Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryupdateDebian

Debian 11 bullseye: DLA-3957-2 needrestart update resolves false positives

The update for needrestart announced as DLA 3957-1 introduced a regression reporting false positives for processes running in chroot or mountns. Updated packages are now available to correct this issue. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3957-2 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Salvatore Bonaccorso December 02, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : needrestart Version : 3.5-4+deb11u5 Debian Bug : 1087917 1087918 1087957 1087958 1088012 1088047 The update for needrestart announced as DLA 3957-1 introduced a regression reporting false positives for processes running in chroot or mountns. Updated packages are now available to correct this issue. For Debian 11 bullseye, this problem has been fixed in version 3.5-4+deb11u5. We recommend that you upgrade your needrestart packages. For the detailed security status of needrestart please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/needrestart Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Patch for needrestart fixes incorrect false positive alerts in Debian LTS DLA-3957-2. Please update your software immediately!. Debian LTS, needrestart, security updates, regression fixes. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Dec 02, 2024 Low Debian LTS
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianpackage update

Debian Bookworm DSA-5815-2 Moderate: Needrestart False Positive Correction

The update for needrestart announced as DSA 5815-1 introduced a regression reporting false positives for processes running in chroot or mountns. Updated packages are now available to correct this issue. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5815-2 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso December 02, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : needrestart Debian Bug : 1087917 1087918 1087957 1087958 1088012 1088047 The update for needrestart announced as DSA 5815-1 introduced a regression reporting false positives for processes running in chroot or mountns. Updated packages are now available to correct this issue. For the stable distribution (bookworm), this problem has been fixed in version 3.6-4+deb12u3. We recommend that you upgrade your needrestart packages. For the detailed security status of needrestart please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/needrestart Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Patch released for needrestart to address incorrect warnings in chroot or mountns tasks. Users are encouraged to apply the update.. Debian, needrestart, package update, software fix, security advisory. . LinuxSecurity.com Team

Calendar 2 Dec 02, 2024 Debian
Banner 3 1028x280 1708121785 1771599793
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorysoftware updateUbuntu

Ubuntu 24.10: USN-7117-2 critical: needrestart regression resolved

USN-7117-1 caused some regression in needrestart.. ========================================================================== Ubuntu Security Notice USN-7117-2 November 26, 2024 needrestart regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: USN-7117-1 caused some regression in needrestart. Software Description: - needrestart: check which daemons need to be restarted after library upgrades Details: USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that needrestart passed unsanitized data to a library (libmodule-scandeps-perl) which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-11003) Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands. (CVE-2024-10224) Qualys discovered that needrestart incorrectly used the PYTHONPATH environment variable to spawn a new Python interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48990) Qualys discovered that needrestart incorrectly checked the path to the Python interpreter. A local attacker could possibly use this issue to win a race condition and execute arbitrary code as root. (CVE-2024-48991) Qualys discovered that needrestart incorrectly used the RUBYLIB environment variable to spawn a new Ruby interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48992) Update instructions: The problem can be corrected byupdating your system to the following package versions: Ubuntu 24.10 needrestart 3.6-8ubuntu4.3 Ubuntu 24.04 LTS needrestart 3.6-7ubuntu4.4 Ubuntu 22.04 LTS needrestart 3.5-5ubuntu2.3 Ubuntu 20.04 LTS needrestart 3.4-6ubuntu0.1+esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS needrestart 3.1-1ubuntu0.1+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS needrestart 2.6-1ubuntu0.1~esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7117-2 https://ubuntu.com/security/notices/USN-7117-1 https://bugs.launchpad.net/ubuntu/+source/needrestart/+bug/2089193 Package Information: https://launchpad.net/ubuntu/+source/needrestart/3.6-8ubuntu4.3 https://launchpad.net/ubuntu/+source/needrestart/3.6-7ubuntu4.4 https://launchpad.net/ubuntu/+source/needrestart/3.5-5ubuntu2.3 . Explore the latest enhancements for Ubuntu's needrestart, featuring essential patches for security vulnerabilities as well as a fix for the recent regression.. Ubuntu Security, needrestart Updates, Local Attack Prevention, regression Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 26, 2024 Critical Ubuntu
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryarbitrary code executionUbuntu

Ubuntu 7117-1 critical: needrestart & libmodule-scandeps code risks

Several security issues were fixed in libmodule-scandeps-perl, needrestart.. ========================================================================== Ubuntu Security Notice USN-7117-1 November 19, 2024 Several security issues were fixed in needrestart and Module::ScanDeps ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in libmodule-scandeps-perl, needrestart. Software Description: - libmodule-scandeps-perl: module to recursively scan Perl code for dependencies - needrestart: check which daemons need to be restarted after library upgrades Details: Qualys discovered that needrestart passed unsanitized data to a library (libmodule-scandeps-perl) which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-11003) Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands. (CVE-2024-10224) Qualys discovered that needrestart incorrectly used the PYTHONPATH environment variable to spawn a new Python interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48990) Qualys discovered that needrestart incorrectly checked the path to the Python interpreter. A local attacker could possibly use this issue to win a race condition and execute arbitrary code as root. (CVE-2024-48991) Qualys discovered that needrestart incorrectly used the RUBYLIB environment variable to spawn a new Ruby interpreter. A local attacker could possibly use this issue to execute arbitrary code as root. (CVE-2024-48992) Update instructions: The problem can be corrected by updating your system to the following packageversions: Ubuntu 24.10 libmodule-scandeps-perl 1.35-1ubuntu0.24.10.1 needrestart 3.6-8ubuntu4.2 Ubuntu 24.04 LTS libmodule-scandeps-perl 1.35-1ubuntu0.24.04.1 needrestart 3.6-7ubuntu4.3 Ubuntu 22.04 LTS libmodule-scandeps-perl 1.31-1ubuntu0.1 needrestart 3.5-5ubuntu2.2 Ubuntu 20.04 LTS libmodule-scandeps-perl 1.27-1ubuntu0.1~esm1 Available with Ubuntu Pro needrestart 3.4-6ubuntu0.1+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libmodule-scandeps-perl 1.24-1ubuntu0.1~esm1 Available with Ubuntu Pro needrestart 3.1-1ubuntu0.1+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS libmodule-scandeps-perl 1.20-1ubuntu0.1~esm1 Available with Ubuntu Pro needrestart 2.6-1ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7117-1 CVE-2024-10224, CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992 Package Information: https://launchpad.net/ubuntu/+source/needrestart/3.6-8ubuntu4.2 https://launchpad.net/ubuntu/+source/libmodule-scandeps-perl/1.31-1ubuntu0.1 . Several vulnerabilities have been addressed in needrestart and libmodule-scandeps on Ubuntu. This update enhances defenses against potential threats.. Ubuntu Security, System Update, Module Scan, Needrestart Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 19, 2024 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianprivilege escalation

