Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -1 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryupdatepatch

SUSE: 2022:4260-1 Important: Busybox Module Loading Issue

An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for busybox ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:4260-1 Rating: important References: #1099260 #914660 Cross-References: CVE-2014-9645 CVE-2018-1000517 CVSS scores: CVE-2014-9645 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2018-1000517 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-1000517 (SUSE): 5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Enterprise Storage 7.1 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server for SAP 15-SP1 SUSE LinuxEnterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for busybox fixes the following issues: - CVE-2014-9645: Fixed loading of unwanted module with / in module names (bsc#914660). - Enable switch_root With this change virtme --force-initramfs works as expected. - Enable udhcpc Update to 1.35.0: - awk: fix printf %%, fix read beyond end of buffer - Adjust busybox.config for new features in find, date and cpio - chrt: silence analyzer warning - libarchive: remove duplicate forward declaration - mount: "mount -o rw ...." should not fall back to RO mount - ps: fix -o pid=PID,args interpreting entire "PID,args" as header - tar: prevent malicious archives with long name sizes causing OOM - udhcpc6: fix udhcp_find_option to actually find DHCP6 options - xxd: fix -p -r - support for new optoins added to basename, cpio, date, find, mktemp, wget and others - Adjust busybox.config for new features in find, date and cpio Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-4260=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4260=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patchSUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4260=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4260=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4260=1 - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4260=1 - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4260=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4260=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4260=1 - SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4260=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4260=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4260=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4260=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4260=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4260=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4260=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4260=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4260=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patchSUSE-SLE-Product-HPC-15-2022-4260=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-4260=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-4260=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Manager Server 4.1 (ppc64le s390x x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Manager Proxy 4.1 (x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): busybox-1.35.0-150000.4.14.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): busybox-1.35.0-150000.4.14.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): busybox-1.35.0-150000.4.14.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): busybox-1.35.0-150000.4.14.1 - SUSE Enterprise Storage 7 (aarch64 x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 - SUSE CaaS Platform 4.0 (x86_64): busybox-1.35.0-150000.4.14.1 busybox-static-1.35.0-150000.4.14.1 References: https://www.suse.com/security/cve/CVE-2014-9645.html https://www.suse.com/security/cve/CVE-2018-1000517.html https://bugzilla.suse.com/1099260 https://bugzilla.suse.com/914660 . SUSE has announced a vital security update for BusyBox, impacting several embedded Linux environments, emphasizing immediate patch application for users to enhance system safety. busybox Update, SUSE Security Patch, Important Security Fix, Module Loading Issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 28, 2022 Important SuSE
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycode executionlocal attack

Ubuntu: 4451-1 Critical: ppp Arbitrary Module Loading Issue

ppp could be made to load arbitrary kernel modules and possibly run programs.. =========================================================================Ubuntu Security Notice USN-4451-1 August 04, 2020 ppp vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: ppp could be made to load arbitrary kernel modules and possibly run programs. Software Description: - ppp: Point-to-Point Protocol (PPP) Details: Thomas Chauchefoin discovered that ppp incorrectly handled module loading. A local attacker could use this issue to load arbitrary kernel modules and possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: ppp 2.4.7-2+4.1ubuntu5.1 Ubuntu 18.04 LTS: ppp 2.4.7-2+2ubuntu1.3 Ubuntu 16.04 LTS: ppp 2.4.7-1+2ubuntu1.16.04.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4451-1 CVE-2020-15704 Package Information: https://launchpad.net/ubuntu/+source/ppp/2.4.7-2+4.1ubuntu5.1 https://launchpad.net/ubuntu/+source/ppp/2.4.7-2+2ubuntu1.3 https://launchpad.net/ubuntu/+source/ppp/2.4.7-1+2ubuntu1.16.04.3 . Ubuntu Security Notice USN-4451-2 informs users about a critical vulnerability in ppp that may enable unauthorized loading of modules.. ubuntu security, ppp module, security warning, kernel module issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 04, 2020 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdatecritical

