Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 112 articles for you...
172

Ubuntu 26.04 LTS Python httplib2 Important Denial of Service Vuln 8537-1

httplib2 could be made to crash if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-8537-1 July 14, 2026 python-httplib2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: httplib2 could be made to crash if it received specially crafted network traffic. Software Description: - python-httplib2: comprehensive HTTP client library written for Python3 Details: It was discovered that httplib2 performed unbounded decompression of HTTP response bodies when the server used gzip or deflate Content-Encoding. A remote attacker could possibly use this issue to cause httplib2 to use excessive resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS python3-httplib2 0.22.0-1ubuntu0.1 Ubuntu 24.04 LTS python3-httplib2 0.20.4-3ubuntu0.1 Ubuntu 22.04 LTS python3-httplib2 0.20.2-2ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8537-1 CVE-2026-59939 Package Information: https://launchpad.net/ubuntu/+source/python-httplib2/0.22.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/python-httplib2/0.20.4-3ubuntu0.1 https://launchpad.net/ubuntu/+source/python-httplib2/0.20.2-2ubuntu0.1 . A flaw in httplib2 could allow denial of service via crafted network traffic, affecting multiple Ubuntu LTS versions.. httplib2 security, Ubuntu LTS, denial of service, network vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Important Ubuntu
172

Ubuntu 26.04 Apache MINA Important Remote Code Execution Vuln 8465-1

Apache MINA could be made to run programs if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-8465-1 June 23, 2026 mina2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Apache MINA could be made to run programs if it received specially crafted network traffic. Software Description: - mina2: Apache MINA is a network application framework which helps users develop high performance and high scalability network applications easily Details: It was discovered that Apache MINA lacked an acceptMatchers allowlist mechanism to restrict which classes could be deserialized. An attacker could use this to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-52046) It was discovered that Apache MINA's deserialization filter could be bypassed via multiple code paths. An attacker could use this to execute arbitrary code by sending a specially crafted serialized object over the network. (CVE-2026-42778, CVE-2026-42779, CVE-2026-47065) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libmina2-java 2.2.1-4ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 24.04 LTS libmina2-java 2.2.1-3ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS libmina2-java 2.1.5-1ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8465-1 CVE-2024-52046, CVE-2026-42778, CVE-2026-42779, CVE-2026-47065 . Arbitrary code may be executed on Ubuntu due to Apache MINAflaws from crafted network traffic. Immediate action is required.. apache mina, ubuntu advisory, security notice, network vulnerabilities, code execution. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 25, 2026 Important Ubuntu
172

Ubuntu 26.04 LTS nginx Denial of Service Resource Issue Vuln USN-8398-1

nginx could be made to consume excessive resources if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-8398-1 June 08, 2026 nginx vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: nginx could be made to consume excessive resources if it received specially crafted network traffic. Software Description: - nginx: small, powerful, scalable web/proxy server Details: It was discovered that nginx incorrectly handled certain cookie headers in the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nginx to consume excessive resources, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS nginx 1.28.3-2ubuntu1.3 nginx-core 1.28.3-2ubuntu1.3 nginx-extras 1.28.3-2ubuntu1.3 nginx-full 1.28.3-2ubuntu1.3 nginx-light 1.28.3-2ubuntu1.3 Ubuntu 25.10 nginx 1.28.0-6ubuntu1.5 nginx-core 1.28.0-6ubuntu1.5 nginx-extras 1.28.0-6ubuntu1.5 nginx-full 1.28.0-6ubuntu1.5 nginx-light 1.28.0-6ubuntu1.5 Ubuntu 24.04 LTS nginx 1.24.0-2ubuntu7.10 nginx-core 1.24.0-2ubuntu7.10 nginx-extras 1.24.0-2ubuntu7.10 nginx-full 1.24.0-2ubuntu7.10 nginx-light 1.24.0-2ubuntu7.10 Ubuntu 22.04 LTS nginx 1.18.0-6ubuntu14.13 nginx-core 1.18.0-6ubuntu14.13 nginx-extras 1.18.0-6ubuntu14.13 nginx-full 1.18.0-6ubuntu14.13 nginx-light 1.18.0-6ubuntu14.13 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8398-1 CVE-2026-49975 Package Information: https://launchpad.net/ubuntu/+source/nginx/1.28.3-2ubuntu1.3 https://launchpad.net/ubuntu/+source/nginx/1.28.0-6ubuntu1.5 https://launchpad.net/ubuntu/+source/nginx/1.24.0-2ubuntu7.10 https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.13 . nginx update for Ubuntu fixes excessive resource consumption due to crafted network traffic. Stay secure with the latest details.. nginx security update, Ubuntu resource management, denial of service threat, network exploitation. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 08, 2026 Important Ubuntu
172

