Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE libyang Important Buffer Overflow Advisory 2026-2381-1

Calendar White Jun 12, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE HPLIP Severe Code Execution Denial of Service 2026-2380-1

Calendar White Jun 12, 2026
Critical
Suse Large Esm H900
SuSE

openSUSE HPLIP Critical Escalation DoS Advisory SUSE-2026-2380-1

Calendar White Jun 12, 2026
Critical
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.2 python-Pygments Low Denial of Service CVE-2026-4539

Calendar White Jun 12, 2026
Low
Ubuntu Large Esm H900
Ubuntu

Ubuntu 16.04 LTS GStreamer Base Plugins Critical DoS CVE-2026-2921

Calendar White Jun 12, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 12 Linux Base Update Brings Important Security Fix DLA-4628-1

Calendar White Jun 12, 2026
Informational
Debianlts Large Esm H800
Debian LTS

Debian 12 Kernel-Wedge Update for Linux 6.12 DLA-4627-1

Calendar White Jun 12, 2026
Informational
Opensuse Large Esm H900
openSUSE

openSUSE NetworkManager-libreswan Important Security Update CVE-2024-9050

Calendar White Jun 12, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Rclone Critical Security Update CVE-2026-25680 CVE-2026-25681

Calendar White Jun 12, 2026
Critical
Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":556,"type":"x","order":1,"pct":78.75,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.25,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.82,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.18,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag%201security advisorymoderateSuSE

SUSE Linux 12 SP5 Moderate Xen Buffer Overrun 2026-0328-1

An update that solves three vulnerabilities can now be installed.. # Security update for xen Announcement ID: SUSE-SU-2026:0328-1 Release Date: 2026-01-28T15:39:28Z Rating: moderate References: * bsc#1252692 * bsc#1256745 * bsc#1256747 Cross-References: * CVE-2025-58149 * CVE-2025-58150 * CVE-2026-23553 CVSS scores: * CVE-2025-58149 ( SUSE ): 4.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-58149 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-58149 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-58150 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-58150 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-58150 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-23553 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23553 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-23553 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: Security fixes: * CVE-2025-58150: Fixed buffer overrun with shadow paging and tracing (XSA-477) (bsc#1256745) * CVE-2026-23553: Fixed incomplete IBPB for vCPU isolation (XSA-479) (bsc#1256747) * CVE-2025-58149: Fixed incorrect removal od permissions on PCI device unplug allow PV guests to access memory of devices no longer assigned to it (XSA-476) (bsc#1252692) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methodslike YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-328=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * xen-devel-4.12.4_64-3.137.1 * xen-libs-debuginfo-4.12.4_64-3.137.1 * xen-tools-domU-4.12.4_64-3.137.1 * xen-libs-debuginfo-32bit-4.12.4_64-3.137.1 * xen-4.12.4_64-3.137.1 * xen-libs-32bit-4.12.4_64-3.137.1 * xen-libs-4.12.4_64-3.137.1 * xen-debugsource-4.12.4_64-3.137.1 * xen-tools-4.12.4_64-3.137.1 * xen-tools-domU-debuginfo-4.12.4_64-3.137.1 * xen-tools-debuginfo-4.12.4_64-3.137.1 * xen-doc-html-4.12.4_64-3.137.1 ## References: * https://www.suse.com/security/cve/CVE-2025-58149.html * https://www.suse.com/security/cve/CVE-2025-58150.html * https://www.suse.com/security/cve/CVE-2026-23553.html * https://bugzilla.suse.com/show_bug.cgi?id=1252692 * https://bugzilla.suse.com/show_bug.cgi?id=1256745 * https://bugzilla.suse.com/show_bug.cgi?id=1256747 . SUSE security update addresses three issues in Xen, with moderate severity including buffer overrun and vCPU isolation.. SUSE Xen Security Update 2026 Moderate Buffer Overrun. . LinuxSecurity.com Team

Calendar%202 Jan 28, 2026 SuSE
89
Ls Advisories Fedora Esm H240
Price Tag%201security advisorymoderatefedora

