Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 487 articles for you...
217

Oracle Linux 9 libcap Warning on Important TOCTOU Race Condition Issue

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-19346 http://linux.oracle.com/errata/ELSA-2026-19346.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libcap-2.48-10.el9_8.1.i686.rpm libcap-2.48-10.el9_8.1.x86_64.rpm libcap-devel-2.48-10.el9_8.1.i686.rpm libcap-devel-2.48-10.el9_8.1.x86_64.rpm aarch64: libcap-2.48-10.el9_8.1.aarch64.rpm libcap-devel-2.48-10.el9_8.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/libcap-2.48-10.el9_8.1.src.rpm Related CVEs: CVE-2026-4878 Description of changes: [2.48-10.1] - Fix TOCTOU race condition in cap_set_file() (CVE-2026-4878) Resolves: RHEL-169312 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updated rpms for Oracle Linux 9 addressing an important TOCTOU race condition in libcap. Immediate action required.. Oracle Linux, libcap, security advisory, race condition, package update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Oracle
202

openSUSE chromium Important Security Update CVE-2025-8879 and More

An update that fixes 5 vulnerabilities is now available.. openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0301-1 Rating: important References: #1247981 Cross-References: CVE-2025-8879 CVE-2025-8880 CVE-2025-8881 CVE-2025-8882 CVE-2025-8901 Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for chromium fixes the following issues: Chromium 139.0.7258.127 (boo#1247981): * CVE-2025-8879: Heap buffer overflow in libaom * CVE-2025-8880: Race in V8 * CVE-2025-8901: Out of bounds write in ANGLE * CVE-2025-8881: Inappropriate implementation in File Picker * CVE-2025-8882: Use after free in Aura * Various fixes from internal audits, fuzzing and other initiatives Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2025-301=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 ppc64le x86_64): chromedriver-139.0.7258.127-bp157.2.37.1 chromedriver-debuginfo-139.0.7258.127-bp157.2.37.1 chromium-139.0.7258.127-bp157.2.37.1 chromium-debuginfo-139.0.7258.127-bp157.2.37.1 References: https://www.suse.com/security/cve/CVE-2025-8879.html https://www.suse.com/security/cve/CVE-2025-8880.html https://www.suse.com/security/cve/CVE-2025-8881.html https://www.suse.com/security/cve/CVE-2025-8882.html https://www.suse.com/security/cve/CVE-2025-8901.html https://bugzilla.suse.com/1247981 . Critical update for openSUSE fixes 5 important issues in Chromium relatingto memory management vulnerabilities.. openSUSE update chromium vulnerabilities security patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 11, 2026 Important OpenSUSE
202

