Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateOpenSUSE

openSUSE Leap 15.6 redis7 Moderate Data Injection Issue SUSE-2026-0667-1

# Security update for redis7 Announcement ID: SUSE-SU-2026:0667-1 Release Date: 2026-02-26T15:19:59Z Rating: moderate References:. # Security update for redis7 Announcement ID: SUSE-SU-2026:0667-1 Release Date: 2026-02-26T15:19:59Z Rating: moderate References: * bsc#1258706 Affected Products: * openSUSE Leap 15.6 An update that has one security fix can now be installed. ## Description: This update for redis7 fixes the following issue: * a user can manipulate data read by a connection by injecting sequences into a Redis error reply (bsc#1258706). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-667=1 openSUSE-SLE-15.6-2026-667=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * redis7-7.0.8-150600.8.22.1 * redis7-debugsource-7.0.8-150600.8.22.1 * redis7-debuginfo-7.0.8-150600.8.22.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1258706 . A moderate security update for redis7 on openSUSE Leap 15.6 addresses data manipulation issues via error injection.. redis7 security update, openSUSE Leap 15.6, moderate advisory. . LinuxSecurity.com Team

Calendar 2 Feb 26, 2026 SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of servicecritical

SUSE Releases Critical Security Update for Redis 7: 2025:03501-1

* bsc#1250995 Cross-References: * CVE-2025-46817 * CVE-2025-46818 . # Security update for redis7 Announcement ID: SUSE-SU-2025:03501-1 Release Date: 2025-10-08T21:04:47Z Rating: critical References: * bsc#1250995 Cross-References: * CVE-2025-46817 * CVE-2025-46818 * CVE-2025-46819 * CVE-2025-49844 CVSS scores: * CVE-2025-46817 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-46817 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-46817 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-46817 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-46818 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-46818 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-46818 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2025-46819 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46819 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-46819 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-49844 ( SUSE ): 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-49844 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-49844 ( NVD ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-49844 ( NVD ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for redis7 fixes thefollowing issues: * CVE-2025-49844: Malicious Lua scripts may lead to remote code execution. [bsc#1250995] * CVE-2025-46817: Malicious Lua scripts may lead to integer overflow and potential remote code execution. [bsc#1250995] * CVE-2025-46818: Malicious Lua scripts can be executed in the context of another user. [bsc#1250995] * CVE-2025-46819: Malicious Lua scripts can trigger out-of-bound reads to facilitate denial-of-service attacks. [bsc#1250995] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-3501=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3501=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3501=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3501=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3501=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * redis7-debugsource-7.0.8-150500.3.24.1 * redis7-7.0.8-150500.3.24.1 * redis7-debuginfo-7.0.8-150500.3.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * redis7-debugsource-7.0.8-150500.3.24.1 * redis7-7.0.8-150500.3.24.1 * redis7-debuginfo-7.0.8-150500.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * redis7-debugsource-7.0.8-150500.3.24.1 * redis7-7.0.8-150500.3.24.1 * redis7-debuginfo-7.0.8-150500.3.24.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * redis7-debugsource-7.0.8-150500.3.24.1 * redis7-7.0.8-150500.3.24.1 * redis7-debuginfo-7.0.8-150500.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * redis7-debugsource-7.0.8-150500.3.24.1 * redis7-7.0.8-150500.3.24.1 * redis7-debuginfo-7.0.8-150500.3.24.1 ## References: * https://www.suse.com/security/cve/CVE-2025-46817.html * https://www.suse.com/security/cve/CVE-2025-46818.html * https://www.suse.com/security/cve/CVE-2025-46819.html * https://www.suse.com/security/cve/CVE-2025-49844.html * https://bugzilla.suse.com/show_bug.cgi?id=1250995 . SUSE Linux critical update for redis7 resolves remote code execution and DoS risks. Patch now to enhance security.. SUSE redis7 critical patch remote code execution. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 09, 2025 Critical SuSE
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of servicecritical

