Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorydenial of servicearbitrary code execution

Arch Linux: 202210-3 Critical Advisory On Linux-LTS Multiple Issues

The package linux-lts before version 5.15.73-3 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service. . Arch Linux Security Advisory ASA-202210-3 ======================================== Severity: Critical Date : 2022-10-14 CVE-ID : CVE-2022-41674 CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722 Package : linux-lts Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2802 Summary ====== The package linux-lts before version 5.15.73-3 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service. Resolution ========= Upgrade to 5.15.73-3. # pacman -Syu "linux-lts> =5.15.73-3" The problems have been fixed upstream in version 5.15.73. Workaround ========= None. Description ========== - CVE-2022-41674 (information disclosure) A buffer overflow flaw was found in the u8 overflow in cfg80211_update_notlisted_nontrans() in net/wireless/scan.c in the Linux kernel’s wifi subcomponent. This flaw allows a remote attacker to inject WLAN frames to crash the system or leak internal kernel information. - CVE-2022-42719 (arbitrary code execution) A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.14 could be used by remote attackers who are able to inject WLAN frames to crash the kernel and potentially execute code. - CVE-2022-42720 (arbitrary code execution) Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by remote attackers who are able to inject WLAN frames to trigger use-after-free conditions to potentially execute code. - CVE-2022-42721 (arbitrary code execution) A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by remote attackers who are able to inject WLAN frames to corrupt a linkedlist and, in turn, potentially execute code. - CVE-2022-42722 (denial of service) In the Linux kernel 5.8 through 5.19.14, remote attackers are able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. Impact ===== A remote attacker is able to inject WLAN frames to crash the system or execute arbitrary code on the affected host. References ========= https://www.openwall.com/lists/oss-security/2022/10/13/2 https://lore.kernel.org/netdev/This email address is being protected from spambots. You need JavaScript enabled to view it./T/#u https://www.openwall.com/lists/oss-security/2022/10/13/5 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=aebe9f4639b13a1f4e9a6b42cdd2e38c617b442d https://bugzilla.suse.com/show_bug.cgi?id=1203770 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff05d4b45dd89b922578dac497dcabf57cf771c6 https://bugzilla.suse.com/show_bug.cgi?id=1204051 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b7808818cb9df6680f98996b8e9a439fa7bcc2f https://bugzilla.suse.com/show_bug.cgi?id=1204059 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bcca852027e5878aec911a347407ecc88d6fff7f https://bugzilla.suse.com/show_bug.cgi?id=1204060 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b2d03cabe2b2e150ff5a381731ea0355459be09f https://bugzilla.suse.com/show_bug.cgi?id=1204125 https://security.archlinux.org/CVE-2022-41674 https://security.archlinux.org/CVE-2022-42719 https://security.archlinux.org/CVE-2022-42720 https://security.archlinux.org/CVE-2022-42721 https://security.archlinux.org/CVE-2022-42722 . Critical vulnerabilities in Arch Linux's linux-lts package can lead to unauthorized access and code execution. Immediate updates are essential for protection. Arch Linux Security, Linux LTS Critical Threat, Package Issues, Arbitrary Code Execution, Security Advisory. .Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 14, 2022 Critical ArchLinux
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorymedium severityDoS

Arch Linux: 202106-42 Medium Severity: Go Package Issues

The package go before version 2:1.16.5-1 is vulnerable to multiple issues including insufficient validation, url request injection and denial of service. . Arch Linux Security Advisory ASA-202106-42 ========================================= Severity: Medium Date : 2021-06-15 CVE-ID : CVE-2021-33195 CVE-2021-33196 CVE-2021-33197 CVE-2021-33198 Package : go Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2006 Summary ====== The package go before version 2:1.16.5-1 is vulnerable to multiple issues including insufficient validation, url request injection and denial of service. Resolution ========= Upgrade to 2:1.16.5-1. # pacman -Syu "go> =2:1.16.5-1" The problems have been fixed upstream in version 1.16.5. Workaround ========= None. Description ========== - CVE-2021-33195 (insufficient validation) A security issue has been found in Go before version 1.16.5. The LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in net, and their respective methods on the Resolver type may return arbitrary values retrieved from DNS which do not follow the established RFC 1035 rules for domain names. If these names are used without further sanitization, for instance unsafely included in HTML, they may allow for injection of unexpected content. Note that LookupTXT may still return arbitrary values that could require sanitization before further use. - CVE-2021-33196 (denial of service) A security issue has been found in Go before version 1.16.5. Due to a pre-allocation optimization in zip.NewReader, a malformed archive which indicates it has a significant number of files can cause either a panic or memory exhaustion. - CVE-2021-33197 (url request injection) A security issue has been found in Go before version 1.16.5. ReverseProxy in net/http/httputil could be made to forward certain hop- by-hop headers, including Connection. In case the target of the ReverseProxy was itself a reverse proxy, this would let an attacker drop arbitrary headers, including those set bythe ReverseProxy.Director. - CVE-2021-33198 (denial of service) A security issue has been found in Go before version 1.16.5. The SetString and UnmarshalText methods of math/big.Rat may cause a panic or an unrecoverable fatal error if passed inputs with very large exponents. Impact ===== An attacker could crash an application with crafted input, inject malicious and unexpected content or drop HTTP headers by posing as a reverse proxy. References ========= https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI/m/r_EP-NlKBgAJ https://github.com/golang/go/issues/46241 https://github.com/golang/go/commit/df6a737cc899507d3090e995abd1e1ed1a30cee3 https://github.com/golang/go/issues/46242 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33912 https://github.com/golang/go/commit/895fb1bb6fc0d3c01c5ef7c8cbaf033d1fff9ad7 https://github.com/golang/go/issues/46313 https://github.com/golang/go/commit/0410005dc458f23fb15f64354f9a24ca8f2fe044 https://github.com/golang/go/issues/45910 https://github.com/golang/go/commit/9210eaf7dc704612a6eda97c482012f779fd833b https://security.archlinux.org/CVE-2021-33195 https://security.archlinux.org/CVE-2021-33196 https://security.archlinux.org/CVE-2021-33197 https://security.archlinux.org/CVE-2021-33198 . Several vulnerabilities detected in Go library prior to release 2:1.16.5-1. Prompt update suggested to reduce potential threats.. Go Package Security, Arch Linux Advisory, Injection Issues, Security Flaws. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Jun 18, 2021 Medium ArchLinux
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here