Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 6 articles for you...
172
security advisorycriticalremote accessUbuntu 26.04 LTS Sed Critical Overwrite Risk USN-8229-1 CVE-2026-5958
sed could be made to overwrite files.. ========================================================================== Ubuntu Security Notice USN-8229-1 May 04, 2026 sed vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: sed could be made to overwrite files. Software Description: - sed: GNU stream editor for filtering/transforming text Details: Micha\u0142 Majchrowicz and Marcin Wyczechowski discovered that sed incorrectly handled symbolic links when performing in-place edits. A local attacker could possibly use this issue to overwrite arbitrary files. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS sed 4.9-2ubuntu1 Ubuntu 25.10 sed 4.9-2ubuntu0.25.10.1 Ubuntu 24.04 LTS sed 4.9-2ubuntu0.24.04.1 Ubuntu 22.04 LTS sed 4.8-1ubuntu2.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8229-1 CVE-2026-5958 Package Information: https://launchpad.net/ubuntu/+source/sed/4.9-2ubuntu1 https://launchpad.net/ubuntu/+source/sed/4.9-2ubuntu0.25.10.1 https://launchpad.net/ubuntu/+source/sed/4.9-2ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/sed/4.8-1ubuntu2.1 . A critical issue with sed in Ubuntu could allow local users to overwrite files, requiring immediate updates.. sed software issue, Ubuntu security advisory, file overwrite risk. . Severity: Critical. LinuxSecurity.com Team
May 04, 2026
•Critical
Ubuntu
100
security advisorySuSEremote accessSUSE Linux Micro 6.1 Podman Important Issue Fixed CVE-2025-9566
* bsc#1249154 Cross-References: * CVE-2025-9566 . # Security update for podman Announcement ID: SUSE-SU-2025:20899-1 Release Date: 2025-10-24T12:38:16Z Rating: important References: * bsc#1249154 Cross-References: * CVE-2025-9566 CVSS scores: * CVE-2025-9566 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-9566 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-9566 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-9566: Fixed kube play command overwriting host files (bsc#1249154) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-319=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * podman-remote-5.4.2-slfo.1.1_2.1 * podman-debuginfo-5.4.2-slfo.1.1_2.1 * podmansh-5.4.2-slfo.1.1_2.1 * podman-remote-debuginfo-5.4.2-slfo.1.1_2.1 * podman-5.4.2-slfo.1.1_2.1 * SUSE Linux Micro 6.1 (noarch) * podman-docker-5.4.2-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9566.html * https://bugzilla.suse.com/show_bug.cgi?id=1249154 . Patch available for SUSE Linux Micro 6.1 addresses important Podman issue. Update fixes file overwriting risk.. SUSE Patch Podman Security Update Vulnerability. . Severity: Important. LinuxSecurity.com Team
Oct 30, 2025
•Important
SuSE
100
security advisorySuSEimportantSUSE: Podman Critical Command Overwrite Vulnerability CVE-2025-9566
* bsc#1249154 Cross-References: * CVE-2025-9566 . # Security update for podman Announcement ID: SUSE-SU-2025:03584-1 Release Date: 2025-10-13T06:59:34Z Rating: important References: * bsc#1249154 Cross-References: * CVE-2025-9566 CVSS scores: * CVE-2025-9566 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-9566 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-9566 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-9566: fixed an issue in kube play command that could cause overwriting host files (bsc#1249154) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-3584=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-3584=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-3584=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-3584=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-3584=1 * SUSE Linux Enterprise High PerformanceComputing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3584=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3584=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3584=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3584=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * podman-remote-debuginfo-4.9.5-150400.4.53.1 * podman-debuginfo-4.9.5-150400.4.53.1 * podmansh-4.9.5-150400.4.53.1 * podman-remote-4.9.5-150400.4.53.1 * podman-4.9.5-150400.4.53.1 * openSUSE Leap 15.4 (noarch) * podman-docker-4.9.5-150400.4.53.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.53.1 * podman-remote-debuginfo-4.9.5-150400.4.53.1 * podman-remote-4.9.5-150400.4.53.1 * podman-4.9.5-150400.4.53.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.53.1 * podman-remote-debuginfo-4.9.5-150400.4.53.1 * podman-remote-4.9.5-150400.4.53.1 * podman-4.9.5-150400.4.53.