Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
100
security advisorymoderateSuSESUSE 12 SP5: Advisory on iputils Moderate Integer Overflow CVE-2025-48964
* bsc#1243772 Cross-References: * CVE-2025-48964 . # Security update for iputils Announcement ID: SUSE-SU-2025:02432-1 Release Date: 2025-07-21T11:23:54Z Rating: moderate References: * bsc#1243772 Cross-References: * CVE-2025-48964 CVSS scores: * CVE-2025-48964 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-48964 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for iputils fixes the following issues: * CVE-2025-48964: Fixed integer overflow in ping statistics via zero timestamp (bsc#1243772) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2432=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * iputils-debuginfo-s20161105-11.12.1 * iputils-debugsource-s20161105-11.12.1 * iputils-s20161105-11.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-48964.html * https://bugzilla.suse.com/show_bug.cgi?id=1243772 . Enhance the safety of your SUSE environment by applying the recent iputils upgrade which fixes CVE-2025-48964, tackling a critical buffer overflow vulnerability.. iputils update, SUSE Advisory, moderate security fix, network utility, integer overflow. . LinuxSecurity.com Team
Jul 21, 2025
SuSE
217
security advisoryupdatecriticalOracle Linux 9 ELSA-2024-1334 Urgent dnsmasq Security Patch Released
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-1334 https://linux.oracle.com/errata/ELSA-2024-1334.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: dnsmasq-2.85-14.el9_3.1.x86_64.rpm dnsmasq-utils-2.85-14.el9_3.1.x86_64.rpm aarch64: dnsmasq-2.85-14.el9_3.1.aarch64.rpm dnsmasq-utils-2.85-14.el9_3.1.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates//dnsmasq-2.85-14.el9_3.1.src.rpm Related CVEs: CVE-2023-50387 CVE-2023-50868 Description of changes: [2.85-14.1] - Fix CVE 2023-50387 and CVE 2023-50868 - Resolves: RHEL-25674 - Resolves: RHEL-25638 _______________________________________________ El-errata mailing list
Mar 15, 2024
•Important
Oracle
89
security advisorymoderateFedoraFedora 36: 2022-3f293290c3 Moderate: DHCP Cache Poisoning Issue
Security fix for CVE-2021-25220 New version 4.4.3 Add keama migration utility. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-3f293290c3 2022-05-07 04:08:14.314323 --------------------------------------------------------------------------------Name : dhcp Product : Fedora 36 Version : 4.4.3 Release : 2.fc36 URL : https://www.isc.org/dhcp/ Summary : Dynamic host configuration protocol software Description : DHCP (Dynamic Host Configuration Protocol) --------------------------------------------------------------------------------Update Information: Security fix for CVE-2021-25220 New version 4.4.3 Add keama migration utility --------------------------------------------------------------------------------ChangeLog: * Mon Apr 11 2022 Martin Osvald - 12:4.4.3-2 - Fix for CVE-2021-25220 * Thu Mar 10 2022 Martin Osvald - 12:4.4.3-1 - New version 4.4.3 - Add keama migration utility --------------------------------------------------------------------------------References: [ 1 ] Bug #2064512 - CVE-2021-25220 bind: DNS forwarders - cache poisoning vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=2064512 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3f293290c3' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 07, 2022
Fedora
98
security advisorytcpdumpsecurity fixRed Hat Enterprise Linux: RHSA-2021-4236 Low Severity Tcpdump Memory Issue
