Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
202
security advisorymoderatesecurity issueopenSUSE Tumbleweed micropython Moderate Risk Fix CVE-2024-8947
An update that solves one vulnerability can now be installed.. # micropython-1.28.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10704-1 Rating: moderate Cross-References: * CVE-2024-8947 Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the micropython-1.28.0-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * micropython 1.28.0-2.1 * mpremote 1.28.0-2.1 * mpy-tools 1.28.0-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-8947.html . Update for openSUSE fixes moderate severity issue in micropython. Install to enhance system security.. openSUSE update, micropython security, moderate threat, system security, software patch. . LinuxSecurity.com Team
May 08, 2026
OpenSUSE
202
security advisorybug fixsegmentation faultopenSUSE MicroPython Minor Crash Warning for version 2026-20199-2
An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for micropython ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20199-1 Rating: low References: * bsc#1257803 Cross-References: * CVE-2026-1998 Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for micropython fixes the following issues: Changes in micropython: - CVE-2026-1998: Fixed segmentation fault in `mp_map_lookup` via `mp_import_all` (bsc#1257803). - Version 1.26.1 * esp32: update esp_tinyusb component to v1.7.6 * tools: add an environment variable MICROPY_MAINTAINER_BUILD * esp32: add IDF Component Lockfiles to git repo * shared/tinyusb: fix hang from new tx_overwritabe_if_not_connected flag * shared/tinyusb/mp_usbd_cdc: rewrite USB CDC TX loop * tools/mpremote: don't apply Espressif DTR/RTS quirk to TinyUSB CDC dev - Fix building on single core systems * Skip tests/thread/stress_schedule.py when single core system detected Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-122=1 Package List: - openSUSE Leap 16.0: micropython-1.26.1-bp160.1.1 mpremote-1.26.1-bp160.1.1 mpy-tools-1.26.1-bp160.1.1 References: * https://www.suse.com/security/cve/CVE-2026-1998.html . Install the latest openSUSE micropython update to resolve a segmentation fault issue and improve stability for users.. openSUSE, Micropython, Patch Update. . Severity: Low. LinuxSecurity.com Team
Feb 12, 2026
•Low
OpenSUSE
202
security advisorymoderatesecurity issueopenSUSE Tumbleweed micropython Moderate Security Update 2026-10156-1
An update that solves one vulnerability can now be installed.. # micropython-1.26.1-2.1 on GA media Announcement ID: openSUSE-SU-2026:10156-1 Rating: moderate Cross-References: * CVE-2026-1998 Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the micropython-1.26.1-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * micropython 1.26.1-2.1 * mpremote 1.26.1-2.1 * mpy-tools 1.26.1-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1998.html . Update available for openSUSE Tumbleweed micropython package addressing moderate severity security issue.. openSUSE Tumbleweed, micropython security fix, moderate risk update. . LinuxSecurity.com Team
Feb 07, 2026
OpenSUSE
202
security advisorymoderateupdateopenSUSE Leap 16.0: micropython Moderate Fix CVE-2025-59438
An update that solves one vulnerability can now be installed.. openSUSE security update: security update for micropython ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20035-1 Rating: moderate Cross-References: * CVE-2025-59438 CVSS scores: * CVE-2025-59438 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-59438 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability can now be installed. Description: This update for micropython fixes the following issues: Changes in micropython: - Build with mbedtls-3.6.5 instead of bundled 3.6.2 to fix CVE-2025-59438 Version 1.26.0: * Added machine.I2CTarget for creating I2C target devices on multiple ports. * New MCU support: STM32N6xx (800 MHz, ML accel) & ESP32-C2 (WiFi + BLE). * Major float accuracy boost (~28% \u2192 ~98%), constant folding in compiler. * Optimized native/Viper emitters; reduced heap use for slices. * Time functions standardized (1970\u20132099); new boards across ESP32, SAMD, STM32, Zephyr. * ESP32: ESP-IDF 5.4.2, flash auto-detect, PCNT class, LAN8670 PHY. * RP2: compressed errors, better lightsleep, hard IRQ timers. * Zephyr v4.0.0: PWM, SoftI2C/SPI, BLE runtime services, boot.py/main.py support. * mpremote adds fs tree, improved df, portable config paths. * Updated lwIP, LittleFS, libhydrogen, stm32lib; expanded hardware/CI tests. Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-17=1 Package List: - openSUSE Leap 16.0: micropython-1.26.0-bp160.1.1 mpremote-1.26.0-bp160.1.1 mpy-tools-1.26.0-bp160.1.1 References: *https://www.suse.com/security/cve/CVE-2025-59438.html . Install the security update for micropython on openSUSE Leap 16.0 to address CVE-2025-59438 with moderate severity.. openSUSE security, micropython update, CVE-2025-59438 fix, Linux security patch. . LinuxSecurity.com Team
Nov 12, 2025
OpenSUSE
172
security advisorydenial of servicebuffer overflowUbuntu 24.10 Security Notice 7472-1: Micropython Critical Update