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.53.1 * podman-remote-debuginfo-4.9.5-150400.4.53.1 * podman-remote-4.9.5-150400.4.53.1 * podman-4.9.5-150400.4.53.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.53.1 * podman-remote-debuginfo-4.9.5-150400.4.53.1 * podman-remote-4.9.5-150400.4.53.1 * podman-4.9.5-150400.4.53.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.53.1 * podman-remote-debuginfo-4.9.5-150400.4.53.1 * podman-remote-4.9.5-150400.4.53.1 * podman-4.9.5-150400.4.53.1 * SUSE Linux Enterprise HighPerformance Computing ESPOS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.53.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.53.1 * podman-remote-debuginfo-4.9.5-150400.4.53.1 * podman-remote-4.9.5-150400.4.53.1 * podman-4.9.5-150400.4.53.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.53.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.9.5-150400.4.53.1 * podman-remote-debuginfo-4.9.5-150400.4.53.1 * podman-remote-4.9.5-150400.4.53.1 * podman-4.9.5-150400.4.53.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * podman-docker-4.9.5-150400.4.53.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * podman-debuginfo-4.9.5-150400.4.53.1 * podman-remote-debuginfo-4.9.5-150400.4.53.1 * podman-remote-4.9.5-150400.4.53.1 * podman-4.9.5-150400.4.53.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.53.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9566.html * https://bugzilla.suse.com/show_bug.cgi?id=1249154 . Podman security advisory for SUSE details fixes for significant issues impacting system integrity and command execution.. podman security update, SUSE advisory, important security fix. . Severity: Important. LinuxSecurity.com Team
Oct 13, 2025
•Important
SuSE
100
security advisoryimportantoverwriteSUSE: Podman Important Overwrite Issue Fix CVE-2025-9566 2025:03534-1
* bsc#1249154 Cross-References: * CVE-2025-9566 . # Security update for podman Announcement ID: SUSE-SU-2025:03534-1 Release Date: 2025-10-10T15:14:56Z Rating: important References: * bsc#1249154 Cross-References: * CVE-2025-9566 CVSS scores: * CVE-2025-9566 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-9566 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2025-9566 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2025-9566: fixed an issue where kube play command could cause host files to get overwritten (bsc#1249154) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3534=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3534=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-3534=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-3534=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3534=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3534=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-3534=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3534=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * podman-4.9.5-150300.9.55.1 * podman-remote-4.9.5-150300.9.55.1 * podman-remote-debuginfo-4.9.5-150300.9.55.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * podman-4.9.5-150300.9.55.1 * podman-remote-4.9.5-150300.9.55.1 * podman-remote-debuginfo-4.9.5-150300.9.55.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * podman-4.9.5-150300.9.55.1 * podman-debuginfo-4.9.5-150300.9.55.1 * podman-remote-4.9.5-150300.9.55.1 * podman-remote-debuginfo-4.9.5-150300.9.55.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * podman-4.9.5-150300.9.55.1 * podman-remote-4.9.5-150300.9.55.1 * podman-remote-debuginfo-4.9.5-150300.9.55.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * podman-4.9.5-150300.9.55.1 * podman-debuginfo-4.9.5-150300.9.55.1 * podman-remote-4.9.5-150300.9.55.1 * podman-remote-debuginfo-4.9.5-150300.9.55.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * podman-4.9.5-150300.9.55.1 * podman-debuginfo-4.9.5-150300.9.55.1 * podman-remote-4.9.5-150300.9.55.1 * podman-remote-debuginfo-4.9.5-150300.9.55.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * podman-4.9.5-150300.9.55.1 * podman-remote-debuginfo-4.9.5-150300.9.55.1 * podman-remote-4.9.5-150300.9.55.1 * podman-debuginfo-4.9.5-150300.9.55.1 * podmansh-4.9.5-150300.9.55.1 * openSUSE Leap 15.3 (noarch) * podman-docker-4.9.5-150300.9.55.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * podman-4.9.5-150300.9.55.1 * podman-remote-4.9.5-150300.9.55.1 *podman-remote-debuginfo-4.9.5-150300.9.55.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9566.html * https://bugzilla.suse.com/show_bug.cgi?id=1249154 . SUSE warns of an important security update for Podman addressing a potential overwrite issue affecting multiple distributions.. SUSE Podman Security Update, Important Ubuntu Patch, CVE-2025-9566 Fix, SUSE Security Advisory. . Severity: Important. LinuxSecurity.com Team
