Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
203
security advisorysecurity issueremote accessMageia 9 Advisory MGASA-2025-0043: Critical DoS Risk in libtasn1
When an input DER data contains a large number of SEQUENCE OF or SET OF elements, decoding the data and searching a specific element in it take quadratic time to complete. This could be utilized for a remote DoS attack by presenting a crafted certificate to the network peer. . MGASA-2025-0043 - Updated libtasn1 packages fix security vulnerability Publication date: 08 Feb 2025 URL: https://advisories.mageia.org/MGASA-2025-0043.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-12133 When an input DER data contains a large number of SEQUENCE OF or SET OF elements, decoding the data and searching a specific element in it take quadratic time to complete. This could be utilized for a remote DoS attack by presenting a crafted certificate to the network peer. References: - https://bugs.mageia.org/show_bug.cgi?id=33993 - https://www.openwall.com/lists/oss-security/2025/02/06/6 - https://www.cve.org/CVERecord?id=CVE-2024-12133 SRPMS: - 9/core/libtasn1-4.20.0-1.mga9 . Mageia 2025-0044 advisory releases updates for libgcrypt addressing possible DoS vulnerability stemming from suboptimal data processing.. libtasn1 Security, Mageia Advisory 2025, DoS Vulnerability Fix, SEQUENCE OF Elements, Remote Attack Mitigation. . Severity: Critical. LinuxSecurity.com Team
Feb 08, 2025
•Critical
Mageia
89
security advisorymoderatefedoraFedora 33 Moderate Advisory: DPDK Fast Packet Processing Update
Updated OVS to 2.15 and DPDK to 20.11. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-fba11d37ee 2021-03-04 20:06:38.965117 --------------------------------------------------------------------------------Name : dpdk Product : Fedora 33 Version : 20.11 Release : 1.fc33 URL : https://www.dpdk.org/ Summary : Set of libraries and drivers for fast packet processing Description : The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. --------------------------------------------------------------------------------Update Information: Updated OVS to 2.15 and DPDK to 20.11 --------------------------------------------------------------------------------ChangeLog: * Thu Jan 21 2021 Timothy Redaelli - 2:20.11-1 - Update to 20.11 --------------------------------------------------------------------------------References: [ 1 ] Bug #1843590 - enable MLX5 poll mode driver https://bugzilla.redhat.com/show_bug.cgi?id=1843590 [ 2 ] Bug #1899303 - CVE-2015-8011 openvswitch: lldpd: buffer overflow in the lldp_decode function in daemon/protocols/lldp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1899303 [ 3 ] Bug #1902326 - dpdk-20.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1902326 [ 4 ] Bug #1921440 - CVE-2020-27827 openvswitch: lldp/openvswitch: denial of service via externally triggered memory leak [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1921440 [ 5 ] Bug #1927492 - CVE-2020-35498 openvswitch: limitation in the OVS packet parsing in userspace leads to DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1927492 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-fba11d37ee' at the command line. Formore information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 04, 2021
•Important
Fedora
89
security advisoryfedorainformation exposureFedora: 2018-2c965abb15 Critical: DPDK Data Exposure Issue
Update to latest 17.11 LTS (fixes bz 1571352). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-2c965abb15 2018-05-25 15:04:57.639208 --------------------------------------------------------------------------------Name : dpdk Product : Fedora 28 Version : 17.11.2 Release : 1.fc28 URL : https://www.dpdk.org/ Summary : Set of libraries and drivers for fast packet processing Description : The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. --------------------------------------------------------------------------------Update Information: Update to latest 17.11 LTS (fixes bz 1571352) --------------------------------------------------------------------------------ChangeLog: * Tue Apr 24 2018 Neil Horman - 2:17.11.2-1 - Update to latest 17.11 LTS (fixes bz 1571352) * Tue Apr 10 2018 Timothy Redaelli - 2:17.11.1-2 - Fix Requires dpdk by adding epoch (bz 1564215) * Mon Apr 