Debian 8 DSA-3628-1 Critical: Perl Module Loading Threats

Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3628-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso July 25, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : perl CVE ID : CVE-2016-1238 CVE-2016-6185 Debian Bug : 829578 Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-1238 John Lightsey and Todd Rinaldo reported that the opportunistic loading of optional modules can make many programs unintentionally load code from the current working directory (which might be changed to another directory without the user realising) and potentially leading to privilege escalation, as demonstrated in Debian with certain combinations of installed packages. The problem relates to Perl loading modules from the includes directory array ("@INC") in which the last element is the current directory ("."). That means that, when "perl" wants to load a module (during first compilation or during lazy loading of a module in run- time), perl will look for the module in the current directory at the end, since '.' is the last include directory in its array of include directories to seek. The issue is with requiring libraries that are in "." but are not otherwise installed. With this update several modules which are known to be vulnerable are updated to not load modules from current directory. Additionally the update allows configurable removal of "." from @INC in /etc/perl/sitecustomize.pl for atransitional period. It is recommended to enable this setting if the possible breakage for a specific site has been evaluated. Problems in packages provided in Debian resulting from the switch to the removal of '.' from @INC should be reported to the Perl maintainers at This email address is being protected from spambots. You need JavaScript enabled to view it. . It is planned to switch to the default removal of '.' in @INC in a subsequent update to perl via a point release if possible, and in any case for the upcoming stable release Debian 9 (stretch). CVE-2016-6185 It was discovered that XSLoader, a core module from Perl to dynamically load C libraries into Perl code, could load shared library from incorrect location. XSLoader uses caller() information to locate the .so file to load. This can be incorrect if XSLoader::load() is called in a string eval. An attacker can take advantage of this flaw to execute arbitrary code. For the stable distribution (jessie), these problems have been fixed in version 5.20.2-3+deb8u6. Additionally this update includes the following updated packages to address optional module loading vulnerabilities related to CVE-2016-1238, or to address build failures which occur when '.' is removed from @INC: - cdbs 0.4.130+deb8u1 - debhelper 9.20150101+deb8u2 - devscripts 2.15.3+deb8u1 - exim4 4.84.2-2+deb8u1 - libintl-perl 1.23-1+deb8u1 - libmime-charset-perl 1.011.1-1+deb8u2 - libmime-encwords-perl 1.014.3-1+deb8u1 - libmodule-build-perl 0.421000-2+deb8u1 - libnet-dns-perl 0.81-2+deb8u1 - libsys-syslog-perl 0.33-1+deb8u1 - libunicode-linebreak-perl 0.0.20140601-2+deb8u2 We recommend that you upgrade your perl packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Important security patch for Python in Debian tackles library loading vulnerabilities and possible code execution threats.. DebianSecurity, Perl Update, Module Loading Risks, Code Execution. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 25, 2016 Critical Debian
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderateprivilege escalation

Scientific Linux: 2011-07-25 Moderate: SystemTap Privilege Escalation Risk

Moderate: systemtap security update. Date: Tue, 30 Aug 2011 11:46:31 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: systemtap on SL5.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." MIME-Version: 1.0 Synopsis: Moderate: systemtap security update Issue date: 2011-07-25 CVE Names: CVE-2011-2503 SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. (CVE-2011-2503) SystemTap users should upgrade to these updated packages, which contain a backported patch to correct this issue SL 5.x SRPMS: systemtap-1.3-9.el5.src.rpm i386: systemtap-1.3-9.el5.i386.rpm systemtap-client-1.3-9.el5.i386.rpm systemtap-initscript-1.3-9.el5.i386.rpm systemtap-runtime-1.3-9.el5.i386.rpm systemtap-sdt-devel-1.3-9.el5.i386.rpm systemtap-server-1.3-9.el5.i386.rpm systemtap-testsuite-1.3-9.el5.i386.rpm x86_64: systemtap-1.3-9.el5.x86_64.rpm systemtap-client-1.3-9.el5.x86_64.rpm systemtap-initscript-1.3-9.el5.x86_64.rpm systemtap-runtime-1.3-9.el5.x86_64.rpm systemtap-sdt-devel-1.3-9.el5.i386.rpm systemtap-sdt-devel-1.3-9.el5.x86_64.rpm systemtap-server-1.3-9.el5.x86_64.rpm systemtap-testsuite-1.3-9.el5.x86_64.rpm - Scientific Linux Development Team lastline . Unveil a noteworthy security patch for SystemTap on Scientific Linux that rectifies a significant race condition vulnerability.. Security Advisory, SystemTap Update, Linux Kernel Threats, Scientific Linux Security. . LinuxSecurity.com Team