Oct 10, 2025
•Important
SuSE
197
security advisorymoderatedebianDebian 10 DLA-3643-1 Moderate Pmix Arbitrary File Overwrite
It was discovered that there was an arbitrary file overwrite vulnerability in pmix, a library used in parallel/cluster computing. Attackers could have obtained ownership of arbitrary files via a . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3643-1
Oct 31, 2023
Debian LTS
172
security advisoryUbuntuoverwriteUbuntu 18.04 LTS: USN-4139-1 Critical: File Roller Overwrite Risk
File Roller could be made to overwrite sensitive files if it received a specially crafted TAR file.. =========================================================================Ubuntu Security Notice USN-4139-1 September 25, 2019 file-roller vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: File Roller could be made to overwrite sensitive files if it received a specially crafted TAR file. Software Description: - file-roller: archive manager for GNOME Details: It was discovered that File Roller incorrectly handled certain TAR files. An attacker could possibly use this issue to overwrite sensitive files during extraction. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: file-roller 3.28.0-1ubuntu1.1 Ubuntu 16.04 LTS: file-roller 3.16.5-0ubuntu1.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4139-1 CVE-2019-16680 Package Information: https://launchpad.net/ubuntu/+source/file-roller/3.28.0-1ubuntu1.1 https://launchpad.net/ubuntu/+source/file-roller/3.16.5-0ubuntu1.3 . Ubuntu Security Advisory USN-4139-1 highlights a vulnerability in file roller that may lead to unauthorized file replacements of crucial content via TAR archives.. Ubuntu Security, File Roller Issue, Sensitive Files, Archive Manager. . Severity: Critical. LinuxSecurity.com Team
Sep 25, 2019
•Critical
Ubuntu
202
security advisorymoderatesecurity issueopenSUSE: 2019:1718-1 Moderate: Libqb Local Overwrite Issue
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for libqb ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1718-1 Rating: moderate References: #1137835 Cross-References: CVE-2019-12779 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libqb fixes the following issues: Security issue fixed: - CVE-2019-12779: Fixed an issue where a local attacker could overwrite privileged system files (bsc#1137835). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1718=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): libqb-debugsource-1.0.3+20171226.6d62b64-lp150.2.3.1 libqb-devel-1.0.3+20171226.6d62b64-lp150.2.3.1 libqb0-1.0.3+20171226.6d62b64-lp150.2.3.1 libqb0-debuginfo-1.0.3+20171226.6d62b64-lp150.2.3.1 - openSUSE Leap 15.0 (x86_64): libqb-devel-32bit-1.0.3+20171226.6d62b64-lp150.2.3.1 libqb0-32bit-1.0.3+20171226.6d62b64-lp150.2.3.1 libqb0-32bit-debuginfo-1.0.3+20171226.6d62b64-lp150.2.3.1 References: https://www.suse.com/security/cve/CVE-2019-12779.html https://bugzilla.suse.com/1137835 -- . This enhancement for libqb in openSUSE addresses a local file overwrite vulnerability and is classified with moderate severity.. openSUSE Security Update, libqb Fixes, Vulnerability Handling, Open Source Security. . LinuxSecurity.com Team
Jul 19, 2019
OpenSUSE
172
security advisoryaccess controlhighUbuntu 18.04 LTS: USN-3833-1 High: Linux Kernel Access Control Issues
Several security issues were fixed in the Linux kernel.. =========================================================================Ubuntu Security Notice USN-3833-1 November 30, 2018 linux-aws vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-aws: Linux kernel for Amazon Web Services (AWS) systems Details: Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955) Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: linux-image-4.15.0-1029-aws 4.15.0-1029.30 linux-image-aws 4.15.0.1029.29 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-3833-1 CVE-2018-18955, CVE-2018-6559 Package Information: https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1029.30 . Numerous security flaws in the Ubuntu 18.04 LTSLinux kernel for AWS have been addressed. Users are urged to apply updates to improve system safety.. Ubuntu 18.04 LTS, Linux Kernel AWS, Security Issues, Access Control, Kernel Update. . LinuxSecurity.com Team
Nov 30, 2018
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!