Ubuntu 8398-1 nginx Important Denial of Service CVE-2026-49975

nginx could be made to consume excessive resources if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-8398-1 June 08, 2026 nginx vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: nginx could be made to consume excessive resources if it received specially crafted network traffic. Software Description: - nginx: small, powerful, scalable web/proxy server Details: It was discovered that nginx incorrectly handled certain cookie headers in the HTTP/2 implementation. A remote attacker could possibly use this issue to cause nginx to consume excessive resources, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS nginx 1.28.3-2ubuntu1.3 nginx-core 1.28.3-2ubuntu1.3 nginx-extras 1.28.3-2ubuntu1.3 nginx-full 1.28.3-2ubuntu1.3 nginx-light 1.28.3-2ubuntu1.3 Ubuntu 25.10 nginx 1.28.0-6ubuntu1.5 nginx-core 1.28.0-6ubuntu1.5 nginx-extras 1.28.0-6ubuntu1.5 nginx-full 1.28.0-6ubuntu1.5 nginx-light 1.28.0-6ubuntu1.5 Ubuntu 24.04 LTS nginx 1.24.0-2ubuntu7.10 nginx-core 1.24.0-2ubuntu7.10 nginx-extras 1.24.0-2ubuntu7.10 nginx-full 1.24.0-2ubuntu7.10 nginx-light 1.24.0-2ubuntu7.10 Ubuntu 22.04 LTS nginx 1.18.0-6ubuntu14.13 nginx-core 1.18.0-6ubuntu14.13 nginx-extras 1.18.0-6ubuntu14.13 nginx-full 1.18.0-6ubuntu14.13 nginx-light 1.18.0-6ubuntu14.13 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8398-1 CVE-2026-49975 Package Information: https://launchpad.net/ubuntu/+source/nginx/1.28.3-2ubuntu1.3 https://launchpad.net/ubuntu/+source/nginx/1.28.0-6ubuntu1.5 https://launchpad.net/ubuntu/+source/nginx/1.24.0-2ubuntu7.10 https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.13 . This security advisory on Ubuntu highlights an nginx issue that could lead to resource exhaustion via crafted traffic.. Ubuntu Security, nginx Update, DoS Threat, Network Traffic, Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 08, 2026 Important Ubuntu
172

Ubuntu Postfix Critical DoS Crash Advisory USN-8253-2 CVE-2026-43964

Postfix could be made to crash if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-8253-2 June 03, 2026 postfix vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Postfix could be made to crash if it received specially crafted network traffic. Software Description: - postfix: High-performance mail transport agent Details: USN-8253-1 fixed a vulnerability in Postfix. This update provides the corresponding fix for Postfix on Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Kamil Frankowicz discovered that Postfix incorrectly handled certain enhanced status codes. A remote attacker could possibly use this issue to cause Postfix to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS postfix 3.4.13-0ubuntu1.4+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS postfix 3.3.0-1ubuntu0.4+esm4 Available with Ubuntu Pro Ubuntu 16.04 LTS postfix 3.1.0-3ubuntu0.4+esm4 Available with Ubuntu Pro Ubuntu 14.04 LTS postfix 2.11.0-1ubuntu1.2+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8253-2 https://ubuntu.com/security/notices/USN-8253-1 CVE-2026-43964 . Postfix on Ubuntu systems can crash due to crafted network traffic. Updates are crucial for maintaining stability and security.. Ubuntu Postfixsecurity update, Denial of Service vulnerability, Linux email transport security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 05, 2026 Critical Ubuntu
172

Ubuntu Twisted Critical Denial of Service Vulnerability USN-8380-1

Twisted could be made to crash if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-8380-1 June 03, 2026 twisted vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Twisted could be made to crash if it received specially crafted network traffic. Software Description: - twisted: Event-based framework for internet applications Details: It was discovered that Twisted incorrectly handled DNS name decompression. A remote attacker could possibly use this issue to cause Twisted to consume excessive resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS python3-twisted 25.5.0-5ubuntu0.1 Ubuntu 25.10 python3-twisted 24.11.0-1ubuntu0.1 Ubuntu 24.04 LTS python3-twisted 24.3.0-1ubuntu0.2 Ubuntu 22.04 LTS python3-twisted 22.1.0-2ubuntu2.7 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8380-1 CVE-2026-42304 Package Information: https://launchpad.net/ubuntu/+source/twisted/25.5.0-5ubuntu0.1 https://launchpad.net/ubuntu/+source/twisted/24.11.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/twisted/24.3.0-1ubuntu0.2 https://launchpad.net/ubuntu/+source/twisted/22.1.0-2ubuntu2.7 . Twisted's security flaw in Ubuntu could lead to a denial of service. Update to secure your system against potential crashes.. Ubuntu Security Update, Twisted Denial of Service, Critical Twisted Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 03, 2026 Critical Ubuntu
172

