Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -3 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

Debian 9 Stretch: DLA-2836-1 Critical: nss Heap Overflow

Tavis Ormandy discovered that nss, the Mozilla Network Security Service library, is prone to a heap overflow flaw when verifying DSA or RSA-PPS signatures, which could result in denial of service or potentially the execution of arbitrary code. . - ----------------------------------------------------------------------- Debian LTS Advisory DLA-2836-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Utkarsh Gupta December 02, 2021 https://wiki.debian.org/LTS - ----------------------------------------------------------------------- Package : nss Version : 2:3.26.2-1.1+deb9u3 CVE ID : CVE-2021-43527 Tavis Ormandy discovered that nss, the Mozilla Network Security Service library, is prone to a heap overflow flaw when verifying DSA or RSA-PPS signatures, which could result in denial of service or potentially the execution of arbitrary code. For Debian 9 stretch, this problem has been fixed in version 2:3.26.2-1.1+deb9u3. We recommend that you upgrade your nss packages. For the detailed security status of nss please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/nss Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-2837-1 highlights buffer overflow vulnerability in openssl package. Upgrade is advised for protection.. Debian LTS,nss security,heap overflow,service library. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 02, 2021 Critical Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicecritical

Debian: DLA-1138-1 Critical: Nss Use-After-Free Denial of Service

Martin Thomson discovered that nss, the Mozilla Network Security Service library, is prone to a use-after-free vulnerability in the TLS 1.2 implementation when handshake hashes are generated. A remote attacker can take advantage of this flaw to cause an application using the nss . Package : nss Version : 2:3.26-1+debu7u5 CVE ID : CVE-2017-7805 Martin Thomson discovered that nss, the Mozilla Network Security Service library, is prone to a use-after-free vulnerability in the TLS 1.2 implementation when handshake hashes are generated. A remote attacker can take advantage of this flaw to cause an application using the nss library to crash, resulting in a denial of service, or potentially to execute arbitrary code. For Debian 7 "Wheezy", these problems have been fixed in version 2:3.26-1+debu7u5. We recommend that you upgrade your nss packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Patch released for nss library addressing use-after-free vulnerabilities, mitigating risks associated with possible remote code execution and Denial of Service exploits.. Nss Library Security, Debian Update, Use-After-Free Flaw, Denial Of Service, Network Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 19, 2017 Critical Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorycritical threatimportant update

Scientific Linux: SLSA-2017-2832-1 Critical: NSS Use-After-Free Threat

A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application. (CVE-2017-7805) SL6 x86_64 nss-3.28.4-4.el6_9.i686.rpm nss-3.28.4-4.el6_9.x86 [More...]. Synopsis: Important: nss security update Advisory ID: SLSA-2017:2832-1 Issue Date: 2017-09-29 CVE Numbers: CVE-2017-7805 -- Security Fix(es): * A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application. (CVE-2017-7805) -- SL6 x86_64 nss-3.28.4-4.el6_9.i686.rpm nss-3.28.4-4.el6_9.x86_64.rpm nss-debuginfo-3.28.4-4.el6_9.i686.rpm nss-debuginfo-3.28.4-4.el6_9.x86_64.rpm nss-sysinit-3.28.4-4.el6_9.x86_64.rpm nss-tools-3.28.4-4.el6_9.x86_64.rpm nss-devel-3.28.4-4.el6_9.i686.rpm nss-devel-3.28.4-4.el6_9.x86_64.rpm nss-pkcs11-devel-3.28.4-4.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-4.el6_9.x86_64.rpm i386 nss-3.28.4-4.el6_9.i686.rpm nss-debuginfo-3.28.4-4.el6_9.i686.rpm nss-sysinit-3.28.4-4.el6_9.i686.rpm nss-tools-3.28.4-4.el6_9.i686.rpm nss-devel-3.28.4-4.el6_9.i686.rpm nss-pkcs11-devel-3.28.4-4.el6_9.i686.rpm SL7 x86_64 nss-3.28.4-12.el7_4.i686.rpm nss-3.28.4-12.el7_4.x86_64.rpm nss-debuginfo-3.28.4-12.el7_4.i686.rpm nss-debuginfo-3.28.4-12.el7_4.x86_64.rpm nss-sysinit-3.28.4-12.el7_4.x86_64.rpm nss-tools-3.28.4-12.el7_4.x86_64.rpm nss-devel-3.28.4-12.el7_4.i686.rpm nss-devel-3.28.4-12.el7_4.x86_64.rpm nss-pkcs11-devel-3.28.4-12.el7_4.i686.rpm nss-pkcs11-devel-3.28.4-12.el7_4.x86_64.rpm - Scientific Linux Development Team . Important NSSsecurity patch for Scientific Linux addresses a critical use-after-free vulnerability that could lead to application failures.. nss library update, Scientific Linux security, use-after-free issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 29, 2017 Critical Scientific Linux
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicesecurity issue

