Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Calendar White Jun 10, 2026
Critical
Ubuntu Large Esm H900
Ubuntu

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Calendar White Jun 10, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoramanagement tool

Fedora 33: FEDORA-2020-64859a826b Critical: Xen Permissions Issues

xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) Xenstore: guests can disturb domain cleanup. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-64859a826b 2020-12-25 01:21:55.445209 --------------------------------------------------------------------------------Name : xen Product : Fedora 33 Version : 4.14.0 Release : 14.fc33 URL : https://xenproject.org/ Summary : Xen is a virtual machine monitor Description : This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor --------------------------------------------------------------------------------Update Information: xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483] (#1908087) oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485] (#1908000) undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566] (#1908085) oxenstored: node ownership can be changed by unprivileged clients [XSA-352, CVE-2020-29486] (#1908003) oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479] (#1908002) infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567] (#1907932) FIFO event channels control block related ordering [XSA-358, CVE-2020-29570] (#1907931) FIFO event channels controlstructure ordering [XSA-359, CVE-2020-29571] (#1908089) --------------------------------------------------------------------------------ChangeLog: * Tue Dec 15 2020 Michael Young - 4.14.0-14 - xenstore watch notifications lacking permission checks [XSA-115, CVE-2020-29480] (#1908091) - Xenstore: new domains inheriting existing node permissions [XSA-322, CVE-2020-29481] (#1908095) - Xenstore: wrong path length check [XSA-323, CVE-2020-29482] (#1908096) - Xenstore: guests can crash xenstored via watchs [XSA-324, CVE-2020-29484] (#1908088) - Xenstore: guests can disturb domain cleanup [XSA-325, CVE-2020-29483] (#1905648) - oxenstored memory leak in reset_watches [XSA-330, CVE-2020-29485] (#1908000) - undue recursion in x86 HVM context switch code [XSA-348, CVE-2020-29566] (#1908085) - oxenstored: node ownership can be changed by unprivileged clients [XSA-352, CVE-2020-29486] (#1908003) - oxenstored: permissions not checked on root node [XSA-353, CVE-2020-29479] (#1908003) - infinite loop when cleaning up IRQ vectors [XSA-356, CVE-2020-29567] (#1907932) - FIFO event channels control block related ordering [XSA-358, CVE-2020-29570] (#1907931) - FIFO event channels control structure ordering [XSA-359, CVE-2020-29571] (#1908089) * Sat Dec 5 2020 Jeff Law - 4.14.0-13 - Work around another gcc-11 stringop-overflow diagnostic --------------------------------------------------------------------------------References: [ 1 ] Bug #1905623 - CVE-2020-29485 xen: oxenstored memory leak in reset_watches (XSA-330) https://bugzilla.redhat.com/show_bug.cgi?id=1905623 [ 2 ] Bug #1905626 - CVE-2020-29482 xen: Xenstore: wrong path length check (XSA-323) https://bugzilla.redhat.com/show_bug.cgi?id=1905626 [ 3 ] Bug #1905632 - CVE-2020-29481 xen: Xenstore: new domains inheriting existing node permissions (XSA-322) https://bugzilla.redhat.com/show_bug.cgi?id=1905632 [ 4 ] Bug #1905635 - CVE-2020-29484 xen: Xenstore: guests can crash xenstored viawatchs (XSA-324) https://bugzilla.redhat.com/show_bug.cgi?id=1905635 [ 5 ] Bug #1905648 - CVE-2020-29483 xen: Xenstore: guests can disturb domain cleanup (XSA-325) https://bugzilla.redhat.com/show_bug.cgi?id=1905648 [ 6 ] Bug #1905652 - CVE-2020-29486 xen: oxenstored: node ownership can be changed by unprivileged clients (XSA-352) https://bugzilla.redhat.com/show_bug.cgi?id=1905652 [ 7 ] Bug #1905656 - CVE-2020-29567 xen: infinite loop when cleaning up IRQ vectors (XSA-356) https://bugzilla.redhat.com/show_bug.cgi?id=1905656 [ 8 ] Bug #1905668 - CVE-2020-29479 xen: oxenstored: permissions not checked on root node (XSA-353) https://bugzilla.redhat.com/show_bug.cgi?id=1905668 [ 9 ] Bug #1905669 - CVE-2020-29566 xen: undue recursion in x86 HVM context switch code (XSA-348) https://bugzilla.redhat.com/show_bug.cgi?id=1905669 [ 10 ] Bug #1905672 - CVE-2020-29480 xen: xenstore watch notifications lacking permission checks (XSA-115) https://bugzilla.redhat.com/show_bug.cgi?id=1905672 [ 11 ] Bug #1905675 - CVE-2020-29570 xen: FIFO event channels control block related ordering (XSA-358) https://bugzilla.redhat.com/show_bug.cgi?id=1905675 [ 12 ] Bug #1905676 - CVE-2020-29571 xen: FIFO event channels control structure ordering https://bugzilla.redhat.com/show_bug.cgi?id=1905676 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-64859a826b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Important Fedora 33 patch for Xen addresses significant security vulnerabilities regarding access permissions and additional aspects for virtualization platforms.. Xen Security,Fedora Xen Update,Virtual Machine Monitor,Crash Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 24, 2020 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoraupdate notification

Fedora 25: perl-File-Path Update Resolves Permissions Threat

This release fixes a possible setting arbitrary mode on an arbitrary file in rmtree() and remove_tree() calls known as CVE-2017-6512.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-dd42592f9a 2017-06-16 13:14:53.496621 --------------------------------------------------------------------------------Name : perl-File-Path Product : Fedora 25 Version : 2.12 Release : 366.fc25 URL : https://metacpan.org/dist/File-Path Summary : Create or remove directory trees Description : This module provides a convenient way to create directories of arbitrary depth and to delete an entire directory subtree from the file system. --------------------------------------------------------------------------------Update Information: This release fixes a possible setting arbitrary mode on an arbitrary file in rmtree() and remove_tree() calls known as CVE-2017-6512. --------------------------------------------------------------------------------References: [ 1 ] Bug #1457832 - CVE-2017-6512 perl-File-Path: rmtree/remove_tree race condition https://bugzilla.redhat.com/show_bug.cgi?id=1457832 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade perl-File-Path' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora Update Notification FEDORA-2017-dd42592f9a 2017-06-16 13:14:53.496621 Name:perl-File-Path Pr. arbitrary, release, fixes, possible, setting, rmtree(), remove_tre. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 16, 2017 Important Fedora
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here