Calendar 2 Aug 30, 2011 Scientific Linux
Banner 3 1028x280 1708121785 1771599793
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderateprivilege escalation

Scientific Linux: 2011-07-25 Moderate: SystemTap Module Security Issues

Moderate: systemtap security update. Date: Thu, 28 Jul 2011 14:58:45 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: systemtap on SL6.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." MIME-Version: 1.0 Synopsis: Moderate: systemtap security update Issue Date: 2011-07-25 CVE Numbers: CVE-2011-2502 CVE-2011-2503 SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing ("staprun -u"). A local user who is a member of the stapusr group could use this flaw to bypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module. (CVE-2011-2502) A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. (CVE-2011-2503) SystemTap users should upgrade to these updated packages, which contain backported patches to correct these issues. SL6: i386 systemtap-1.4-6.el6_1.2.i686.rpm systemtap-testsuite-1.4-6.el6_1.2.i686.rpm systemtap-server-1.4-6.el6_1.2.i686.rpm systemtap-sdt-devel-1.4-6.el6_1.2.i686.rpm systemtap-runtime-1.4-6.el6_1.2.i686.rpm systemtap-initscript-1.4-6.el6_1.2.i686.rpm systemtap-grapher-1.4-6.el6_1.2.i686.rpm systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-client-1.4-6.el6_1.2.i686.rpm x86_64 systemtap-server-1.4-6.el6_1.2.x86_64.rpm systemtap-sdt-devel-1.4-6.el6_1.2.x86_64.rpm systemtap-sdt-devel-1.4-6.el6_1.2.i686.rpm systemtap-runtime-1.4-6.el6_1.2.x86_64.rpm systemtap-initscript-1.4-6.el6_1.2.x86_64.rpm systemtap-grapher-1.4-6.el6_1.2.x86_64.rpm systemtap-debuginfo-1.4-6.el6_1.2.x86_64.rpm systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-client-1.4-6.el6_1.2.x86_64.rpm systemtap-1.4-6.el6_1.2.x86_64.rpm systemtap-testsuite-1.4-6.el6_1.2.x86_64.rpm - Scientific Linux Development Team . Systemtap's incremental improvements bolster protection for Scientific Linux enthusiasts by addressing potential escalation of privileges threats.. systemtap security update, scientific linux advisory, privilege escalation, moderate severity update. . LinuxSecurity.com Team

Calendar 2 Jul 28, 2011 Scientific Linux
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity update