openSUSE PackageKit Critical Race Condition CVE-2026-41651 Advisory

An update that solves one vulnerability can now be installed.. # Security update for PackageKit Announcement ID: SUSE-SU-2026:1939-1 Release Date: 2026-05-18T07:43:59Z Rating: important References: * bsc#1262220 Cross-References: * CVE-2026-41651 CVSS scores: * CVE-2026-41651 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-41651 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-41651 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for PackageKit fixes the following issue: * CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE (bsc#1262220). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1939=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1939=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1939=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-1939=1 * Desktop Applications Module 15-SP7 zypper in -t patchSUSE-SLE-Module-Desktop-Applications-15-SP7-2026-1939=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * PackageKit-backend-dnf-debuginfo-1.2.8-150600.4.14.1 * PackageKit-backend-zypp-1.2.8-150600.4.14.1 * libpackagekit-glib2-devel-1.2.8-150600.4.14.1 * PackageKit-backend-dnf-1.2.8-150600.4.14.1 * PackageKit-backend-zypp-debuginfo-1.2.8-150600.4.14.1 * PackageKit-devel-1.2.8-150600.4.14.1 * PackageKit-gtk3-module-debuginfo-1.2.8-150600.4.14.1 * typelib-1_0-PackageKitGlib-1_0-1.2.8-150600.4.14.1 * PackageKit-gstreamer-plugin-1.2.8-150600.4.14.1 * PackageKit-1.2.8-150600.4.14.1 * PackageKit-debugsource-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-1.2.8-150600.4.14.1 * PackageKit-debuginfo-1.2.8-150600.4.14.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.8-150600.4.14.1 * PackageKit-gtk3-module-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-debuginfo-1.2.8-150600.4.14.1 * PackageKit-devel-debuginfo-1.2.8-150600.4.14.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpackagekit-glib2-devel-64bit-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-64bit-debuginfo-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-64bit-1.2.8-150600.4.14.1 * openSUSE Leap 15.6 (noarch) * PackageKit-branding-upstream-1.2.8-150600.4.14.1 * PackageKit-lang-1.2.8-150600.4.14.1 * openSUSE Leap 15.6 (x86_64) * libpackagekit-glib2-devel-32bit-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-32bit-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-32bit-debuginfo-1.2.8-150600.4.14.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * PackageKit-backend-zypp-1.2.8-150600.4.14.1 * PackageKit-devel-1.2.8-150600.4.14.1 * libpackagekit-glib2-devel-1.2.8-150600.4.14.1 * PackageKit-backend-zypp-debuginfo-1.2.8-150600.4.14.1 * typelib-1_0-PackageKitGlib-1_0-1.2.8-150600.4.14.1 * PackageKit-1.2.8-150600.4.14.1 * PackageKit-debugsource-1.2.8-150600.4.14.1 *PackageKit-debuginfo-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-debuginfo-1.2.8-150600.4.14.1 * PackageKit-devel-debuginfo-1.2.8-150600.4.14.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * PackageKit-lang-1.2.8-150600.4.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * PackageKit-backend-zypp-1.2.8-150600.4.14.1 * PackageKit-devel-1.2.8-150600.4.14.1 * libpackagekit-glib2-devel-1.2.8-150600.4.14.1 * PackageKit-backend-zypp-debuginfo-1.2.8-150600.4.14.1 * typelib-1_0-PackageKitGlib-1_0-1.2.8-150600.4.14.1 * PackageKit-1.2.8-150600.4.14.1 * PackageKit-debugsource-1.2.8-150600.4.14.1 * PackageKit-debuginfo-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-debuginfo-1.2.8-150600.4.14.1 * PackageKit-devel-debuginfo-1.2.8-150600.4.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * PackageKit-lang-1.2.8-150600.4.14.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * PackageKit-gtk3-module-debuginfo-1.2.8-150600.4.14.1 * PackageKit-gstreamer-plugin-1.2.8-150600.4.14.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.8-150600.4.14.1 * PackageKit-gtk3-module-1.2.8-150600.4.14.1 * PackageKit-debugsource-1.2.8-150600.4.14.1 * PackageKit-debuginfo-1.2.8-150600.4.14.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * PackageKit-backend-zypp-1.2.8-150600.4.14.1 * PackageKit-devel-1.2.8-150600.4.14.1 * libpackagekit-glib2-devel-1.2.8-150600.4.14.1 * PackageKit-backend-zypp-debuginfo-1.2.8-150600.4.14.1 * typelib-1_0-PackageKitGlib-1_0-1.2.8-150600.4.14.1 * PackageKit-1.2.8-150600.4.14.1 * PackageKit-debugsource-1.2.8-150600.4.14.1 * PackageKit-debuginfo-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-1.2.8-150600.4.14.1 * libpackagekit-glib2-18-debuginfo-1.2.8-150600.4.14.1 *PackageKit-devel-debuginfo-1.2.8-150600.4.14.1 * Desktop Applications Module 15-SP7 (noarch) * PackageKit-lang-1.2.8-150600.4.14.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41651.html * https://bugzilla.suse.com/show_bug.cgi?id=1262220 . Critical update for PackageKit addresses race condition allowing arbitrary RPM installation on openSUSE. Update now!. PackageKit race condition openSUSE security update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 18, 2026 Important OpenSUSE
202

