Alerts This Week
Warning Icon 1 562
Alerts This Week
Warning Icon 1 562

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 21 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceUbuntu

Ubuntu 25.10 Pillow Severely Affected by DoS Resource Crash Flaw USN-8211-1

Pillow could be made to crash if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-8211-1 April 27, 2026 pillow vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 Summary: Pillow could be made to crash if it opened a specially crafted file. Software Description: - pillow: Python Imaging Library Details: It was discovered that Pillow incorrectly handled certain FITS images. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 python3-pil 11.3.0-1ubuntu1.2 python3-pil.imagetk 11.3.0-1ubuntu1.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8211-1 CVE-2026-40192 Package Information: https://launchpad.net/ubuntu/+source/pillow/11.3.0-1ubuntu1.2 . Pillow crash risk on Ubuntu 25.10 addresses crucial update for denial of service vulnerability.. Ubuntu security,Pillow update,denial of service,security patch,resource crash. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 27, 2026 Important Ubuntu
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian Trixie pillow Important DoS Risk DSA-6219-1 CVE-2026-40192

It was discovered that missing input sanitising in the FITS support of Pillow, a Python imaging library, could result in denial of service. The oldstable distribution (bookworm) is not affected. For the stable distribution (trixie), this problem has been fixed in version 11.1.0-5+deb13u2.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6219-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff April 19, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : pillow CVE ID : CVE-2026-40192 It was discovered that missing input sanitising in the FITS support of Pillow, a Python imaging library, could result in denial of service. The oldstable distribution (bookworm) is not affected. For the stable distribution (trixie), this problem has been fixed in version 11.1.0-5+deb13u2. We recommend that you upgrade your pillow packages. For the detailed security status of pillow please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pillow Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Pillow library faces Denial of Service risk due to input sanitizing issue. Update recommended for stable distribution.. pillow library, debian security, input sanitizing, denial of service, security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 19, 2026 Important Debian
Banner 3 1028x280 1708121785 1771599793
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceUbuntu

Ubuntu 25.10 Pillow Important Denial of Service USN-8047-1 CVE-2026-25990

Pillow could be made to crash or run programs if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-8047-1 February 17, 2026 pillow vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 Summary: Pillow could be made to crash or run programs if it opened a specially crafted file. Software Description: - pillow: Python Imaging Library Details: Yarden Porat discovered that Pillow incorrectly handled certain malformed PSD images. An attacker could use this issue to cause Pillow to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 python3-pil 11.3.0-1ubuntu1.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8047-1 CVE-2026-25990 Package Information: https://launchpad.net/ubuntu/+source/pillow/11.3.0-1ubuntu1.1 . Pillow on Ubuntu could crash or run code due to malformed files, leading to significant threats. Update recommended.. Pillow update Ubuntu crash security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 17, 2026 Important Ubuntu
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianDoS

Debian 11 Pillow Important Path Traversal DoS Vulnerability DLA-4462-1

Multiple vulnerabilities have been found in Pillow, an image processing library for Python. CVE-2021-23437 The getrgb function is susceptible to a ReDoS. CVE-2022-24303. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4462-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Daniel Leidert February 01, 2026 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : pillow Version : 8.1.2+dfsg-0.3+deb11u3 CVE ID : CVE-2021-23437 CVE-2022-24303 CVE-2022-45198 Multiple vulnerabilities have been found in Pillow, an image processing library for Python. CVE-2021-23437 The getrgb function is susceptible to a ReDoS. CVE-2022-24303 A possible path traversal vulnerability allows attackers to delete files. CVE-2022-45198 An improper handling of highly compressed GIF data can lead to a decompression bomb. For Debian 11 bullseye, these problems have been fixed in version 8.1.2+dfsg-0.3+deb11u3. We recommend that you upgrade your pillow packages. For the detailed security status of pillow please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/pillow Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Multiple vulnerabilities in Pillow lead to critical security threats requiring immediate updates. Get details on how to protect your system.. Debian Pillow Security Update, Image Processing Vulnerability, Python Security Issues. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 01, 2026 Important Debian LTS
Banner 3 1028x280 1708121785 1771599793
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorysecurity updatehigh severity

