Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 7 articles for you...
172
security advisorydenial of serviceUbuntuUbuntu 14.04: Dnsmasq Important Denial of Service USN-7689-1 CVE-2019-14834
Dnsmasq could be made to crash if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-7689-1 August 11, 2025 dnsmasq vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: Dnsmasq could be made to crash if it received specially crafted network traffic. Software Description: - dnsmasq: Small caching DNS proxy and DHCP/TFTP server Details: Xu Mingjie discovered that Dnsmasq did not correctly handle certain memory operations. A remote attacker could possibly use this issue to cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS dnsmasq 2.68-1ubuntu0.2+esm3 Available with Ubuntu Pro dnsmasq-base 2.68-1ubuntu0.2+esm3 Available with Ubuntu Pro dnsmasq-utils 2.68-1ubuntu0.2+esm3 Available with Ubuntu Pro After a standard system update you need to restart dnsmasq to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7689-1 CVE-2019-14834 . Dnsmasq running on Ubuntu 14.04 LTS is susceptible to a denial of service flaw. It is advised to apply updates for secure operation.. dnsmasq denial of service Ubuntu security advisory update. . Severity: Important. LinuxSecurity.com Team
Aug 11, 2025
•Important
Ubuntu
89
security advisoryFedoramemory corruptionFedora 42: webkitgtk 2025-40aeebe6d2 critical: memory corruption issues
Enable CSS Overscroll Behavior by default. Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. Fix rendering when device scale factor change comes before the web view geometry update.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-40aeebe6d2 2025-05-17 02:01:28.575448+00:00 -------------------------------------------------------------------------------- Name : webkitgtk Product : Fedora 42 Version : 2.48.2 Release : 1.fc42 URL : https://www.webkitgtk.org/ Summary : GTK web content engine library Description : WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. -------------------------------------------------------------------------------- Update Information: Enable CSS Overscroll Behavior by default. Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. Fix rendering when device scale factor change comes before the web view geometry update. Fix network process crash on exit. Fix several crashes and rendering issues. Fix CVE-2025-24223, CVE-2025-31204, CVE-2025-31205, CVE-2025-31206, CVE-2025-31215, CVE-2025-31257 -------------------------------------------------------------------------------- ChangeLog: * Wed May 14 2025 Michael Catanzaro - 2.48.2-1 - Update to 2.48.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2366612 - CVE-2025-24223 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366612 [ 2 ] Bug #2366614 - CVE-2025-31204 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366614 [ 3 ] Bug #2366616 - CVE-2025-31205 webkitgtk: A malicious website mayexfiltrate data cross-origin [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366616 [ 4 ] Bug #2366618 - CVE-2025-31206 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366618 [ 5 ] Bug #2366620 - CVE-2025-31215 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366620 [ 6 ] Bug #2366622 - CVE-2025-31257 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366622 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-40aeebe6d2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 17, 2025
•Critical
Fedora
172
security advisoryDoSUbuntuUbuntu 18.04 LTS USN-7230-1 critical: quagga denial of service
Quagga could be made to crash if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-7230-1 January 27, 2025 quagga vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Quagga could be made to crash if it received specially crafted network traffic. Software Description: - quagga: BGP/OSPF/RIP routing daemon Details: Iggy Frankovic discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS quagga 1.2.4-1ubuntu0.1~esm2 Available with Ubuntu Pro quagga-bgpd 1.2.4-1ubuntu0.1~esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7230-1 CVE-2024-44070 . Debian publishes an urgent notice regarding a netfilter flaw compromising security through malicious packets.. quagga updates, Ubuntu advisory, network security, DoS protection. . Severity: Critical. LinuxSecurity.com Team