SUSE: Redis7 Critical Remote Code Exec & DoS Advisory CVE-2025-46817

* bsc#1250995 Cross-References: * CVE-2025-46817 * CVE-2025-46818 . # Security update for redis7 Announcement ID: SUSE-SU-2025:03500-1 Release Date: 2025-10-08T18:35:36Z Rating: critical References: * bsc#1250995 Cross-References: * CVE-2025-46817 * CVE-2025-46818 * CVE-2025-46819 * CVE-2025-49844 CVSS scores: * CVE-2025-46817 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-46817 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-46817 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-46817 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-46818 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-46818 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-46818 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2025-46819 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46819 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-46819 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-49844 ( SUSE ): 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-49844 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-49844 ( NVD ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-49844 ( NVD ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for redis7 fixes the following issues: * CVE-2025-49844: Malicious Lua scripts may lead to remote code execution. [bsc#1250995] * CVE-2025-46817: Malicious Lua scriptsmay lead to integer overflow and potential remote code execution. [bsc#1250995] * CVE-2025-46818: Malicious Lua scripts can be executed in the context of another user. [bsc#1250995] * CVE-2025-46819: Malicious Lua scripts can trigger out-of-bound reads to facilitate denial-of-service attacks. [bsc#1250995] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3500=1 openSUSE-SLE-15.6-2025-3500=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-3500=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * redis7-7.0.8-150600.8.19.1 * redis7-debugsource-7.0.8-150600.8.19.1 * redis7-debuginfo-7.0.8-150600.8.19.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * redis7-7.0.8-150600.8.19.1 * redis7-debugsource-7.0.8-150600.8.19.1 * redis7-debuginfo-7.0.8-150600.8.19.1 ## References: * https://www.suse.com/security/cve/CVE-2025-46817.html * https://www.suse.com/security/cve/CVE-2025-46818.html * https://www.suse.com/security/cve/CVE-2025-46819.html * https://www.suse.com/security/cve/CVE-2025-49844.html * https://bugzilla.suse.com/show_bug.cgi?id=1250995 . SUSE releases critical security update for redis7 addressing multiple Lua script vulnerabilities. Immediate action recommended.. SUSE Redis7 Security Update, Critical Vulnerability Patch, Lua Script Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 08, 2025 Critical SuSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorydenial of servicecritical

openSUSE Leap 15.6: redis7 Critical Remote Code Exec 2025:03500-1

An update that solves four vulnerabilities can now be installed.. # Security update for redis7 Announcement ID: SUSE-SU-2025:03500-1 Release Date: 2025-10-08T18:35:36Z Rating: critical References: * bsc#1250995 Cross-References: * CVE-2025-46817 * CVE-2025-46818 * CVE-2025-46819 * CVE-2025-49844 CVSS scores: * CVE-2025-46817 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-46817 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-46817 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-46817 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-46818 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-46818 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-46818 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2025-46819 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-46819 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-46819 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2025-49844 ( SUSE ): 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2025-49844 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-49844 ( NVD ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-49844 ( NVD ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for redis7 fixes the following issues: * CVE-2025-49844: Malicious Lua scripts may lead to remote code execution. [bsc#1250995] * CVE-2025-46817: Malicious Lua scripts maylead to integer overflow and potential remote code execution. [bsc#1250995] * CVE-2025-46818: Malicious Lua scripts can be executed in the context of another user. [bsc#1250995] * CVE-2025-46819: Malicious Lua scripts can trigger out-of-bound reads to facilitate denial-of-service attacks. [bsc#1250995] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3500=1 openSUSE-SLE-15.6-2025-3500=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-3500=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * redis7-7.0.8-150600.8.19.1 * redis7-debugsource-7.0.8-150600.8.19.1 * redis7-debuginfo-7.0.8-150600.8.19.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * redis7-7.0.8-150600.8.19.1 * redis7-debugsource-7.0.8-150600.8.19.1 * redis7-debuginfo-7.0.8-150600.8.19.1 ## References: * https://www.suse.com/security/cve/CVE-2025-46817.html * https://www.suse.com/security/cve/CVE-2025-46818.html * https://www.suse.com/security/cve/CVE-2025-46819.html * https://www.suse.com/security/cve/CVE-2025-49844.html * https://bugzilla.suse.com/show_bug.cgi?id=1250995 . A critical update for openSUSE addresses multiple vulnerabilities in redis7, enhancing system security effectively.. openSUSE Security, redis7 Update, Code Execution Issue, Lua Scripts Threat. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 08, 2025 Critical OpenSUSE
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryremote code executionbug fix

openSUSE Leap 15.5: SUSE-SU-2025:0160-1 critical: redis7 remote code exec

An update that solves two vulnerabilities can now be installed.. # Security update for redis7 Announcement ID: SUSE-SU-2025:0160-1 Release Date: 2025-01-17T14:38:37Z Rating: important References: * bsc#1235386 * bsc#1235387 Cross-References: * CVE-2024-46981 * CVE-2024-51741 CVSS scores: * CVE-2024-46981 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46981 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46981 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-51741 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-51741 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-51741 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for redis7 fixes the following issues: * CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. (bsc#1235386) * CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution. (bsc#1235387) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-160=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-160=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-160=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-160=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-160=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * redis7-debuginfo-7.0.8-150500.3.15.1 * redis7-7.0.8-150500.3.15.1 * redis7-debugsource-7.0.8-150500.3.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * redis7-debuginfo-7.0.8-150500.3.15.1 * redis7-7.0.8-150500.3.15.1 * redis7-debugsource-7.0.8-150500.3.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * redis7-debuginfo-7.0.8-150500.3.15.1 * redis7-7.0.8-150500.3.15.1 * redis7-debugsource-7.0.8-150500.3.15.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * redis7-debuginfo-7.0.8-150500.3.15.1 * redis7-7.0.8-150500.3.15.1 * redis7-debugsource-7.0.8-150500.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * redis7-debuginfo-7.0.8-150500.3.15.1 * redis7-7.0.8-150500.3.15.1 * redis7-debugsource-7.0.8-150500.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46981.html * https://www.suse.com/security/cve/CVE-2024-51741.html * https://bugzilla.suse.com/show_bug.cgi?id=1235386 * https://bugzilla.suse.com/show_bug.cgi?id=1235387 . Essential redis7 patch for openSUSE-Leap 15.5 to mitigate risks of remote exploitation and service interruption.. redis7, SLES, security advisory, SUSE update, software patching. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 17, 2025 Important OpenSUSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryremote code executionimportant update