Debian: DLA-946-1 Critical: NSS Library Denial Of Service

The NSS library is vulnerable to two security issues: CVE-2017-5461 . Package : nss Version : 2:3.26-1+debu7u3 CVE ID : CVE-2017-5461 CVE-2017-5462 Debian Bug : 862958 The NSS library is vulnerable to two security issues: CVE-2017-5461 Out-of-bounds write in Base64 encoding. This can trigger a crash (denial of service) and might be exploitable for code execution. CVE-2017-5462 A flaw in DRBG number generation where the internal state V does not correctly carry bits over. For Debian 7 "Wheezy", these problems have been fixed in version 2:3.26-1+debu7u3. We recommend that you upgrade your nss packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: https://www.freexian.com/lts/debian/ Learn to master Debian: https://debian-handbook.info/get/ . Update the nss library to address vulnerabilities described in CVE-2017-5461 and CVE-2017-5462 for Debian LTS systems.. NSS Security Update, Debian LTS, Out-of-bounds, Bug Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 19, 2017 Critical Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorybuffer overflowdebian

Debian: DSA-2801-1 Urgent: glibc Security Flaw Exploitation Risk

Andrew Tinits reported a potentially exploitable buffer overflow in the Mozilla Network Security Service library (nss). With a specially crafted request a remote attacker could cause a denial of service or possibly execute arbitrary code. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-2800-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Salvatore Bonaccorso November 25, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nss Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE ID : CVE-2013-5605 Andrew Tinits reported a potentially exploitable buffer overflow in the Mozilla Network Security Service library (nss). With a specially crafted request a remote attacker could cause a denial of service or possibly execute arbitrary code. For the oldstable distribution (squeeze), this problem has been fixed in version 3.12.8-1+squeeze7. For the stable distribution (wheezy), this problem has been fixed in version 2:3.14.5-1. For the testing distribution (jessie), this problem has been fixed in version 2:3.15.3-1. For the unstable distribution (sid), this problem has been fixed in version 2:3.15.3-1. We recommend that you upgrade your nss packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Security advisory for Debian highlights a vulnerability found in the nss library, which may lead to possible remote code execution exploits.. Debian Security,nss Update,Buffer Overflow Fix,Remote Code Execution,Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 25, 2013 Critical Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianremote attack

