, CVE-2022-42326] --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-9f51d13fa3' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe sendan email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The latest Xen security notice highlights various speculative vulnerabilities as well as risks associated with Xenstore within the Fedora ecosystem. Ensure you're informed!. Fedora Xen Security, Memory Sharing Issues, Xenstore Crash Threats. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Nov 23, 2022 Critical Fedora
100
Ls Advisories Suse Esm H240
Price Tag%201security advisorysecurity updateDoS

SUSE: 2022:3728-1 Important: Xen DoS and Memory Sharing Issues

An update that fixes 7 vulnerabilities is now available. . SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3728-1 Rating: important References: #1185104 #1200762 #1203806 #1203807 Cross-References: CVE-2021-28689 CVE-2022-26365 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33746 CVE-2022-33748 CVSS scores: CVE-2021-28689 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2021-28689 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2022-26365 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-26365 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2022-33740 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-33740 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2022-33741 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-33741 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2022-33742 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-33742 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2022-33746 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2022-33746 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H CVE-2022-33748 (NVD) : 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2022-33748 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit12-SP5 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for xen fixes the following issues: - CVE-2022-26365: Fixed issue where Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (bsc#1200762). - CVE-2022-33740: Fixed issue where Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (bsc#1200762). - CVE-2022-33741: Fixed issue where data residing in the same 4K page as data shared with a backend was being accessible by such backend (bsc#1200762). - CVE-2022-33742: Fixed issue where data residing in the same 4K page as data shared with a backend was being accessible by such backend (bsc#1200762). - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc#1203806). - CVE-2021-28689: Fixed speculative vulnerabilities with bare (non-shim) 32-bit PV guests (bsc#1185104). - CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-3728=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-3728=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 x86_64): xen-debugsource-4.12.4_28-3.77.1 xen-devel-4.12.4_28-3.77.1 - SUSE Linux Enterprise Server 12-SP5 (x86_64): xen-4.12.4_28-3.77.1 xen-debugsource-4.12.4_28-3.77.1 xen-doc-html-4.12.4_28-3.77.1 xen-libs-32bit-4.12.4_28-3.77.1 xen-libs-4.12.4_28-3.77.1 xen-libs-debuginfo-32bit-4.12.4_28-3.77.1 xen-libs-debuginfo-4.12.4_28-3.77.1 xen-tools-4.12.4_28-3.77.1 xen-tools-debuginfo-4.12.4_28-3.77.1 xen-tools-domU-4.12.4_28-3.77.1 xen-tools-domU-debuginfo-4.12.4_28-3.77.1 References: https://www.suse.com/security/cve/CVE-2021-28689.html https://www.suse.com/security/cve/CVE-2022-26365.html https://www.suse.com/security/cve/CVE-2022-33740.html https://www.suse.com/security/cve/CVE-2022-33741.html https://www.suse.com/security/cve/CVE-2022-33742.html https://www.suse.com/security/cve/CVE-2022-33746.html https://www.suse.com/security/cve/CVE-2022-33748.html https://bugzilla.suse.com/1185104 https://bugzilla.suse.com/1200762 https://bugzilla.suse.com/1203806 https://bugzilla.suse.com/1203807 . Canonical reveals a critical patch for OpenStack addressing 5 vulnerabilities related to remote access and data leakage risks.. SUSE Linux Update,xen Security Fix,DoS Vulnerability Patch,Memory Sharing Issues. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Oct 25, 2022 Important SuSE
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":555,"type":"x","order":1,"pct":78.72,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.26,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.82,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.2,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here