Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicefedora

Fedora 41 nbdkit 2025-bc02ec32fb moderate: Denial of Service risk

New upstream stable branch version 1.40.6. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-bc02ec32fb 2025-05-26 01:05:37.480117+00:00 -------------------------------------------------------------------------------- Name : nbdkit Product : Fedora 41 Version : 1.40.6 Release : 1.fc41 URL : https://gitlab.com/nbdkit/nbdkit Summary : NBD server Description : NBD is a protocol for accessing block devices (hard disks and disk-like things) over the network. nbdkit is a toolkit for creating NBD servers. The key features are: * Multithreaded NBD server written in C with good performance. * Minimal dependencies for the basic server. * Liberal license (BSD) allows nbdkit to be linked to proprietary libraries or included in proprietary code. * Well-documented, simple plugin API with a stable ABI guarantee. Lets you to export "unconventional" block devices easily. * You can write plugins in C or many other languages. * Filters can be stacked in front of plugins to transform the output. * Server can run standalone or can be invoked from other programs. 'nbdkit' is a meta-package which pulls in the core server and a useful subset of plugins and filters with minimal dependencies. If you want just the server, install 'nbdkit-server'. To develop plugins, install the 'nbdkit-devel' package and start by reading the nbdkit(1) and nbdkit-plugin(3) manual pages. -------------------------------------------------------------------------------- Update Information: New upstream stable branch version 1.40.6 -------------------------------------------------------------------------------- ChangeLog: * Sat May 10 2025 Richard W.M. Jones - 1.40.6-1 - New upstream stable branch version 1.40.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2365691 - CVE-2025-47711 nbdkit: off-by-one error when processingblock status may lead to a Denial of Service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2365691 [ 2 ] Bug #2365726 - CVE-2025-47712 nbdkit: Integer overflow triggers an assertion resulting in Denial of Service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2365726 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-bc02ec32fb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Fedora update for nbdkit 1.40.6 addresses Denial of Service risks with essential patches for enhanced security.. Fedora Update, nbdkit, Denial of Service, nbd protocol, block devices. . LinuxSecurity.com Team

Calendar 2 May 26, 2025 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorybuffer overflowFedora

Fedora 36: 2022-263873fb70 Critical nbd Buffer Overflow

Update to 3.24: fix CVE-2022-26495, CVE-2022-26496. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-263873fb70 2022-03-26 14:56:28.655820 --------------------------------------------------------------------------------Name : nbd Product : Fedora 36 Version : 3.24 Release : 1.fc36 URL : https://nbd.sourceforge.io/ Summary : Network Block Device user-space tools (TCP version) Description : Tools for the Linux Kernel's network block device, allowing you to use remote block devices over a TCP/IP network. --------------------------------------------------------------------------------Update Information: Update to 3.24: fix CVE-2022-26495, CVE-2022-26496 --------------------------------------------------------------------------------ChangeLog: * Tue Mar 8 2022 Robin Lee 3.24-1 - Update to 3.24: fix CVE-2022-26495(RHBZ#2061541), CVE-2022-26496(RHBZ#2061542) --------------------------------------------------------------------------------References: [ 1 ] Bug #2061541 - CVE-2022-26495 nbd: heap-based buffer overflow in nbd-server.c https://bugzilla.redhat.com/show_bug.cgi?id=2061541 [ 2 ] Bug #2061542 - CVE-2022-26496 nbd: stack-based buffer overflow during name parsing in nbd-server.c https://bugzilla.redhat.com/show_bug.cgi?id=2061542 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-263873fb70' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Addresses essential heap and stack overflow vulnerabilities in nbd on Fedora 36 through recent updates and enhanced security protocols.. nbd update,Fedora security,network block device,buffer overflow issues,critical update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 26, 2022 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorybuffer overflowcritical

Ubuntu 22.10: 2022-5f1d2b3abc Major: ext4 File System Vulnerability Patch

Update to 3.24: fix CVE-2022-26495, CVE-2022-26496. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-807e431d5f 2022-03-16 16:23:24.203844 --------------------------------------------------------------------------------Name : nbd Product : Fedora 35 Version : 3.24 Release : 1.fc35 URL : https://nbd.sourceforge.io/ Summary : Network Block Device user-space tools (TCP version) Description : Tools for the Linux Kernel's network block device, allowing you to use remote block devices over a TCP/IP network. --------------------------------------------------------------------------------Update Information: Update to 3.24: fix CVE-2022-26495, CVE-2022-26496 --------------------------------------------------------------------------------ChangeLog: * Tue Mar 8 2022 Robin Lee 3.24-1 - Update to 3.24: fix CVE-2022-26495(RHBZ#2061541), CVE-2022-26496(RHBZ#2061542) * Thu Jan 20 2022 Fedora Release Engineering 3.23-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Nov 26 2021 Robin Lee 3.23-1 - New release 3.23 --------------------------------------------------------------------------------References: [ 1 ] Bug #2061541 - CVE-2022-26495 nbd: heap-based buffer overflow in nbd-server.c https://bugzilla.redhat.com/show_bug.cgi?id=2061541 [ 2 ] Bug #2061542 - CVE-2022-26496 nbd: stack-based buffer overflow during name parsing in nbd-server.c https://bugzilla.redhat.com/show_bug.cgi?id=2061542 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-807e431d5f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the FedoraProject can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 35 releases an update for the nbd utility addressing significant buffer overflow vulnerabilities, bolstering system security.. Fedora 35,nrd update,network block device,buffer overflow fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 16, 2022 Critical Fedora
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticalcode execution