Red Hat 6: RHSA-2011:1088-01 Moderate SystemTap Escalation Threat

Updated systemtap packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: systemtap security update Advisory ID: RHSA-2011:1088-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:1088.html Issue date: 2011-07-25 CVE Names: CVE-2011-2502 CVE-2011-2503 ==================================================================== 1. Summary: Updated systemtap packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing ("staprun -u"). A local user who is a member of the stapusr group could use this flaw tobypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module. (CVE-2011-2502) A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. (CVE-2011-2503) SystemTap users should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 716476 - CVE-2011-2502 systemtap: insufficient security check when loading uprobes kernel module 716489 - CVE-2011-2503 systemtap: signed module loading race condition 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: i386: systemtap-1.4-6.el6_1.2.i686.rpm systemtap-client-1.4-6.el6_1.2.i686.rpm systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-grapher-1.4-6.el6_1.2.i686.rpm systemtap-initscript-1.4-6.el6_1.2.i686.rpm systemtap-runtime-1.4-6.el6_1.2.i686.rpm x86_64: systemtap-1.4-6.el6_1.2.x86_64.rpm systemtap-client-1.4-6.el6_1.2.x86_64.rpm systemtap-debuginfo-1.4-6.el6_1.2.x86_64.rpm systemtap-grapher-1.4-6.el6_1.2.x86_64.rpm systemtap-initscript-1.4-6.el6_1.2.x86_64.rpm systemtap-runtime-1.4-6.el6_1.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v.6): Source: i386: systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-sdt-devel-1.4-6.el6_1.2.i686.rpm systemtap-server-1.4-6.el6_1.2.i686.rpm systemtap-testsuite-1.4-6.el6_1.2.i686.rpm x86_64: systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-debuginfo-1.4-6.el6_1.2.x86_64.rpm systemtap-sdt-devel-1.4-6.el6_1.2.i686.rpm systemtap-sdt-devel-1.4-6.el6_1.2.x86_64.rpm systemtap-server-1.4-6.el6_1.2.x86_64.rpm systemtap-testsuite-1.4-6.el6_1.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: systemtap-1.4-6.el6_1.2.x86_64.rpm systemtap-client-1.4-6.el6_1.2.x86_64.rpm systemtap-debuginfo-1.4-6.el6_1.2.x86_64.rpm systemtap-initscript-1.4-6.el6_1.2.x86_64.rpm systemtap-runtime-1.4-6.el6_1.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: x86_64: systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-debuginfo-1.4-6.el6_1.2.x86_64.rpm systemtap-grapher-1.4-6.el6_1.2.x86_64.rpm systemtap-sdt-devel-1.4-6.el6_1.2.i686.rpm systemtap-sdt-devel-1.4-6.el6_1.2.x86_64.rpm systemtap-server-1.4-6.el6_1.2.x86_64.rpm systemtap-testsuite-1.4-6.el6_1.2.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: i386: systemtap-1.4-6.el6_1.2.i686.rpm systemtap-client-1.4-6.el6_1.2.i686.rpm systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-grapher-1.4-6.el6_1.2.i686.rpm systemtap-initscript-1.4-6.el6_1.2.i686.rpm systemtap-runtime-1.4-6.el6_1.2.i686.rpm systemtap-sdt-devel-1.4-6.el6_1.2.i686.rpm systemtap-server-1.4-6.el6_1.2.i686.rpm ppc64: systemtap-1.4-6.el6_1.2.ppc64.rpm systemtap-client-1.4-6.el6_1.2.ppc64.rpm systemtap-debuginfo-1.4-6.el6_1.2.ppc.rpm systemtap-debuginfo-1.4-6.el6_1.2.ppc64.rpm systemtap-grapher-1.4-6.el6_1.2.ppc64.rpm systemtap-initscript-1.4-6.el6_1.2.ppc64.rpm systemtap-runtime-1.4-6.el6_1.2.ppc64.rpm systemtap-sdt-devel-1.4-6.el6_1.2.ppc.rpm systemtap-sdt-devel-1.4-6.el6_1.2.ppc64.rpm systemtap-server-1.4-6.el6_1.2.ppc64.rpm s390x: systemtap-1.4-6.el6_1.2.s390x.rpm systemtap-client-1.4-6.el6_1.2.s390x.rpm systemtap-debuginfo-1.4-6.el6_1.2.s390.rpm systemtap-debuginfo-1.4-6.el6_1.2.s390x.rpm systemtap-grapher-1.4-6.el6_1.2.s390x.rpm systemtap-initscript-1.4-6.el6_1.2.s390x.rpm systemtap-runtime-1.4-6.el6_1.2.s390x.rpm systemtap-sdt-devel-1.4-6.el6_1.2.s390.rpm systemtap-sdt-devel-1.4-6.el6_1.2.s390x.rpm systemtap-server-1.4-6.el6_1.2.s390x.rpm x86_64: systemtap-1.4-6.el6_1.2.x86_64.rpm systemtap-client-1.4-6.el6_1.2.x86_64.rpm systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-debuginfo-1.4-6.el6_1.2.x86_64.rpm systemtap-grapher-1.4-6.el6_1.2.x86_64.rpm systemtap-initscript-1.4-6.el6_1.2.x86_64.rpm systemtap-runtime-1.4-6.el6_1.2.x86_64.rpm systemtap-sdt-devel-1.4-6.el6_1.2.i686.rpm systemtap-sdt-devel-1.4-6.el6_1.2.x86_64.rpm systemtap-server-1.4-6.el6_1.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.6): Source: i386: systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-testsuite-1.4-6.el6_1.2.i686.rpm ppc64: systemtap-debuginfo-1.4-6.el6_1.2.ppc64.rpm systemtap-testsuite-1.4-6.el6_1.2.ppc64.rpm s390x: systemtap-debuginfo-1.4-6.el6_1.2.s390x.rpm systemtap-testsuite-1.4-6.el6_1.2.s390x.rpm x86_64: systemtap-debuginfo-1.4-6.el6_1.2.x86_64.rpm systemtap-testsuite-1.4-6.el6_1.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: systemtap-1.4-6.el6_1.2.i686.rpm systemtap-client-1.4-6.el6_1.2.i686.rpm systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-grapher-1.4-6.el6_1.2.i686.rpm systemtap-initscript-1.4-6.el6_1.2.i686.rpm systemtap-runtime-1.4-6.el6_1.2.i686.rpm systemtap-sdt-devel-1.4-6.el6_1.2.i686.rpm systemtap-server-1.4-6.el6_1.2.i686.rpm x86_64: systemtap-1.4-6.el6_1.2.x86_64.rpm systemtap-client-1.4-6.el6_1.2.x86_64.rpm systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-debuginfo-1.4-6.el6_1.2.x86_64.rpm systemtap-grapher-1.4-6.el6_1.2.x86_64.rpm systemtap-initscript-1.4-6.el6_1.2.x86_64.rpm systemtap-runtime-1.4-6.el6_1.2.x86_64.rpm systemtap-sdt-devel-1.4-6.el6_1.2.i686.rpm systemtap-sdt-devel-1.4-6.el6_1.2.x86_64.rpm systemtap-server-1.4-6.el6_1.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: i386: systemtap-debuginfo-1.4-6.el6_1.2.i686.rpm systemtap-testsuite-1.4-6.el6_1.2.i686.rpm x86_64: systemtap-debuginfo-1.4-6.el6_1.2.x86_64.rpm systemtap-testsuite-1.4-6.el6_1.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2011-2502 https://access.redhat.com/security/cve/CVE-2011-2503 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2011 Red Hat, Inc. . Essential system enhancement for SystemTapon Red Hat Enterprise Linux rectifying two critical security vulnerabilities.. SystemTap Update, Privilege Escalation, Red Hat Advisory, Module Loading. . LinuxSecurity.com Team