Debian 11 bullseye: DLA-3957-1 critical: needrestart local escalation

The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3957-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Salvatore Bonaccorso November 19, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : needrestart Version : 3.5-4+deb11u4 CVE ID : CVE-2024-11003 CVE-2024-48990 CVE-2024-48991 CVE-2024-48992 The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable (CVE-2024-48990) or running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable (CVE-2024-48992). Additionally a local attacker can trick needrestart into running a fake Python interpreter (CVE-2024-48991) or cause needrestart to call the Perl module Module::ScanDeps with attacker-controlled files (CVE-2024-11003). Details can be found in the Qualys advisory at https:// For Debian 11 bullseye, these problems have been fixed in version 3.5-4+deb11u4. We recommend that you upgrade your needrestart packages. For the detailed security status of needrestart please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/needrestart Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS .Ubuntu LTS USN-5421-2 updates addressing remote code execution in openssl. Ensure your systems remain protected with the newest security updates!. Debian LTS, local privilege escalation, needrestart, security updates, threat research. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 19, 2024 Critical Debian LTS
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdatecritical

Debian Bookworm DSA-5815-1 critical: needrestart local access threats

The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5815-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso November 19, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : needrestart CVE ID : CVE-2024-11003 CVE-2024-48990 CVE-2024-48991 CVE-2024-48992 The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable (CVE-2024-48990) or running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable (CVE-2024-48992). Additionally a local attacker can trick needrestart into running a fake Python interpreter (CVE-2024-48991) or cause needrestart to call the Perl module Module::ScanDeps with attacker-controlled files (CVE-2024-11003). Details can be found in the Qualys advisory at https://https://www.qualys.com/2024/11/19/needrestart/needrestart.txt For the stable distribution (bookworm), these problems have been fixed in version 3.6-4+deb12u2. We recommend that you upgrade your needrestart packages. For the detailed security status of needrestart please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/needrestart Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions canbe found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu Security Notice USN-6543-1 addresses several vulnerabilities in the needrestart utility. Users are advised to upgrade to enhance security.. Debian Security, Needrestart Update, Local Escalation Risks, Qualys Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 19, 2024 Critical Debian
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycritical issuedebian

Debian 9 Stretch DLA-3013-1 Critical: Needrestart Local Escalation

Jakub Wilk discovered a local privilege escalation in needrestart, a utility to check which daemons need to be restarted after library upgrades. Regular expressions to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate . - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3013-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Utkarsh Gupta May 18, 2022 https://wiki.debian.org/LTS - ----------------------------------------------------------------------- Package : needrestart Version : 2.11-3+deb9u2 CVE ID : CVE-2022-30688 Debian Bug : 1011154 Jakub Wilk discovered a local privilege escalation in needrestart, a utility to check which daemons need to be restarted after library upgrades. Regular expressions to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files. For Debian 9 stretch, this problem has been fixed in version 2.11-3+deb9u2. We recommend that you upgrade your needrestart packages. For the detailed security status of needrestart please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/needrestart Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A vulnerability allowing local privilege escalation in needrestart was addressed in the recent Debian LTS security update DLA-3013-1.. Debian LTS, Needrestart, Local Escalation. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 18, 2022 Critical Debian LTS
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticallocal execution

Ubuntu 22.04 LTS USN-5426-1 Critical: Needrestart Execution Risk

needrestart could be made to run programs.. =========================================================================Ubuntu Security Notice USN-5426-1 May 17, 2022 needrestart vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 21.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: needrestart could be made to run programs. Software Description: - needrestart: check which daemons need to be restarted after library upgrades Details: Jakub Wilk discovered that needrestart incorrectly used some regular expressions. A local attacker could possibly use this issue to execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: needrestart 3.5-5ubuntu2.1 Ubuntu 21.10: needrestart 3.5-4ubuntu2.1 Ubuntu 20.04 LTS: needrestart 3.4-6ubuntu0.1 Ubuntu 18.04 LTS: needrestart 3.1-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5426-1 CVE-2022-30688 Package Information: https://launchpad.net/ubuntu/+source/needrestart/3.5-5ubuntu2.1 https://launchpad.net/ubuntu/+source/needrestart/3.5-4ubuntu2.1 https://launchpad.net/ubuntu/+source/needrestart/3.4-6ubuntu0.1 https://launchpad.net/ubuntu/+source/needrestart/3.1-1ubuntu0.1 . Critical notice for Ubuntu users concerning the needrestart flaw that permits local exploits to run unauthorized applications.. Needrestart Vulnerability, Local Execution Risk, Ubuntu Security Notice. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 17, 2022 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here