Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorybug fixmemory corruption

Red Hat Enterprise Linux 5.6 RHSA-2017:0347 Critical: Kernel Memory Issues

An update for kernel is now available for Red Hat Enterprise Linux 5.6 Long Life. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2017:0347-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0347.html Issue date: 2017-02-28 CVE Names: CVE-2017-2634 CVE-2017-6074 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 5.6 Long Life. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Long Life (v. 5.6 server) - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system. (CVE-2017-6074, Important) * It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw tocrash the system. (CVE-2017-2634, Moderate) Important: This update disables the DCCP kernel module at load time by using the kernel module blacklist method. The module is disabled in an attempt to reduce further exposure to additional issues. (BZ#1426311) Red Hat would like to thank Andrey Konovalov (Google) for reporting CVE-2017-6074. The CVE-2017-2634 issue was discovered by Wade Mealing (Red Hat Product Security). 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1423071 - CVE-2017-6074 kernel: use after free in dccp protocol 1424751 - CVE-2017-2634 kernel: dccp: crash while sending ipv6 reset packet 6. Package List: Red Hat Enterprise Linux Long Life (v. 5.6server): Source: kernel-2.6.18-238.58.1.el5.src.rpm i386: kernel-2.6.18-238.58.1.el5.i686.rpm kernel-PAE-2.6.18-238.58.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-238.58.1.el5.i686.rpm kernel-PAE-devel-2.6.18-238.58.1.el5.i686.rpm kernel-debug-2.6.18-238.58.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-238.58.1.el5.i686.rpm kernel-debug-devel-2.6.18-238.58.1.el5.i686.rpm kernel-debuginfo-2.6.18-238.58.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-238.58.1.el5.i686.rpm kernel-devel-2.6.18-238.58.1.el5.i686.rpm kernel-headers-2.6.18-238.58.1.el5.i386.rpm kernel-xen-2.6.18-238.58.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-238.58.1.el5.i686.rpm kernel-xen-devel-2.6.18-238.58.1.el5.i686.rpm ia64: kernel-2.6.18-238.58.1.el5.ia64.rpm kernel-debug-2.6.18-238.58.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-238.58.1.el5.ia64.rpm kernel-debug-devel-2.6.18-238.58.1.el5.ia64.rpm kernel-debuginfo-2.6.18-238.58.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-238.58.1.el5.ia64.rpm kernel-devel-2.6.18-238.58.1.el5.ia64.rpm kernel-headers-2.6.18-238.58.1.el5.ia64.rpm kernel-xen-2.6.18-238.58.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-238.58.1.el5.ia64.rpm kernel-xen-devel-2.6.18-238.58.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-238.58.1.el5.noarch.rpm x86_64: kernel-2.6.18-238.58.1.el5.x86_64.rpm kernel-debug-2.6.18-238.58.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-238.58.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-238.58.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-238.58.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-238.58.1.el5.x86_64.rpm kernel-devel-2.6.18-238.58.1.el5.x86_64.rpm kernel-headers-2.6.18-238.58.1.el5.x86_64.rpm kernel-xen-2.6.18-238.58.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-238.58.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-238.58.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2017-2634 https://access.redhat.com/security/cve/CVE-2017-6074 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/2706661 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYtZOBXlSAg2UNWIIRAreoAKC64tFIEhi9yPe8xUBZam4f4ME/JACfb9sE qd2uIkQkeCWCE84w7jUtH48=p8xV -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Significant patch released for CentOS resolves critical vulnerabilities, improving overall system integrity.. Kernel Update, Security Advisory, Red Hat Linux, Bug Fixes, Memory Corruption. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 28, 2017 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatimportant impact