Gentoo: GLSA-202411-07 High Severity: Pillow Arbitrary Code Execution

A vulnerability has been discovered in Pillow, which may lead to arbitrary code execution.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202411-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Pillow: Arbitrary code execution Date: November 17, 2024 Bugs: #928391 ID: 202411-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in Pillow, which may lead to arbitrary code execution. Background ========== The friendly PIL fork. Affected packages ================= Package Vulnerable Unaffected ----------------- ------------ ------------ dev-python/pillow < 10.3.0 > = 10.3.0 Description =========== A vulnerability has been discovered in Pillow. Please review the CVE identifier referenced below for details. Impact ====== Please review the referenced CVE identifier for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Pillow users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-python/pillow-10.3.0" References ========== [ 1 ] CVE-2024-28219 https://nvd.nist.gov/vuln/detail/CVE-2024-28219 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202411-07 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc;referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo Linux Security Advisory: GLSA 202411-08 tackles critical vulnerability in Requests library. Immediate patching advised.. Gentoo Linux, Pillow update, security advisory, code execution. . LinuxSecurity.com Team

Calendar 2 Nov 17, 2024 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicecritical

Debian DSA-5704-1 Critical: Pillow Software Denial of Service Risk

Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service or the execution of arbitrary code if malformed images are processed. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5704-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff June 05, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : pillow CVE ID : CVE-2023-44271 CVE-2023-50447 CVE-2024-28219 Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service or the execution of arbitrary code if malformed images are processed. For the oldstable distribution (bullseye), these problems have been fixed in version 8.1.2+dfsg-0.3+deb11u2. For the stable distribution (bookworm), these problems have been fixed in version 9.4.0-1.1+deb12u1. We recommend that you upgrade your pillow packages. For the detailed security status of pillow please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/pillow Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Pillow, the popular Python Imaging Library, has critical security vulnerabilities impacting systems using Debian. This advisory highlights key issues and fixes.. Pillow Security, Debian Advisory, Python Library Update, Image Processing Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 05, 2024 Critical Debian
Banner 3 1028x280 1708121785 1771599793
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymoderatedenial of service

Ubuntu 20.04 LTS: USN-6744-2 Moderate: Pillow Code Execution Risk

Pillow could be made to crash or run programs as an administrator if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-6744-2 April 22, 2024 pillow vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS (Available with Ubuntu Pro) Summary: Pillow could be made to crash or run programs as an administrator if it opened a specially crafted file. Software Description: - pillow-python2: Python Imaging Library (Pillow fork) Details: USN-6744-1 fixed a vulnerability in Pillow (Python 3). This update provides the corresponding updates for Pillow (Python 2) in Ubuntu 20.04 LTS. Original advisory details: Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS (Available with Ubuntu Pro): python-pil 6.2.1-3ubuntu0.1~esm2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6744-2 https://ubuntu.com/security/notices/USN-6744-1 CVE-2024-28219 . The recent Pillow vulnerability patch for Ubuntu 20.04 brings essential security enhancements aimed at mitigating crashes and potential remote code execution threats.. Pillow Update, Ubuntu Security, Crash Risk, Code Execution Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 22, 2024 Important Ubuntu
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymoderatedenial of service

Ubuntu 23.10 USN-6744-1 Critical: Pillow Buffer Overflow Exploit

Pillow could be made to crash or run programs as an administrator if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-6744-1 April 22, 2024 pillow vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: Pillow could be made to crash or run programs as an administrator if it opened a specially crafted file. Software Description: - pillow: Python Imaging Library Details: Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: python3-pil 10.0.0-1ubuntu0.2 Ubuntu 22.04 LTS: python3-pil 9.0.1-1ubuntu0.3 Ubuntu 20.04 LTS: python3-pil 7.0.0-4ubuntu0.9 Ubuntu 18.04 LTS (Available with Ubuntu Pro): python-pil 5.1.0-1ubuntu0.8+esm1 python3-pil 5.1.0-1ubuntu0.8+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): python-pil 3.1.2-0ubuntu1.6+esm2 python3-pil 3.1.2-0ubuntu1.6+esm2 Ubuntu 14.04 LTS (Available with Ubuntu Pro): python-pil 2.3.0-1ubuntu3.4+esm4 python3-pil 2.3.0-1ubuntu3.4+esm4 In general, a standard system update will make all the necessarychanges. References: https://ubuntu.com/security/notices/USN-6744-1 CVE-2024-28219 Package Information: https://launchpad.net/ubuntu/+source/pillow/10.0.0-1ubuntu0.2 https://launchpad.net/ubuntu/+source/pillow/9.0.1-1ubuntu0.3 https://launchpad.net/ubuntu/+source/pillow/7.0.0-4ubuntu0.9 . A vulnerability in the Pillow library for Ubuntu presents risks that may lead to system crashes or arbitrary code execution. Immediate action is advised to update any impacted software.. Pillow Exploit, Ubuntu Update, Buffer Overflow Threat, Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 22, 2024 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here