Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicegentoo

Gentoo: GLSA-202011-17 Low: MIT Kerberos 5 Denial Of Service

A vulnerability in MIT Kerberos 5 could lead to a Denial of Service condition.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202011-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: MIT Kerberos 5: Denial of service Date: November 16, 2020 Bugs: #753281 ID: 202011-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in MIT Kerberos 5 could lead to a Denial of Service condition. Background ========= The MIT Kerberos 5 implementation provides a command line telnet client which is used for remote login via the telnet protocol. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-crypt/mit-krb5 < 1.18.2-r2 > = 1.18.2-r2 Description ========== It was discovered that MIT Kerberos network authentication system, krb5, did not properly handle ASN.1-encoded Kerberos messages. Impact ===== A remote attacker could send a specially crafted Kerberos message, possibly resulting in a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All MIT Kerberos 5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-crypt/mit-krb5-1.18.2-r2" References ========= [ 1 ] CVE-2020-28196 https://nvd.nist.gov/vuln/detail/CVE-2020-28196 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202011-17 Concerns? ======== Security is a primaryfocus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . An announcement from Gentoo highlights a minor vulnerability in MIT Kerberos 5 that could lead to a denial of service. Users are advised to update for enhanced security.. Gentoo Advisory, MIT Kerberos, Denial of Service, Security Issue. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Nov 15, 2020 Low Gentoo
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicecode execution

Gentoo: GLSA-201312-12 Normal: MIT Kerberos 5 Code Execution Risks

Multiple vulnerabilities have been discovered in MIT Kerberos 5, allowing execution of arbitrary code or Denial of Service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201312-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: MIT Kerberos 5: Multiple vulnerabilities Date: December 16, 2013 Bugs: #429324, #466268, #469752, #490668, #494062, #494064 ID: 201312-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been discovered in MIT Kerberos 5, allowing execution of arbitrary code or Denial of Service. Background ========= MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-crypt/mit-krb5 < 1.11.4 > = 1.11.4 Description ========== Multiple vulnerabilities have been discovered in the Key Distribution Center in MIT Kerberos 5. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker could send a specially crafted request, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Additionally, a remote attacker could impersonate a kadmind server and send a specially crafted packet to the password change port, which can result in a ping-pong condition and a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All MIT Kerberos 5 users should upgrade to the latestversion: # emerge --sync # emerge --ask --oneshot --verbose "> =app-crypt/mit-krb5-1.11.4" References ========= [ 1 ] CVE-2002-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2002-2443 [ 2 ] CVE-2012-1014 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1014 [ 3 ] CVE-2012-1015 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1015 [ 4 ] CVE-2013-1416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1416 [ 5 ] CVE-2013-1417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1417 [ 6 ] CVE-2013-1418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1418 [ 7 ] CVE-2013-6800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6800 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201312-12 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Investigate multiple weaknesses in Gentoo's MIT Kerberos 5 which pose risks to both system integrity and security. Essential patches available.. Gentoo Linux, MIT Kerberos, Code Risks, System Security, Software Updates. . LinuxSecurity.com Team

Calendar 2 Dec 16, 2013 Gentoo
Banner 2 1028x280 1708121730 1 1771599631
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitygentoo

Gentoo: 201201-13 High: MIT Kerberos 5 Remote Code Execution

Multiple vulnerabilities have been found in MIT Kerberos 5, the most severe of which may allow remote execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: MIT Kerberos 5: Multiple vulnerabilities Date: January 23, 2012 Bugs: #303723, #308021, #321935, #323525, #339866, #347369, #352859, #359129, #363507, #387585, #393429 ID: 201201-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in MIT Kerberos 5, the most severe of which may allow remote execution of arbitrary code. Background ========= MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-crypt/mit-krb5 < 1.9.2-r1 > = 1.9.2-r1 Description ========== Multiple vulnerabilities have been discovered in MIT Kerberos 5. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker may be able to execute arbitrary code with the privileges of the administration daemon or the Key Distribution Center (KDC) daemon, cause a Denial of Service condition, or possibly obtain sensitive information. Furthermore, a remote attacker may be able to spoof Kerberos authorization, modify KDC responses, forge user data messages, forge tokens, forge signatures, impersonate a client, modify user-visible prompt text, or have other unspecifiedimpact. Workaround ========= There is no known workaround at this time. Resolution ========= All MIT Kerberos 5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-crypt/mit-krb5-1.9.2-r1" References ========= [ 1 ] CVE-2009-3295 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3295 [ 2 ] CVE-2009-4212 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4212 [ 3 ] CVE-2010-0283 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0283 [ 4 ] CVE-2010-0629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0629 [ 5 ] CVE-2010-1320 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1320 [ 6 ] CVE-2010-1321 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1321 [ 7 ] CVE-2010-1322 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1322 [ 8 ] CVE-2010-1323 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1323 [ 9 ] CVE-2010-1324 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1324 [ 10 ] CVE-2010-4020 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4020 [ 11 ] CVE-2010-4021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4021 [ 12 ] CVE-2010-4022 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4022 [ 13 ] CVE-2011-0281 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0281 [ 14 ] CVE-2011-0282 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0282 [ 15 ] CVE-2011-0283 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0283 [ 16 ] CVE-2011-0284 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0284 [ 17 ] CVE-2011-0285 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0285 [ 18 ] CVE-2011-1527 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1527 [ 19 ] CVE-2011-1528 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1528 [ 20 ] CVE-2011-1529 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1529 [ 21 ] CVE-2011-1530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1530 [ 22 ] CVE-2011-4151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4151 Availability =========== This GLSA and any updates to it areavailable for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201201-13 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Serious security flaws detected in the MIT Kerberos 5 system enable remote exploitation and additional risks for users of Gentoo.. MIT Kerberos, Gentoo Security, Remote Execution, Threat Management, Software Issues. . LinuxSecurity.com Team