Ubuntu 26.04 LTS ngtcp2 High Remote Code Execution Vuln USN-8300-1

ngtcp2 could be made to run programs as your login if it received specially crafted network traffic when qlog was enabled.. ========================================================================== Ubuntu Security Notice USN-8300-1 May 25, 2026 ngtcp2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: ngtcp2 could be made to run programs as your login if it received specially crafted network traffic when qlog was enabled. Software Description: - ngtcp2: RFC9000 QUIC protocol implementation Details: Zou Dikai discovered that ngtcp2 serialized peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog was enabled, a remote attacker could possibly use this issue to execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libngtcp2-16 1.16.0-1ubuntu0.1 libngtcp2-crypto-gnutls-dev 1.16.0-1ubuntu0.1 libngtcp2-crypto-gnutls8 1.16.0-1ubuntu0.1 libngtcp2-crypto-ossl-dev 1.16.0-1ubuntu0.1 libngtcp2-crypto-ossl0 1.16.0-1ubuntu0.1 libngtcp2-dev 1.16.0-1ubuntu0.1 Ubuntu 25.10 libngtcp2-16 1.11.0-1+deb13u1build0.25.10.1 libngtcp2-crypto-gnutls-dev 1.11.0-1+deb13u1build0.25.10.1 libngtcp2-crypto-gnutls8 1.11.0-1+deb13u1build0.25.10.1 libngtcp2-dev 1.11.0-1+deb13u1build0.25.10.1 ngtcp2-client 1.11.0-1+deb13u1build0.25.10.1 ngtcp2-server 1.11.0-1+deb13u1build0.25.10.1 Ubuntu 24.04 LTS libngtcp2-9 0.12.1+dfsg-1+deb12u1build0.24.04.1 libngtcp2-crypto-gnutls-dev 0.12.1+dfsg-1+deb12u1build0.24.04.1 libngtcp2-crypto-gnutls2 0.12.1+dfsg-1+deb12u1build0.24.04.1 libngtcp2-dev 0.12.1+dfsg-1+deb12u1build0.24.04.1 ngtcp2-client 0.12.1+dfsg-1+deb12u1build0.24.04.1 ngtcp2-server 0.12.1+dfsg-1+deb12u1build0.24.04.1 Ubuntu 22.04 LTS libngtcp2-0 0.1.0+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro libngtcp2-crypto-gnutls-dev 0.1.0+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro libngtcp2-crypto-gnutls0 0.1.0+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro libngtcp2-dev 0.1.0+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro ngtcp2-client 0.1.0+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro ngtcp2-server 0.1.0+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8300-1 CVE-2026-40170 Package Information: https://launchpad.net/ubuntu/+source/ngtcp2/1.16.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/ngtcp2/1.11.0-1+deb13u1build0.25.10.1 https://launchpad.net/ubuntu/+source/ngtcp2/0.12.1+dfsg-1+deb12u1build0.24.04.1 . ngtcp2 could run programs as your login through specially crafted traffic when qlog enabled in Ubuntu releases.. ngtcp2 security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 25, 2026 Critical Ubuntu
172

Ubuntu 25.10 HAProxy Security Low DoS Failure Vulnerability USN-8037-2

HAProxy could be made to crash if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-8036-1 February 12, 2026 haproxy vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 Summary: HAProxy could be made to crash if it received specially crafted network traffic. Software Description: - haproxy: fast and reliable load balancing reverse proxy Details: Asim Viladi Oglu Manizada discovered that HAProxy incorrectly handled certain INITIAL packets. A remote attacker could possibly use this issue to cause HAProxy to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 haproxy 3.0.12-0ubuntu0.25.10.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8036-1 CVE-2026-26081 Package Information: . HAProxy on Ubuntu 25.10 may crash due to specific crafted packets leading to denial of service. Update recommended.. HAProxy, Ubuntu 25.10, network traffic, security advisory, denial of service. . Severity: Medium. LinuxSecurity.com Team

Calendar%202 Feb 12, 2026 Medium Ubuntu
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200