Red Hat: RHSA-2013:0188 Important: ipa Authentication Flaw

Updated ipa packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: ipa security update Advisory ID: RHSA-2013:0188-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2013:0188.html Issue date: 2013-01-23 CVE Names: CVE-2012-5484 ==================================================================== 1. Summary: Updated ipa packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud-based enterprise environments. A weakness was found in the way IPA clients communicated with IPA serverswhen initially attempting to join IPA domains. As there was no secure way to provide the IPA server's Certificate Authority (CA) certificate to the client during a join, the IPA client enrollment process was susceptible to man-in-the-middle attacks. This flaw could allow an attacker toobtain access to the IPA server using the credentials provided by an IPA client, including administrative access to the entire domain if the join was performed using an administrator's credentials. (CVE-2012-5484) Note: This weakness was only exposed during the initial client join to the realm, because the IPA client did not yet have the CA certificate of the server. Once an IPA client has joined the realm and has obtained the CA certificate of the IPA server, all further communication is secure. If a client were using the OTP (one-time password) method to join to the realm, an attacker could only obtain unprivileged access to the server (enough to only join the realm). Red Hat would like to thank Petr Menšík for reporting this issue. This update must be installed on both the IPA client and IPA server. When this update has been applied to the client but not the server, ipa-client-install, in unattended mode, will fail if you do not have the correct CA certificate locally, noting that you must use the "--force" option to insecurely obtain the certificate. In interactive mode, the certificate will try to be obtained securely from LDAP. If this fails, you will be prompted to insecurely download the certificate via HTTP. In the same situation when using OTP, LDAP will not be queried and you will be prompted to insecurely download the certificate via HTTP. Users of ipa are advised to upgrade to these updated packages, which correct this issue. After installing the update, changes in LDAP are handled by ipa-ldap-updater automatically and are effective immediately. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 876307 - CVE-2012-5484 ipa: weakness when initiating join from IPA client can potentiallycompromise IPA domain 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: i386: ipa-client-2.2.0-17.el6_3.1.i686.rpm ipa-debuginfo-2.2.0-17.el6_3.1.i686.rpm ipa-python-2.2.0-17.el6_3.1.i686.rpm x86_64: ipa-client-2.2.0-17.el6_3.1.x86_64.rpm ipa-debuginfo-2.2.0-17.el6_3.1.x86_64.rpm ipa-python-2.2.0-17.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: i386: ipa-admintools-2.2.0-17.el6_3.1.i686.rpm ipa-debuginfo-2.2.0-17.el6_3.1.i686.rpm ipa-server-2.2.0-17.el6_3.1.i686.rpm ipa-server-selinux-2.2.0-17.el6_3.1.i686.rpm x86_64: ipa-admintools-2.2.0-17.el6_3.1.x86_64.rpm ipa-debuginfo-2.2.0-17.el6_3.1.x86_64.rpm ipa-server-2.2.0-17.el6_3.1.x86_64.rpm ipa-server-selinux-2.2.0-17.el6_3.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: ipa-client-2.2.0-17.el6_3.1.x86_64.rpm ipa-debuginfo-2.2.0-17.el6_3.1.x86_64.rpm ipa-python-2.2.0-17.el6_3.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: x86_64: ipa-admintools-2.2.0-17.el6_3.1.x86_64.rpm ipa-debuginfo-2.2.0-17.el6_3.1.x86_64.rpm ipa-server-2.2.0-17.el6_3.1.x86_64.rpm ipa-server-selinux-2.2.0-17.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: i386: ipa-admintools-2.2.0-17.el6_3.1.i686.rpm ipa-client-2.2.0-17.el6_3.1.i686.rpm ipa-debuginfo-2.2.0-17.el6_3.1.i686.rpm ipa-python-2.2.0-17.el6_3.1.i686.rpm ipa-server-2.2.0-17.el6_3.1.i686.rpm ipa-server-selinux-2.2.0-17.el6_3.1.i686.rpm ppc64: ipa-admintools-2.2.0-17.el6_3.1.ppc64.rpm ipa-client-2.2.0-17.el6_3.1.ppc64.rpm ipa-debuginfo-2.2.0-17.el6_3.1.ppc64.rpm ipa-python-2.2.0-17.el6_3.1.ppc64.rpm s390x: ipa-admintools-2.2.0-17.el6_3.1.s390x.rpm ipa-client-2.2.0-17.el6_3.1.s390x.rpm ipa-debuginfo-2.2.0-17.el6_3.1.s390x.rpm ipa-python-2.2.0-17.el6_3.1.s390x.rpm x86_64: ipa-admintools-2.2.0-17.el6_3.1.x86_64.rpm ipa-client-2.2.0-17.el6_3.1.x86_64.rpm ipa-debuginfo-2.2.0-17.el6_3.1.x86_64.rpm ipa-python-2.2.0-17.el6_3.1.x86_64.rpm ipa-server-2.2.0-17.el6_3.1.x86_64.rpm ipa-server-selinux-2.2.0-17.el6_3.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: ipa-admintools-2.2.0-17.el6_3.1.i686.rpm ipa-client-2.2.0-17.el6_3.1.i686.rpm ipa-debuginfo-2.2.0-17.el6_3.1.i686.rpm ipa-python-2.2.0-17.el6_3.1.i686.rpm ipa-server-2.2.0-17.el6_3.1.i686.rpm ipa-server-selinux-2.2.0-17.el6_3.1.i686.rpm x86_64: ipa-admintools-2.2.0-17.el6_3.1.x86_64.rpm ipa-client-2.2.0-17.el6_3.1.x86_64.rpm ipa-debuginfo-2.2.0-17.el6_3.1.x86_64.rpm ipa-python-2.2.0-17.el6_3.1.x86_64.rpm ipa-server-2.2.0-17.el6_3.1.x86_64.rpm ipa-server-selinux-2.2.0-17.el6_3.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2012-5484 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFRAFtoXlSAg2UNWIIRAhb6AKC8pKI8sFczd4SAk0l4m/+XV8OQSwCeMU9S 5ISYbcazBwT6wNNRKn07Mh4=Fnq3 -----ENDPGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Canonical announces kernel patch addressing critical vulnerability in Ubuntu 18.04 with suggested installation guidelines.. ipa Security Update, Red Hat Enterprise, Important Issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 23, 2013 Important Red Hat
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here