Several security issues were fixed in micropython.. ========================================================================== Ubuntu Security Notice USN-7472-1 May 01, 2025 micropython vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in micropython. Software Description: - micropython: Implementation of Python 3.x on microcontrollers and small embedded systems. Details: Junwha Hong and Wonil Jang discovered that Micropython incorrectly handled the length of a buffer in mp_vfs_umount, leading to a heap-based buffer overflow vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2024-8946) Junwha Hong and Wonil Jang discovered that Micropython incorrectly handled memory, leading to a use-after-free vulnerability under certain circumstances. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2024-8947) It was discovered that Middleware USB Host MCU Component incorrectly handled memory, leading to a buffer overflow vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2021-42553) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 micropython 1.22.1+ds-1ubuntu0.24.10.1 Ubuntu 24.04 LTS micropython 1.22.1+ds-1ubuntu0.24.04.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS micropython 1.17+ds-1.1ubuntu2+esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS micropython 1.12-1ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7472-1 CVE-2021-42553, CVE-2024-8946, CVE-2024-8947 Package Information: https://launchpad.net/ubuntu/+source/micropython/1.22.1+ds-1ubuntu0.24.10.1 . Examining resolved vulnerabilities in Micropython for Ubuntu provides essential insights into its security and stability, highlighting past issues like buffer overflows and memory management. Ubuntu Micropython security, buffer overflow risks, memory vulnerabilities, security issues. . Severity: Critical. LinuxSecurity.com Team
May 01, 2025
•Critical
Ubuntu
89
security advisorybuffer overflowFedoraFedora 40 FEDORA-2024-f9ca680ecd critical: micropython buffer overflow
Update to 1.23.0. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-f9ca680ecd 2024-10-31 02:14:30.974656 -------------------------------------------------------------------------------- Name : micropython Product : Fedora 40 Version : 1.23.0 Release : 1.fc40 URL : http://micropython.org/ Summary : Implementation of Python 3 with very low memory footprint Description : Implementation of Python 3 with very low memory footprint -------------------------------------------------------------------------------- Update Information: Update to 1.23.0 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 17 2024 Charalampos Stratakis - 1.23.0-1 - Update to 1.23.0 - Security fixes for CVE-2024-8946, CVE-2024-8947, CVE-2024-8948 Resolves: rhbz#2312926, rhbz#2312923, rhbz#2312921 * Thu Jul 18 2024 Fedora Release Engineering - 1.22.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2312921 - CVE-2024-8948 micropython: heap buffer overflow via int_to_bytes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2312921 [ 2 ] Bug #2312923 - CVE-2024-8947 micropython: use after free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2312923 [ 3 ] Bug #2312926 - CVE-2024-8946 micropython: heap buffer overflow via mp_vfs_umount [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2312926 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-f9ca680ecd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label Allpackages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Oct 31, 2024
•Critical
Fedora
89
security advisorybuffer overflowFedoraFedora 39 - FEDORA-2024-9c81ad492a critical: micropython buffer issues
Update to 1.23.0. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-9c81ad492a 2024-10-31 01:38:05.886410 -------------------------------------------------------------------------------- Name : micropython Product : Fedora 39 Version : 1.23.0 Release : 1.fc39 URL : http://micropython.org/ Summary : Implementation of Python 3 with very low memory footprint Description : Implementation of Python 3 with very low memory footprint -------------------------------------------------------------------------------- Update Information: Update to 1.23.0 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 17 2024 Charalampos Stratakis - 1.23.0-1 - Update to 1.23.0 - Security fixes for CVE-2024-8946, CVE-2024-8947, CVE-2024-8948 Resolves: rhbz#2312926, rhbz#2312923, rhbz#2312921 * Thu Jul 18 2024 Fedora Release Engineering - 1.22.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2312921 - CVE-2024-8948 micropython: heap buffer overflow via int_to_bytes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2312921 [ 2 ] Bug #2312923 - CVE-2024-8947 micropython: use after free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2312923 [ 3 ] Bug #2312926 - CVE-2024-8946 micropython: heap buffer overflow via mp_vfs_umount [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2312926 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-9c81ad492a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label Allpackages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Oct 31, 2024
•Critical
Fedora
89
security advisoryupdatebuffer overflowFedora 41: FEDORA-2024-cd5c1dfa94 critical: micropython buffer overflow
Update to 1.23.0. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-cd5c1dfa94 2024-10-31 01:36:34.225938 -------------------------------------------------------------------------------- Name : micropython Product : Fedora 41 Version : 1.23.0 Release : 1.fc41 URL : http://micropython.org/ Summary : Implementation of Python 3 with very low memory footprint Description : Implementation of Python 3 with very low memory footprint -------------------------------------------------------------------------------- Update Information: Update to 1.23.0 -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 17 2024 Charalampos Stratakis - 1.23.0-1 - Update to 1.23.0 - Security fixes for CVE-2024-8946, CVE-2024-8947, CVE-2024-8948 Resolves: rhbz#2312926, rhbz#2312923, rhbz#2312921 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2312921 - CVE-2024-8948 micropython: heap buffer overflow via int_to_bytes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2312921 [ 2 ] Bug #2312923 - CVE-2024-8947 micropython: use after free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2312923 [ 3 ] Bug #2312926 - CVE-2024-8946 micropython: heap buffer overflow via mp_vfs_umount [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2312926 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-cd5c1dfa94' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Oct 31, 2024
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!