Calendar 2 Jan 23, 2012 Gentoo
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitysecurity issue

Gentoo: GLSA-200709-01 High: MIT Kerberos 5 Remote Code Execution

Two vulnerabilites have been found in MIT Kerberos 5, which could allow a remote unauthenticated user to execute arbitrary code with root privileges. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200709-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: MIT Kerberos 5: Multiple vulnerabilities Date: September 11, 2007 Bugs: #191301 ID: 200709-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Two vulnerabilites have been found in MIT Kerberos 5, which could allow a remote unauthenticated user to execute arbitrary code with root privileges. Background ========= MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-crypt/mit-krb5 < 1.5.3-r1 > = 1.5.3-r1 Description ========== A stack buffer overflow (CVE-2007-3999) has been reported in svcauth_gss_validate() of the RPC library of kadmind. Another vulnerability (CVE-2007-4000) has been found in kadm5_modify_policy_internal(), which does not check the return values of krb5_db_get_policy() correctly. Impact ===== The RPC related vulnerability can be exploited by a remote unauthenticated attacker to execute arbitrary code with root privileges on the host running kadmind. The second vulnerability requires the remote attacker to be authenticated and to have "modify policy" privileges. It could then also allow for the remote execution of arbitrarycode. Workaround ========= There is no known workaround at this time. Resolution ========= All MIT Kerberos 5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-crypt/mit-krb5-1.5.3-r1" References ========= [ 1 ] CVE-2007-3999 https://www.cve.org/CVERecord?id=CVE-2007-3999 [ 2 ] CVE-2007-4000 https://www.cve.org/CVERecord?id=CVE-2007-4000 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200709-01 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo GLSA 202107-01 outlines several vulnerabilities in MIT Kerberos 5 that could lead to remote code execution, classified with a high severity level.. Gentoo Linux, MIT Kerberos, Remote Attack, Security Advisory, Code Execution. . LinuxSecurity.com Team

Calendar 2 Sep 11, 2007 Gentoo
Banner 2 1028x280 1708121730 1 1771599631
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoohigh

Gentoo: GLSA-202305-12 Critical: OpenSSH Config Weakness Vulnerability

Some applications shipped with MIT Kerberos 5 are vulnerable to local privilege escalation.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200608-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: MIT Kerberos 5: Multiple local privilege escalation vulnerabilities Date: August 10, 2006 Bugs: #143240 ID: 200608-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Some applications shipped with MIT Kerberos 5 are vulnerable to local privilege escalation. Background ========= MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-crypt/mit-krb5 < 1.4.3-r3 > = 1.4.3-r3 Description ========== Unchecked calls to setuid() in krshd and v4rcp, as well as unchecked calls to seteuid() in kftpd and in ksu, have been found in the MIT Kerberos 5 program suite and may lead to a local root privilege escalation. Impact ===== A local attacker could exploit this vulnerability to execute arbitrary code with elevated privileges. Workaround ========= There is no known workaround at this time. Resolution ========= All MIT Kerberos 5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-crypt/mit-krb5-1.4.3-r3" References ========= [ 1 ] CVE-2006-3083 https://www.cve.org/CVERecord?id=CVE-2006-3083 [ 2 ] CVE-2006-3084 https://www.cve.org/CVERecord?id=CVE-2006-3084 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200608-15 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Adviso. applications, shipped, kerberos, vulnerable, local, privilege, escalation. . LinuxSecurity.com Team

Calendar 2 Aug 10, 2006 Gentoo
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here