9 2018 Neil Horman - 17.11.1-1 - sync rawhide updates (including LTS shift) with f28 (bz 1564215) * Thu Apr 5 2018 Neil Horman - 18.02-6 - Remove some debug checks (bz 1548404) * Thu Apr 5 2018 Neil Horman - 18.02-5 - Fix compiler flag error (bz 1548404) * Tue Mar 20 2018 Neil Horman - 18.02-4 - Update ldflags (bz 1548404) - bump release to keep it in line with rawhide --------------------------------------------------------------------------------References: [ 1 ] Bug #1571352 - CVE-2018-1059 dpdk: Information exposure in unchecked guest physical to host virtual address translations [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1571352 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-2c965abb15' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 25, 2018
•Critical
Fedora
89
security advisorymoderatefedoraFedora 20 FEDORA-2015-6517 Moderate: Ax25-Tools Crash Fix
This is an update fixing crash when processing ROSE packets.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-6517 2015-04-21 13:44:09 -------------------------------------------------------------------------------- Name : ax25-tools Product : Fedora 20 Version : 0.0.10 Release : 0.12.rc2.fc20 URL : Summary : Tools used to configure an ax.25 enabled computer Description : ax25-tools is a collection of tools that are used to configure an ax.25 enabled computer. They will configure interfaces and assign callsigns to ports as well as Net/ROM and ROSE configuration. This package only contains the command line programs; the GUI programs are contained in ax25-tools-x package. * m6pack - handle multiple 6pack TNCs on a single interface * ax25d - general purpose AX.25, NET/ROM and Rose daemon * axctl - configure/Kill running AX.25 connections * axparms - configure AX.25 interfaces * axspawn - allow automatic login to a Linux system * beacon - transmit periodic messages on an AX.25 port * bpqparms - configure BPQ ethernet devices * mheardd - display AX.25 calls recently heard * rxecho - transparently route AX.25 packets between ports * mheard - collect information about packet activity * dmascc_cfg - configure dmascc devices * sethdlc - get/set Linux HDLC packet radio modem driver port information * smmixer - get/set Linux soundcard packet radio modem driver mixer * kissattach - Attach a KISS or 6PACK interface * kissnetd - create a virtual network * kissparms - configure KISS TNCs * mkiss - attach multiple KISS interfaces * net2kiss - convert a network AX.25 driver to a KISS stream on a pty * netromd - send and receive NET/ROM routing messages * nodesave - saves NET/ROM routing information * nrattach - start a NET/ROM interface * nrparms - configure a NET/ROM interface * nrsdrv - KISS to NET/ROM serial converter * rsattach - start a ROSE interface * rsdwnlnk - user exit from the ROSEnetwork * rsmemsiz - monitor the ROSE subsystem * rsusers.sh - monitor AX.25, NET/ROM and ROSE users * rsparms - configure a ROSE interface * rsuplnk - User entry into the ROSE network * rip98d - RIP98 routing daemon * ttylinkd - TTYlink daemon for AX.25, NET/ROM, ROSE and IP * ax25_call - Make an AX.25 connection * netrom_call - Make a NET/ROM connection * rose_call - Make a ROSE connection * tcp_call - Make a TCP connection * yamcfg - configure a YAM interface -------------------------------------------------------------------------------- Update Information: This is an update fixing crash when processing ROSE packets. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 20 2015 Jaroslav Å karvada - 0.0.10-0.12.rc2 - Fixed crash when processing ROSE packets (by rose-fix patch) Resolves: rhbz#1210008 * Tue Apr 7 2015 Jaroslav Å karvada - 0.0.10-0.11.rc2 - Fixed netrom nrattach Resolves: rhbz#981833 - Fixed format string build error * Thu Feb 19 2015 Rex Dieter 0.0.10-0.10.rc2 - rebuild (fltk) * Fri Aug 15 2014 Fedora Release Engineering - 0.0.10-0.9.rc2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Fri Jun 20 2014 Yaakov Selkowitz - 0.0.10-0.8.rc2 - Fix FTBFS with automake-1.14 and -Werror=format-security (#1105990) - Cleanup spec * Sat Jun 7 2014 Fedora Release Engineering - 0.0.10-0.7.rc2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ax25-tools' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Apr 30, 2015
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!