An update for tcpdump is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: tcpdump security and bug fix update Advisory ID: RHSA-2021:4236-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4236 Issue date: 2021-11-09 CVE Names: CVE-2020-8037 ==================================================================== 1. Summary: An update for tcpdump is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces. Security Fix(es): * tcpdump: ppp decapsulator can be convinced to allocate a large amount of memory (CVE-2020-8037) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described inthis advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1860216 - tcpdump can not parse mptcp options 1895080 - CVE-2020-8037 tcpdump: ppp decapsulator can be convinced to allocate a large amount of memory 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: tcpdump-4.9.3-2.el8.src.rpm aarch64: tcpdump-4.9.3-2.el8.aarch64.rpm tcpdump-debuginfo-4.9.3-2.el8.aarch64.rpm tcpdump-debugsource-4.9.3-2.el8.aarch64.rpm ppc64le: tcpdump-4.9.3-2.el8.ppc64le.rpm tcpdump-debuginfo-4.9.3-2.el8.ppc64le.rpm tcpdump-debugsource-4.9.3-2.el8.ppc64le.rpm s390x: tcpdump-4.9.3-2.el8.s390x.rpm tcpdump-debuginfo-4.9.3-2.el8.s390x.rpm tcpdump-debugsource-4.9.3-2.el8.s390x.rpm x86_64: tcpdump-4.9.3-2.el8.x86_64.rpm tcpdump-debuginfo-4.9.3-2.el8.x86_64.rpm tcpdump-debugsource-4.9.3-2.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-8037 https://access.redhat.com/security/updates/classification#low https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/8.5_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYYrdidzjgjWX9erEAQhDCg/9Ek69RNw0Y2StR6KPJIm8xUPW8WYFNHag j9yEG5rPacLLPrrjDQkMhGOSywVdU3DRxyZWHGn18HjbsOfS7Wrj08BVtwdLWm9Y +3D57e/4+ZCXFl+4JBcueSfDmNqQbZRqYO+OOlQfvUZ82iU7JNwbacfDrtbhydj2 VcRKoQ5DCXkcyJp3AG0bf8+7goPpQGMRjTJP/cH1lExOiOzPKPXUTFmVeNyr1VTw QxwQgtYqGbheNTsCrdlwqRvmkvjMEfamsHkUQppoB9MJWv9ALBGJ7MbBgfP0VUhE NxO4bT2c1+FM2YF30pDtCsO3Jw72Z+jNGkPGh6njzdCBTN+wDHO08snQzQYMq26T WZnEq61QQy+TukdCM4MIYkKdozLusTWmlH/z8/oPPvvKOWM9239swV7ijegZcsU5 SFMDnyZe+A5iaddixc5v+2e9NRE5d44miXi34AbTuuIbt3ICBqfOzR/77EyyAXUV 9BinfBBCf1wsgKzUkvxnASnxtcjtk5gmo1V+s0Swhz2X3oEC+e3T7IT0HKiE3jfe bMH5GFyW58eV54U5pP+s0CzQnX7zv4ZQga78VhNR/FU0uvmOwKRHXe6Ra++o1m6h ympHQrgfQlrVKe+0mGtRiZVP7UkzQlt0n0JmZb2r3DVHqSY5mf4+1GzLRxYKqhPT wzpVwG+8r9E=lQRI -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Nov 09, 2021
•Low
Red Hat
197
security advisorysecurity issuecriticalDebian 8: DLA-2176-1 Critical: Inetutils Remote Code Execution
NOTE: This DLA was intially sent on 2020-04-14 but for reasons unknown failed to reach the mailing list. It is being re-sent now to ensure that it appears in the mailing list archive. No new version of . Package : inetutils Version : 2:1.9.2.39.3a460-3+deb8u1 CVE ID : CVE-2020-10188 Debian Bug : 956084 NOTE: This DLA was intially sent on 2020-04-14 but for reasons unknown failed to reach the mailing list. It is being re-sent now to ensure that it appears in the mailing list archive. No new version of inetutils has been published since version 2:1.9.2.39.3a460-3+deb8u1 described in the original advisory. A vulnerability was discovered in the telnetd component of inetutils, a collection of network utilities. Execution of arbitrary remote code was possible through short writes or urgent data. For Debian 8 "Jessie", this problem has been fixed in version 2:1.9.2.39.3a460-3+deb8u1. We recommend that you upgrade your inetutils packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Important inetutils security patch for Debian 8 released to fix remote code execution flaw. Proceed with package upgrade.. Debian Security Update, Inetutils Remote Code, Inetutils Vulnerability, Debian LTS, Remote Code Exploit. . Severity: Critical. LinuxSecurity.com Team
May 14, 2020
•Critical
Debian LTS
197
security advisorydenial of serviceupdateDebian 8: DLA-1760-1 Moderate: wget Buffer Overflow Threat