Fedora 42: Moderate Permissions and Input Sanitization Flaws in Xen

Incorrect removal of permissions on PCI device unplug [XSA-476, CVE-2025-58149] x86: Incorrect input sanitisation in Viridian hypercalls [XSA-475, CVE-2025-58147, CVE-2025-58148]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-ec271ef07b 2025-11-09 03:17:35.195054+00:00 -------------------------------------------------------------------------------- Name : xen Product : Fedora 42 Version : 4.19.3 Release : 8.fc42 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: Incorrect removal of permissions on PCI device unplug [XSA-476, CVE-2025-58149] x86: Incorrect input sanitisation in Viridian hypercalls [XSA-475, CVE-2025-58147, CVE-2025-58148] -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 24 2025 Michael Young - 4.19.3-8 - Incorrect removal of permissions on PCI device unplug [XSA-476, CVE-2025-58149] * Tue Oct 21 2025 Michael Young - 4.19.3-6 - x86: Incorrect input sanitisation in Viridian hypercalls [XSA-475, CVE-2025-58147, CVE-2025-58148] -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ec271ef07b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Identify permissions issues and input sanitisation vulnerabilities in Fedora 42's Xen package with this advisory.. Fedora 42, Xen, PCI device, hypervisor, input sanitisation. . LinuxSecurity.com Team

Calendar%202 Nov 09, 2025 Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag%201security advisoryfedoracritical

Fedora 41: xen Critical XSA-476, XSA-475 Input Sanitisation Risks

Incorrect removal of permissions on PCI device unplug [XSA-476, CVE-2025-58149] x86: Incorrect input sanitisation in Viridian hypercalls [XSA-475, CVE-2025-58147, CVE-2025-58148]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-48dc1c8c79 2025-11-07 02:35:35.301730+00:00 -------------------------------------------------------------------------------- Name : xen Product : Fedora 41 Version : 4.19.3 Release : 7.fc41 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor -------------------------------------------------------------------------------- Update Information: Incorrect removal of permissions on PCI device unplug [XSA-476, CVE-2025-58149] x86: Incorrect input sanitisation in Viridian hypercalls [XSA-475, CVE-2025-58147, CVE-2025-58148] -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 24 2025 Michael Young - 4.19.3-7 - Incorrect removal of permissions on PCI device unplug [XSA-476, CVE-2025-58149] * Tue Oct 21 2025 Michael Young - 4.19.3-5 - x86: Incorrect input sanitisation in Viridian hypercalls [XSA-475, CVE-2025-58147, CVE-2025-58148] -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-48dc1c8c79' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 41's critical xen advisory details input sanitisation issues and permission failures on devices. Immediate actions advised.. Fedora 41,xen,input sanitisation,security advisory,critical issues. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Nov 07, 2025 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag%201security advisoryfedoracritical

Fedora 35: 2021-829f5f2f43 Critical: PCI Device RMRR Deassignment Issue

PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702]. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-829f5f2f43 2021-10-29 22:48:33.390176 --------------------------------------------------------------------------------Name : xen Product : Fedora 35 Version : 4.15.1 Release : 2.fc35 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702] --------------------------------------------------------------------------------ChangeLog: --------------------------------------------------------------------------------References: [ 1 ] Bug #2011247 - CVE-2021-28702 xen: administrators of guests which have been assigned RMRR-using PCI devices can cause DoS https://bugzilla.redhat.com/show_bug.cgi?id=2011247 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-829f5f2f43' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . PCI devices with RMRRs face improper deallocation in Fedora 35's xen upgrade, enabling potential Denial of Service vulnerabilities.. Fedora 35 Update, PCI Devices Issue, Xen Security Advisory, DoS Attack Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Oct 29, 2021 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag%201security advisorysecurity issuefedora

Fedora 33: 2021-0b7a484688 Critical: PCI Device Deassignment DoS

PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702] (#2011248). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-0b7a484688 2021-10-15 18:53:33.324102 --------------------------------------------------------------------------------Name : xen Product : Fedora 33 Version : 4.14.3 Release : 2.fc33 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702] (#2011248) --------------------------------------------------------------------------------ChangeLog: * Wed Oct 6 2021 Michael Young - 4.14.3-2 - PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702] (#2011248) --------------------------------------------------------------------------------References: [ 1 ] Bug #2011247 - CVE-2021-28702 xen: administrators of guests which have been assigned RMRR-using PCI devices can cause DoS https://bugzilla.redhat.com/show_bug.cgi?id=2011247 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-0b7a484688' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Critical Fedora upgrade addresses PCI device reassignment problems impacting virtual machines, improving overall system reliability.. Fedora Update,Pci Devices,Xen Hypervisor,Security Patch,Xsa-386. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Oct 15, 2021 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":556,"type":"x","order":1,"pct":78.75,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.25,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.82,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.18,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here