openSUSE Leap 15.6 sed Moderate TOCTOU Race Condition Vuln 2026-1941-1

An update that solves one vulnerability can now be installed.. # Security update for sed Announcement ID: SUSE-SU-2026:1941-1 Release Date: 2026-05-18T07:44:39Z Rating: moderate References: * bsc#1262144 Cross-References: * CVE-2026-5958 CVSS scores: * CVE-2026-5958 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N * CVE-2026-5958 ( SUSE ): 6.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N * CVE-2026-5958 ( NVD ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for sed fixes the following issue: * CVE-2026-5958: a TOCTOU race can allow to read attacker-controlled content and write it to an unintended file (bsc#1262144). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1941=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1941=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * sed-4.9-150600.3.3.1 * sed-debugsource-4.9-150600.3.3.1 * sed-debuginfo-4.9-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * sed-lang-4.9-150600.3.3.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * sed-4.9-150600.3.3.1 * sed-debugsource-4.9-150600.3.3.1 * sed-debuginfo-4.9-150600.3.3.1 * Basesystem Module 15-SP7 (noarch) *sed-lang-4.9-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-5958.html * https://bugzilla.suse.com/show_bug.cgi?id=1262144 . Fixes race condition in sed for openSUSE to prevent potential data exposure. Update now for enhanced security.. openSUSE sed race condition security update. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 May 18, 2026 moderate OpenSUSE
203

Mageia 9 sed Important Race Condition Issue MGASA-2026-0128 CVE-2026-5958

MGASA-2026-0128 - Updated sed packages fix security vulnerability. MGASA-2026-0128 - Updated sed packages fix security vulnerability Publication date: 13 May 2026 URL: https://advisories.mageia.org/MGASA-2026-0128.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-5958 Description: Race Condition in GNU Sed. (CVE-2026-5958) References: - https://bugs.mageia.org/show_bug.cgi?id=35465 - https://lists.opensuse.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/242J2LW3C7C4MDLVKSD3DJDBKXAJXUTP/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5958 SRPMS: - 9/core/sed-4.9-1.1.mga9 . Updated sed packages in Mageia fix important security vulnerability identified as a race condition.. Mageia Sed Security Update, CVE-2026-5958, Race Condition Fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 13, 2026 Important Mageia
100

SUSE 15 SP4 PackageKit Important Race Condition Fix SUSE-SU-2026-1700-1

An update that solves one vulnerability can now be installed.. # Security update for PackageKit Announcement ID: SUSE-SU-2026:1700-1 Release Date: 2026-05-06T07:42:37Z Rating: important References: * bsc#1262220 Cross-References: * CVE-2026-41651 CVSS scores: * CVE-2026-41651 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-41651 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-41651 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for PackageKit fixes the following issue: * CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE (bsc#1262220). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1700=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1700=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1700=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1700=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1700=1 ## PackageList: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-1.2.4-150400.3.31.1 * PackageKit-backend-dnf-1.2.4-150400.3.31.1 * PackageKit-gtk3-module-1.2.4-150400.3.31.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.31.1 * PackageKit-backend-dnf-debuginfo-1.2.4-150400.3.31.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.31.1 * PackageKit-devel-1.2.4-150400.3.31.1 * PackageKit-debugsource-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.31.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-1.2.4-150400.3.31.1 * PackageKit-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-1.2.4-150400.3.31.1 * PackageKit-debuginfo-1.2.4-150400.3.31.1 * openSUSE Leap 15.4 (noarch) * PackageKit-lang-1.2.4-150400.3.31.1 * PackageKit-branding-upstream-1.2.4-150400.3.31.1 * openSUSE Leap 15.4 (x86_64) * libpackagekit-glib2-18-32bit-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-32bit-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-32bit-1.2.4-150400.3.31.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpackagekit-glib2-18-64bit-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-64bit-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-64bit-1.2.4-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-1.2.4-150400.3.31.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.31.1 * PackageKit-devel-1.2.4-150400.3.31.1 * PackageKit-debugsource-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-1.2.4-150400.3.31.1 *PackageKit-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-1.2.4-150400.3.31.1 * PackageKit-debuginfo-1.2.4-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * PackageKit-lang-1.2.4-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-1.2.4-150400.3.31.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.31.1 * PackageKit-devel-1.2.4-150400.3.31.1 * PackageKit-debugsource-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-1.2.4-150400.3.31.1 * PackageKit-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-1.2.4-150400.3.31.1 * PackageKit-debuginfo-1.2.4-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * PackageKit-lang-1.2.4-150400.3.31.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-1.2.4-150400.3.31.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.31.1 * PackageKit-devel-1.2.4-150400.3.31.1 * PackageKit-debugsource-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-1.2.4-150400.3.31.1 * PackageKit-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-1.2.4-150400.3.31.1 * PackageKit-debuginfo-1.2.4-150400.3.31.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * PackageKit-lang-1.2.4-150400.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-1.2.4-150400.3.31.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.31.1 *PackageKit-devel-1.2.4-150400.3.31.1 * PackageKit-debugsource-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-1.2.4-150400.3.31.1 * PackageKit-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-1.2.4-150400.3.31.1 * PackageKit-debuginfo-1.2.4-150400.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * PackageKit-lang-1.2.4-150400.3.31.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41651.html * https://bugzilla.suse.com/show_bug.cgi?id=1262220 . SUSE PackageKit security patch fixes important race condition allowing arbitrary package installation as root. Install updates now.. Linux Security Updates PackageKit Important Patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 06, 2026 Important SuSE
100