Jan 28, 2025
•Critical
Ubuntu
172
security advisorydenial of servicecritical riskUbuntu 23.04: USN-6467-2 Urgent: Critical Kerberos DoS Vulnerability
Kerberos could be made to crash if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-6467-2 November 06, 2023 krb5 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Kerberos could be made to crash if it received specially crafted network traffic. Software Description: - krb5: MIT Kerberos Network Authentication Protocol Details: USN-6467-1 fixed a vulnerability in Kerberos. This update provides the corresponding update for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.04. Original advisory details: Robert Morris discovered that Kerberos did not properly handle memory access when processing RPC data through kadmind, which could lead to the freeing of uninitialized memory. An authenticated remote attacker could possibly use this issue to cause kadmind to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: krb5-admin-server 1.20.1-1ubuntu0.1 krb5-kdc 1.20.1-1ubuntu0.1 krb5-kdc-ldap 1.20.1-1ubuntu0.1 krb5-otp 1.20.1-1ubuntu0.1 krb5-pkinit 1.20.1-1ubuntu0.1 krb5-user 1.20.1-1ubuntu0.1 libgssapi-krb5-2 1.20.1-1ubuntu0.1 libgssrpc4 1.20.1-1ubuntu0.1 libk5crypto3 1.20.1-1ubuntu0.1 libkadm5clnt-mit12 1.20.1-1ubuntu0.1 libkadm5srv-mit12 1.20.1-1ubuntu0.1 libkdb5-10 1.20.1-1ubuntu0.1 libkrad0 1.20.1-1ubuntu0.1 libkrb5-3 1.20.1-1ubuntu0.1 libkrb5support0 1.20.1-1ubuntu0.1 Ubuntu 22.04 LTS: krb5-admin-server 1.19.2-2ubuntu0.3 krb5-kdc 1.19.2-2ubuntu0.3 krb5-kdc-ldap 1.19.2-2ubuntu0.3 krb5-otp 1.19.2-2ubuntu0.3 krb5-pkinit 1.19.2-2ubuntu0.3 krb5-user 1.19.2-2ubuntu0.3 libgssapi-krb5-2 1.19.2-2ubuntu0.3 libgssrpc4 1.19.2-2ubuntu0.3 libk5crypto31.19.2-2ubuntu0.3 libkadm5clnt-mit12 1.19.2-2ubuntu0.3 libkadm5srv-mit12 1.19.2-2ubuntu0.3 libkdb5-10 1.19.2-2ubuntu0.3 libkrad0 1.19.2-2ubuntu0.3 libkrb5-3 1.19.2-2ubuntu0.3 libkrb5support0 1.19.2-2ubuntu0.3 Ubuntu 20.04 LTS: krb5-admin-server 1.17-6ubuntu4.4 krb5-kdc 1.17-6ubuntu4.4 krb5-kdc-ldap 1.17-6ubuntu4.4 krb5-otp 1.17-6ubuntu4.4 krb5-pkinit 1.17-6ubuntu4.4 krb5-user 1.17-6ubuntu4.4 libgssapi-krb5-2 1.17-6ubuntu4.4 libgssrpc4 1.17-6ubuntu4.4 libk5crypto3 1.17-6ubuntu4.4 libkadm5clnt-mit11 1.17-6ubuntu4.4 libkadm5srv-mit11 1.17-6ubuntu4.4 libkdb5-9 1.17-6ubuntu4.4 libkrad0 1.17-6ubuntu4.4 libkrb5-3 1.17-6ubuntu4.4 libkrb5support0 1.17-6ubuntu4.4 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6467-2 https://ubuntu.com/security/notices/USN-6467-1 CVE-2023-36054 Package Information: https://launchpad.net/ubuntu/+source/krb5/1.19.2-2ubuntu0.3 https://launchpad.net/ubuntu/+source/krb5/1.17-6ubuntu4.4 . Vulnerabilities in Kerberos might allow for a crash due to rogue network packets. Ensure your Ubuntu systems are patched to bolster security.. krb5 update, kerberos security, Ubuntu patch, network fix, denial of service. . Severity: Critical. LinuxSecurity.com Team
Nov 06, 2023
•Critical
Ubuntu
172
security advisorydenial of servicecriticalUbuntu 23.04 Security Notice: 6375-1 atftp Denial of Service Vulnerability
atftp could be made to crash if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-6375-1 September 15, 2023 atftp vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.04 LTS Summary: atftp could be made to crash if it received specially crafted network traffic. Software Description: - atftp: Advanced TFTP Server and Client Details: Florian Fainelli discovered that atftp did not properly manage requests made to a non-existent file, which could lead to a crash. A remote attacker could possibly use this issue to cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: atftpd 0.8.0-3build0.23.04.1 Ubuntu 22.04 LTS: atftpd 0.7.git20210915-4build1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6375-1 https://bugs.launchpad.net/ubuntu/+source/atftp/+bug/1989816 Package Information: https://launchpad.net/ubuntu/+source/atftp/0.8.0-3build0.23.04.1 https://launchpad.net/ubuntu/+source/atftp/0.7.git20210915-4build1 . A critical vulnerability in the atftp package on Ubuntu may allow remote attackers to trigger a denial of service. Users should apply patches urgently. atftp vulnerability, Ubuntu security update, denial of service, remote exploit, critical advisory. . Severity: Critical. LinuxSecurity.com Team