Debian Lenny DSA-2123-1 Critical: NSS Remote Risk Advisory

Several vulnerabilities have been discovered in Mozilla's Network Security Services (NSS) library. The Common Vulnerabilities and Exposures project identifies the following problems: . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2123-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Florian Weimer November 01, 2010 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : nss Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2010-3170 CVE-2010-3173 Several vulnerabilities have been discovered in Mozilla's Network Security Services (NSS) library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3170 NSS recognizes a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. CVE-2010-3173 NSS does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. For the stable distribution (lenny), these problems have been fixed in version 3.12.3.1-0lenny2. For the unstable distribution (sid) and the upcoming stable distribution (squeeze), these problems have been fixed in version 3.12.8-1. We recommend that you upgrade your NSS packages. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will installcorrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny - -------------------------------- Source archives: Size/MD5 checksum: 1394 908a5e77c32e84069883a3cfb836eb24 Size/MD5 checksum: 53696 3d064b2d08ccc6a8ae11e1771379f1c7 Size/MD5 checksum: 5320607 750839c9c018a0984fd94f7a9cc3dd7f alpha architecture (DEC Alpha) Size/MD5 checksum: 273438 6a97ce0db5683e1b87c2a3debd4f0a2f Size/MD5 checksum: 3049536 4eaec5fabcab56b1fe06c2d6e0fa8574 Size/MD5 checksum: 342354 6bb6d7334e986265f9a1f6f0d6778d98 Size/MD5 checksum: 1207870 d84910b4354cdb1796dd3d5787cdcee8 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 3101238 6350cb985ded4fbc6fb4c65127f586da Size/MD5 checksum: 320840 7cc70e973254a99a76834a7febbadc67 Size/MD5 checksum: 1071354 1fb1921a73e16bfd2a4dc6925bdb8a7e Size/MD5 checksum: 262634 799e5eb80cf076fe34c9643b8078bb43 arm architecture (ARM) Size/MD5 checksum: 254618 0d553164d3d303e096efbac3ab2dcabe Size/MD5 checksum: 309000 edc68fa74a8b939293ca23f7aa3a6efd Size/MD5 checksum: 1011704 9b9e1459b833922e31510cefab0594c0 Size/MD5 checksum: 2901632 4ad15a531cdf51ef146f3337148a71d2 armel architecture (ARM EABI) Size/MD5 checksum: 2924760 f06d340c4aa9f4044d5a00df6617e624 Size/MD5 checksum: 1017348 3f72c2cb4d1d39d0fed98acd9d4409c3 Size/MD5 checksum: 308638 f81fb9ba70eb3e5b8f3117dba5c18a6b Size/MD5 checksum: 258562 2b0b270a34ce0bfa9b8d7589782a820d hppa architecture (HP PA RISC) Size/MD5 checksum: 262180 5bb31fdc16b4883f42f3d9a8db31b478 Size/MD5 checksum: 347268 025014303d4e266c8b3e7260022624e7 Size/MD5 checksum: 2946180 aff9d6ce1e1fefe47443116d9791eee7 Size/MD5 checksum: 1169546 e439f85cb7d5755488283b48c25213bc i386 architecture (Intel ia32) Size/MD5 checksum: 303718 a9bdcd4d31a594c196f18b916adcf29c Size/MD5 checksum: 259032 77d7d235c8395b14c47033158ca99a12 Size/MD5 checksum: 2915646 fdf2b28a0b482e9b5310a69e303162a9 Size/MD5 checksum: 958778 233e968682a24b1f7b8259552d869cc9 ia64 architecture (Intel ia64) Size/MD5 checksum: 272290 c833704551b7330ff002c7a486fd6326 Size/MD5 checksum: 410084 393d05ececb2b56c3e9cf8667bee6e37 Size/MD5 checksum: 1489784 30b154c46b4d3609a54f86bd2c9608d4 Size/MD5 checksum: 2800250 411058093b4bcf9cc241c97283b706f4 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 1039604 93dce812de2605a1decf3a91cf1fdcb6 Size/MD5 checksum: 3050894 433d8ac69c75486c3f4ef1a8e8b571fc Size/MD5 checksum: 262606 24bc492fd4fb188222ce9eeb1ff0c768 Size/MD5 checksum: 319884 a9f8a2f8b13d1bbd64ca5be52fafcdec mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 1028620 5373a76615b1208a0bcf648e1ac4d74d Size/MD5 checksum: 317226 528869d14dd652a8ff77a8d0949060ed Size/MD5 checksum: 257912 d4f5d5704b0137797635350ee6dbd74d Size/MD5 checksum: 3001244 09ffd9355ea180446462c4762118c0ea powerpc architecture (PowerPC) Size/MD5 checksum: 2948604 3378206f900751ead42c264fb889ded9 Size/MD5 checksum: 333556 11a62eebda4b15f09bc9923c0256d4b5 Size/MD5 checksum: 1031552 66e7ef314e0003a4626be23fdf7843f6 Size/MD5 checksum: 259498 af3924c5043f456484598d76d6a0ca1f s390 architecture (IBM S/390) Size/MD5 checksum: 263080 0675ec6c2daf678d558f529eb59c45e9 Size/MD5 checksum: 346292 1e77acadf630955325ad21d802512b39 Size/MD5 checksum: 3021080 a59b06101c7d226f6ca526164f92c5c7 Size/MD5 checksum: 1178440 a383e9a1ba4a2a8e1d8662031f2b7b0f sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 2713414 9fb579cb2a9729a7daa00472e4886c94 Size/MD5 checksum: 257226 32f907739b4b8712832ab3370616a6af Size/MD5 checksum: 997232 2803a67dba4eff8dff851f89a5363592 Size/MD5 checksum: 317520 32e167507b034ffc02a5371f46c968ea These files will probably be movedinto the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------. vulnerabilities, mozilla's, network, security, services, (nss), library. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 01, 2010 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here