Kusano Kazuhiko discovered a buffer overflow vulnerability in the handling of Internationalized Resource Identifiers (IRI) in wget, a network utility to retrieve files from the web, which could result in the execution of . Package : wget Version : 1.16-1+deb8u6 CVE ID : CVE-2019-5953 Kusano Kazuhiko discovered a buffer overflow vulnerability in the handling of Internationalized Resource Identifiers (IRI) in wget, a network utility to retrieve files from the web, which could result in the execution of arbitrary code or denial of service when recursively downloading from an untrusted server. For Debian 8 "Jessie", this problem has been fixed in version 1.16-1+deb8u6. We recommend that you upgrade your wget packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A security flaw was uncovered by Kusano Kazuhiko in wget that impacts Debian 8 systems. It is advised to perform an upgrade to mitigate risks.. buffer Overflow, wget Update, Debian Security, Network Utility, Internationalized Resource Identifiers. . Severity: Important. LinuxSecurity.com Team
Apr 22, 2019
•Important
Debian LTS
99
security advisorycritical issuesoftware updateSlackware 9.0-12.0 Security Advisory: Tcpdump Integer Overflow Critical
New tcpdump packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] tcpdump (SSA:2007-230-01) New tcpdump packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: https://www.cve.org/CVERecord?id=CVE-2007-3798 Here are the details from the Slackware 12.0 ChangeLog: +--------------------------+ patches/packages/tcpdump-3.9.7-i486-1_slack12.0.tgz: Upgraded to libpcap-0.9.7, tcpdump-3.9.7. This new version fixes an integer overflow in the BGP dissector which could possibly allow remote attackers to crash tcpdump or to execute arbitrary code. For more information, see: https://www.cve.org/CVERecord?id=CVE-2007-3798 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com. Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 9.0: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/tcpdump-3.9.7-i386-1_slack9.0.tgz Updated package for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/tcpdump-3.9.7-i486-1_slack9.1.tgz Updated package for Slackware 10.0: ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/tcpdump-3.9.7-i486-1_slack10.0.tgz Updated package forSlackware 10.1: ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/tcpdump-3.9.7-i486-1_slack10.1.tgz Updated package for Slackware 10.2: ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/tcpdump-3.9.7-i486-1_slack10.2.tgz Updated package for Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/tcpdump-3.9.7-i486-1_slack11.0.tgz Updated package for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/tcpdump-3.9.7-i486-1_slack12.0.tgz MD5 signatures: +-------------+ Slackware 9.0 package: 3ac8262bcab4556d29db76c6bab77b4c tcpdump-3.9.7-i386-1_slack9.0.tgz Slackware 9.1 package: 41cb8e80ae262be700aee5343d8e91a8 tcpdump-3.9.7-i486-1_slack9.1.tgz Slackware 10.0 package: c530e5cdde5dcaa16d4f1c5a85d96f32 tcpdump-3.9.7-i486-1_slack10.0.tgz Slackware 10.1 package: 3b75b71c289c3d90ac0a3eab4c864879 tcpdump-3.9.7-i486-1_slack10.1.tgz Slackware 10.2 package: 60d19664ef5c43f463e6d8dcb7f808bb tcpdump-3.9.7-i486-1_slack10.2.tgz Slackware 11.0 package: 9dbfc4c5aac75837cfb661c06cad668b tcpdump-3.9.7-i486-1_slack11.0.tgz Slackware 12.0 package: f2b34a0c29485d8f942602b69fae0c70 tcpdump-3.9.7-i486-1_slack12.0.tgz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg tcpdump-3.9.7-i486-1_slack12.0.tgz +-----+ . Security bulletin for tcpdump patch in Slackware versions 9.0 through 12.0 targeting severe vulnerability mitigation.. Tcpdump Packages, Slackware Security, Software Updates. . Severity: Critical. LinuxSecurity.com Team
Aug 18, 2007
•Critical
Slackware
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!