Calendar 2 Jul 25, 2011 Red Hat
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorasystem update

Fedora Core 3: Update 2004-11-08 Moderate: Hotplug Module Fix

This update fixes it so that the sg module gets loaded by hotplug for non-disk, non-optical devices.. --------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-367 2004-11-08 --------------------------------------------------------------------- Product : Fedora Core 3 Name : hotplug Version : 2004_04_01 Release : 8 Summary : A helper application which loads modules for USB devices. Description : The term "hotplugging" refers to the dynamic reconfiguration performed after a device has been attached to a running system. This package contains the application which is called by the kernel when a USB device is added; hotplug then loads the required modules for that device. --------------------------------------------------------------------- Update Information: This update fixes it so that the sg module gets loaded by hotplug for non-disk, non-optical devices. --------------------------------------------------------------------- * Thu Nov 04 2004 Bill Nottingham 3:2004_04_01-8 - load sg module for appropriate devices (#137592) --------------------------------------------------------------------- This update can be downloaded from: dcccdec03a3a86db98e48a4d94bc8751 SRPMS/hotplug-2004_04_01-8.src.rpm 826e6bad86d1fcc030701d321c0b5812 x86_64/hotplug-2004_04_01-8.x86_64.rpm ad866ccacec274ba35d2654045a12890 x86_64/debug/hotplug-debuginfo-2004_04_01-8.x86_64.rpm d5cf0effec6432194ed2d0c38f7f0c80 i386/hotplug-2004_04_01-8.i386.rpm b57486a22ccf173660e805e310b39017 i386/debug/hotplug-debuginfo-2004_04_01-8.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- . Corrects the sg module initialization for devices that are neither disk nor optical in the Fedora hotplug update dated 2004-11-08.. Fedora Update, Hotplug Issue, Linux Module Loading, Device Support. . Severity: Important.LinuxSecurity.com Team