SUSE Linux 12 SP5 PackageKit Important Race Condition Vuln 2026-1701-1

An update that solves one vulnerability can now be installed.. # Security update for PackageKit Announcement ID: SUSE-SU-2026:1701-1 Release Date: 2026-05-06T07:42:47Z Rating: important References: * bsc#1262220 Cross-References: * CVE-2026-41651 CVSS scores: * CVE-2026-41651 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-41651 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-41651 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for PackageKit fixes the following issue: * CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE (bsc#1262220). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1701=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1701=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * PackageKit-backend-zypp-1.1.3-24.23.1 * PackageKit-devel-1.1.3-24.23.1 * typelib-1_0-PackageKitGlib-1_0-1.1.3-24.23.1 * libpackagekit-glib2-18-debuginfo-1.1.3-24.23.1 * PackageKit-debuginfo-1.1.3-24.23.1 * libpackagekit-glib2-devel-1.1.3-24.23.1 * PackageKit-1.1.3-24.23.1 *PackageKit-debugsource-1.1.3-24.23.1 * libpackagekit-glib2-18-1.1.3-24.23.1 * PackageKit-devel-debuginfo-1.1.3-24.23.1 * PackageKit-backend-zypp-debuginfo-1.1.3-24.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * PackageKit-lang-1.1.3-24.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * PackageKit-backend-zypp-1.1.3-24.23.1 * PackageKit-devel-1.1.3-24.23.1 * typelib-1_0-PackageKitGlib-1_0-1.1.3-24.23.1 * libpackagekit-glib2-18-debuginfo-1.1.3-24.23.1 * PackageKit-debuginfo-1.1.3-24.23.1 * libpackagekit-glib2-devel-1.1.3-24.23.1 * PackageKit-1.1.3-24.23.1 * PackageKit-debugsource-1.1.3-24.23.1 * libpackagekit-glib2-18-1.1.3-24.23.1 * PackageKit-devel-debuginfo-1.1.3-24.23.1 * PackageKit-backend-zypp-debuginfo-1.1.3-24.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * PackageKit-lang-1.1.3-24.23.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41651.html * https://bugzilla.suse.com/show_bug.cgi?id=1262220 . An important security update for PackageKit on SUSE addresses a race condition vulnerability to protect systems.. SUSE Linux, PackageKit, security update, LPE risk, race condition. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 06, 2026 Important SuSE
217

Oracle Linux 10 ELSA-2026-12423 libcap Important Race Condition

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-12423 http://linux.oracle.com/errata/ELSA-2026-12423.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: libcap-2.69-7.el10_1.1.x86_64.rpm libcap-devel-2.69-7.el10_1.1.x86_64.rpm aarch64: libcap-2.69-7.el10_1.1.aarch64.rpm libcap-devel-2.69-7.el10_1.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/libcap-2.69-7.el10_1.1.src.rpm Related CVEs: CVE-2026-4878 Description of changes: [2.69-7.1] - Fix TOCTOU race condition in cap_set_file() (CVE-2026-4878) Resolves: RHEL-169301 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Explore the important security fix for libcap in Oracle Linux addressing race conditions effectively.. Oracle Linux libcap security update race condition. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 04, 2026 Important Oracle
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200