Debian Bullseye: DSA-5100-1 Critical: NBD Code Execution Risk

Two vulnerabilities were discovered in the server for the Network Block Device (NBD), which could result in the execution of arbitrary code. For the oldstable distribution (buster), these problems have been fixed . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5100-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff March 12, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nbd CVE ID : CVE-2022-26495 CVE-2022-26496 Debian Bug : 1003863 1006915 Two vulnerabilities were discovered in the server for the Network Block Device (NBD), which could result in the execution of arbitrary code. For the oldstable distribution (buster), these problems have been fixed in version 1:3.19-3+deb10u1. For the stable distribution (bullseye), these problems have been fixed in version 1:3.21-1+deb11u1. We recommend that you upgrade your nbd packages. For the detailed security status of nbd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/nbd Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Two weaknesses in nbd affecting Debian addressed to avert execution of unauthorized code; upgrade advised for improved security.. Network Block Device, Debian Security, Code Execution Threat. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 12, 2022 Critical Debian
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 23: FEDORA-2016-14581 Important: Nbd Vulnerability Mitigation Patch

* Fix unsafe signal handlers to avoid DoS attack [CVE-2015-0847].. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-12719 2015-08-04 03:15:28 -------------------------------------------------------------------------------- Name : nbd Product : Fedora 22 Version : 3.11Release : 1.fc22 URL : https://nbd.sourceforge.io/ Summary : Network Block Device user-space tools (TCP version) Description : Tools for the Linux Kernel's network block device, allowing you to use remote block devices over a TCP/IP network. -------------------------------------------------------------------------------- Update Information: * Fix unsafe signal handlers to avoid DoS attack [CVE-2015-0847]. -------------------------------------------------------------------------------- ChangeLog: * Sat Jul 11 2015 Christopher Meng - 3.11-1 - Update to 3.11-------------------------------------------------------------------------------- References: [ 1 ] Bug #1222027 - CVE-2015-0847 nbd: nbd-server denial of service due to unsafe signal handlers https://bugzilla.redhat.com/show_bug.cgi?id=1222027 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nbd' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Implement secure signal handling practices for Fedora 22 nbd, addressing potential Denial of Service vulnerabilities with thisessential patch.. Fedora Security Update, Nbd Software Update, DoS Prevention, Network Block Device, Signal Handler Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 13, 2015 Important Fedora
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicemoderate severity

Ubuntu 14.04 LTS USN-2676-1 Moderate NBD Denial of Service Issues

Several security issues were fixed in NBD.. =========================================================================Ubuntu Security Notice USN-2676-1 July 22, 2015 nbd vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 15.04 - Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in NBD. Software Description: - nbd: Network Block Device protocol Details: It was discovered that NBD incorrectly handled IP address matching. A remote attacker could use this issue with an IP address that has a partial match and bypass access restrictions. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-6410) Tuomas Räsänen discovered that NBD incorrectly handled wrong export names and closed connections during negotiation. A remote attacker could use this issue to cause NBD to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-7441) Tuomas Räsänen discovered that NBD incorrectly handled signals. A remote attacker could use this issue to cause NBD to crash, resulting in a denial of service. (CVE-2015-0847) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 15.04: nbd-server 1:3.8-4ubuntu0.1 Ubuntu 14.10: nbd-server 1:3.8-1ubuntu0.1 Ubuntu 14.04 LTS: nbd-server 1:3.7-1ubuntu0.1 Ubuntu 12.04 LTS: nbd-server 1:2.9.25-2ubuntu1.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2676-1 CVE-2013-6410, CVE-2013-7441, CVE-2015-0847 Package Information: https://launchpad.net/ubuntu/+source/nbd/1:3.8-4ubuntu0.1 https://launchpad.net/ubuntu/+source/nbd/1:3.8-1ubuntu0.1 https://launchpad.net/ubuntu/+source/nbd/1:3.7-1ubuntu0.1 https://launchpad.net/ubuntu/+source/nbd/1:2.9.25-2ubuntu1.1 . Critical vulnerabilities addressed in Ubuntu 15.04 and earlier reiterate the importance of security measures and necessary updates.. NBD vulnerabilities, Ubuntu security update, denial of service, remote access issues. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 22, 2015 Important Ubuntu
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian 8: DSA-3271-1 Critical Alert For Nbd Denial Of Service

Tuomas Räsänen discovered that unsafe signal handling in nbd-server, the server for the Network Block Device protocol, could allow remote attackers to cause a deadlock in the server process and thus a denial of service. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3271-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Alessandro Ghedini May 23, 2015 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nbd CVE ID : CVE-2013-7441 CVE-2015-0847 Debian Bug : 781547 784657 Tuomas Räsänen discovered that unsafe signal handling in nbd-server, the server for the Network Block Device protocol, could allow remote attackers to cause a deadlock in the server process and thus a denial of service. Tuomas Räsänen also discovered that the modern-style negotiation was carried out in the main server process before forking the actual client handler. This could allow a remote attacker to cause a denial of service (crash) by querying a non-existent export. This issue only affected the oldstable distribution (wheezy). For the oldstable distribution (wheezy), these problems have been fixed in version 1:3.2-4~deb7u5. For the stable distribution (jessie), these problems have been fixed in version 1:3.8-4+deb8u1. For the testing distribution (stretch), these problems have been fixed in version 1:3.10-1. For the unstable distribution (sid), these problems have been fixed in version 1:3.10-1. We recommend that you upgrade your nbd packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian DSA-3272-1 highlights vulnerabilities in the libc library that could enable denial of service via improper memoryhandling. Immediate patching advised.. Debian Security, NBD Protocol, Denial of Service, Signal Handling. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 23, 2015 Critical Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here