Calendar 2 Nov 08, 2004 Important Fedora
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianlocal issue

Debian 3.0: DSA 580-1 Moderate: Iptables Module Load Problem

Faheem Mitha noticed that the iptables command, an administration tool for IPv4 packet filtering and NAT, did not always load the required modules on it own as it was supposed to.. -------------------------------------------------------------------------- Debian Security Advisory DSA 580-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze November 1st, 2004 Debian -- Debian security FAQ -------------------------------------------------------------------------- Package : iptables Vulnerability : missing initialisation Problem-Type : local Debian-specific: no CVE ID : CAN-2004-0986 Debian Bug : 219686 Faheem Mitha noticed that the iptables command, an administration tool for IPv4 packet filtering and NAT, did not always load the required modules on it own as it was supposed to. This could lead to firewall rules not being loaded on system startup. This caused a failure in connection with rules provided by lokkit at least. For the stable distribution (woody) this problem has been fixed in version 1.2.6a-5.0woody2. For the unstable distribution (sid) this problem has been fixed in version 1.2.11-4. We recommend that you upgrade your iptables package. Upgrade Instructions -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody -------------------------------- Source archives: Size/MD5 checksum: 639 03ce7ecd0cc462b0b0bef08d400f5a39 Size/MD5 checksum: 82136 6c6305ebf8da551d7cbdfc4fe1149d87 Size/MD5 checksum: 42231384aed37b27830c1a74ece6765db0c31c Alpha architecture: Size/MD5 checksum: 377404 4adc7c8e3b71d6732fe36a223d044fc7 Size/MD5 checksum: 110230 c0e0ecb43614186556adcd714e4d1272 ARM architecture: Size/MD5 checksum: 314110 8d0b4d2e6d7af1377cccf91898a7bda6 Size/MD5 checksum: 99130 aff30c9fc49fed3c4b21f418b43c4e65 Intel IA-32 architecture: Size/MD5 checksum: 287114 b0ff0f6ab787a136d7ef6f8819b04f96 Size/MD5 checksum: 96442 1c2d7ec853da4fdca2ca4e5bddd6740f Intel IA-64 architecture: Size/MD5 checksum: 446814 e9ea93b92e97a66164411be155b93598 Size/MD5 checksum: 116386 42deb79a474dd9d78bddfe723b4ee6c4 HP Precision architecture: Size/MD5 checksum: 345212 4866e88ca61f8ac2778cc3ce44d142ac Size/MD5 checksum: 95430 c60ef8c05e0c238d8ac7682626f3972d Motorola 680x0 architecture: Size/MD5 checksum: 289032 f7748d7e5cc9726b7142d918712abd6d Size/MD5 checksum: 91232 37e6e304f0b4ebf666c4ffc860253a73 Big endian MIPS architecture: Size/MD5 checksum: 326050 713a2efd308c98a3a48135664c7a385c Size/MD5 checksum: 106754 f44458bc89644ddb91a63caa498456ad Little endian MIPS architecture: Size/MD5 checksum: 327082 731e9de4f81d6ecc114c89b2c54e99c7 Size/MD5 checksum: 106898 25d89525b8d158f12eaaf2db6635fd14 PowerPC architecture: Size/MD5 checksum: 321422 a73bf7a5f4696a44abe4dc19d9508cc8 Size/MD5 checksum: 101350 e81ceac78d6a38cfdd6b8f09e0cb176e IBM S/390 architecture: Size/MD5 checksum: 307826 1092ceb008461ac0323b2ddfc2327c22 Size/MD5 checksum: 97020 c5079802be1fed9934527371cf6a99d8 Sun Sparc architecture: Size/MD5 checksum: 323322 b33b11c7b474c50a84087f99580c122c Size/MD5 checksum: 98876 dc0ed1d555df1abb1868514fa307a88c These files will probably be moved into the stabledistribution on its next update. --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . To fix the missing iptables init issue on Debian, create a script to save and restore firewall rules at boot, ensuring consistent application of rules.. Debian Iptables Fix, Firewall Startup Issue, Debian Security Update. . LinuxSecurity.com Team

Calendar 2 Nov 01, 2004 Debian
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here