Sep 15, 2023
•Critical
Ubuntu
172
security advisorymoderateUbuntuUbuntu 20.04 LTS USN-6371-1 Moderate: libssh2 Network Crash Risk
libssh2 could be made to crash if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-6371-1 September 14, 2023 libssh2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: libssh2 could be made to crash if it received specially crafted network traffic. Software Description: - libssh2: Client-side C library implementing the SSH2 protocol Details: It was discovered that libssh2 incorrectly handled memory access. An attacker could possibly use this issue to cause a crash. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: libssh2-1 1.8.0-2.1ubuntu0.1 Ubuntu 18.04 LTS: libssh2-1 1.8.0-1ubuntu0.1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): libssh2-1 1.5.0-2ubuntu0.1+esm2 Ubuntu 14.04 LTS (Available with Ubuntu Pro): libssh2-1 1.4.3-2ubuntu0.2+esm3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6371-1 CVE-2020-22218 Package Information: https://launchpad.net/ubuntu/+source/libssh2/1.8.0-2.1ubuntu0.1 https://launchpad.net/ubuntu/+source/libssh2/1.8.0-1ubuntu0.1 . A critical libssh2 flaw affects numerous Ubuntu versions, potentially causing system failures when processing malicious network traffic. Take immediate action!. Ubuntu Security, libssh2 Issue, Network Threats, Memory Management, Software Patch. . LinuxSecurity.com Team
Sep 14, 2023
Ubuntu
172
security advisorycritical threatcups-filtersUbuntu 16.04 LTS USN-6083-2 Critical: cups-filters Network Crash Issue
cups-filters could be made to crash or run programs if it received specially crafted network traffic.. =========================================================================Ubuntu Security Notice USN-6083-2 June 19, 2023 cups-filters vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: cups-filters could be made to crash or run programs if it received specially crafted network traffic. Software Description: - cups-filters: OpenPrinting CUPS Filters Details: USN-6083-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It was discovered that cups-filters incorrectly handled the beh CUPS backend. A remote attacker could possibly use this issue to cause the backend to stop responding or to execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS (Available with Ubuntu Pro): cups-filters 1.8.3-2ubuntu3.5+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6083-2 https://ubuntu.com/security/notices/USN-6083-1 CVE-2023-24805 . Ubuntu Security Announcement USN-6083-2 outlines a cups-filters flaw permitting system crashes or code execution through specially designed network traffic.. cups-filters,Critical Threat,Denial Of Service. . Severity: Critical. LinuxSecurity.com Team
Jun 19, 2023
•Critical
Ubuntu
203
security advisorymoderateupdateMageia 7, 8: 2021-0188 Moderate: Chromium Browser Network Crash Fix
The updated packages fix security vulnerabilities and a crash when a device does some cast traffic in the local network. (See upstream release notes). References: - https://bugs.mageia.org/show_bug.cgi?id=28702 . MGASA-2021-0188 - Updated chromium-browser-stable package fixes security vulnerabilities Publication date: 15 Apr 2021 URL: https://advisories.mageia.org/MGASA-2021-0188.html Type: security Affected Mageia releases: 7, 8 The updated packages fix security vulnerabilities and a crash when a device does some cast traffic in the local network. (See upstream release notes). References: - https://bugs.mageia.org/show_bug.cgi?id=28702 - https://bugs.mageia.org/show_bug.cgi?id=28631 - https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html - https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html SRPMS: - 7/core/chromium-browser-stable-89.0.4389.128-1.mga7 - 8/core/chromium-browser-stable-89.0.4389.128-1.mga8 . The latest update for the chromium-browser-stable package addresses security flaws and resolves a crash issue that occurs during traffic casting on Mageia's network.. Chromium Browser Stable, Mageia Security Update, Network Crash Fix. . LinuxSecurity.com Team
Apr 15, 2021
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!