openSUSE Leap 15.6: SUSE-SU-2025:0161-1 important: redis7 remote execution

An update that solves two vulnerabilities can now be installed.. # Security update for redis7 Announcement ID: SUSE-SU-2025:0161-1 Release Date: 2025-01-17T14:38:51Z Rating: important References: * bsc#1235386 * bsc#1235387 Cross-References: * CVE-2024-46981 * CVE-2024-51741 CVSS scores: * CVE-2024-46981 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46981 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46981 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-51741 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-51741 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-51741 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for redis7 fixes the following issues: * CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. (bsc#1235386) * CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution. (bsc#1235387) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-161=1 openSUSE-SLE-15.6-2025-161=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-161=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * redis7-debuginfo-7.0.8-150600.8.6.1 *redis7-debugsource-7.0.8-150600.8.6.1 * redis7-7.0.8-150600.8.6.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * redis7-debuginfo-7.0.8-150600.8.6.1 * redis7-debugsource-7.0.8-150600.8.6.1 * redis7-7.0.8-150600.8.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46981.html * https://www.suse.com/security/cve/CVE-2024-51741.html * https://bugzilla.suse.com/show_bug.cgi?id=1235386 * https://bugzilla.suse.com/show_bug.cgi?id=1235387 . The latest release of Redis 7 resolves two significant concerns regarding remote command execution vulnerabilities and server reliability within the openSUSE environment.. redis7 update, openSUSE security, server applications patch, important advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 17, 2025 Important OpenSUSE
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysecurity issueremote code execution

SUSE: 2025:0161-1 important: redis7 remote code execution risk

* bsc#1235386 * bsc#1235387 Cross-References: * CVE-2024-46981 . # Security update for redis7 Announcement ID: SUSE-SU-2025:0161-1 Release Date: 2025-01-17T14:38:51Z Rating: important References: * bsc#1235386 * bsc#1235387 Cross-References: * CVE-2024-46981 * CVE-2024-51741 CVSS scores: * CVE-2024-46981 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46981 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46981 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-51741 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-51741 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-51741 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for redis7 fixes the following issues: * CVE-2024-51741: Fixed a bug where malformed ACL selectors can trigger a server panic when accessed. (bsc#1235386) * CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution. (bsc#1235387) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-161=1 openSUSE-SLE-15.6-2025-161=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-161=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * redis7-debuginfo-7.0.8-150600.8.6.1 *redis7-debugsource-7.0.8-150600.8.6.1 * redis7-7.0.8-150600.8.6.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * redis7-debuginfo-7.0.8-150600.8.6.1 * redis7-debugsource-7.0.8-150600.8.6.1 * redis7-7.0.8-150600.8.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46981.html * https://www.suse.com/security/cve/CVE-2024-51741.html * https://bugzilla.suse.com/show_bug.cgi?id=1235386 * https://bugzilla.suse.com/show_bug.cgi?id=1235387 . Critical security patch released for redis7 resolving major flaws. Ensure updates are applied to vulnerable installations without delay.. redis7 Security Advisory, SUSE Security Updates, CVSS Ratings, Software Vulnerabilities, Remote Code Execution. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 17, 2025 Important SuSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryupdatepatch

openSUSE Leap 15.5: SUSE-SU-2023:3711-1 Low: Redis7 ACL Bypass

This update for redis7 fixes the following issues: CVE-2023-41053: Fixed SORT_RO may bypass ACL configuration (bsc#1215094).. # Security update for redis7 Announcement ID: SUSE-SU-2023:3711-1 Rating: low References: * #1215094 Cross-References: * CVE-2023-41053 CVSS scores: * CVE-2023-41053 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-41053 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for redis7 fixes the following issues: * CVE-2023-41053: Fixed SORT_RO may bypass ACL configuration (bsc#1215094). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-3711=1 openSUSE-SLE-15.5-2023-3711=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2023-3711=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * redis7-debuginfo-7.0.8-150500.3.6.1 * redis7-debugsource-7.0.8-150500.3.6.1 * redis7-7.0.8-150500.3.6.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * redis7-debuginfo-7.0.8-150500.3.6.1 * redis7-debugsource-7.0.8-150500.3.6.1 * redis7-7.0.8-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-41053.html * https://bugzilla.suse.com/show_bug.cgi?id=1215094 . A crucial security patch for redis7 has been released, dealing with CVE-2023-41053, which fixes an ACL configuration oversight in openSUSE Leap15.5.. Redis Security Update, openSUSE Patch, Redis7 Fix, ACL Bypass Threat. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Sep 20, 2023 Low OpenSUSE
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here