Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 33 articles for you...
89
security advisoryfedorainformation disclosureFedora 43 SDL2_image Release 2.8.12 Bugfix Info Disclosure 2026-f1f87b465a
Update to bugfix release 2.8.12.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-f1f87b465a 2026-05-19 01:33:21.199267+00:00 -------------------------------------------------------------------------------- Name : SDL2_image Product : Fedora 43 Version : 2.8.12 Release : 1.fc43 URL : https://github.com/libsdl-org/SDL_image Summary : Image loading library for SDL Description : Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This package contains a simple library for loading images of various formats (BMP, PPM, PCX, GIF, JPEG, PNG) as SDL surfaces. -------------------------------------------------------------------------------- Update Information: Update to bugfix release 2.8.12. -------------------------------------------------------------------------------- ChangeLog: * Sun May 10 2026 Simone Caronni - 2.8.12-1 - Update to 2.8.12 * Fri Jan 16 2026 Fedora Release Engineering - 2.8.8-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 2.8.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2455888 - CVE-2026-35444 SDL2_image: SDL_image: Information disclosure via crafted XCF files [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455888 [ 2 ] Bug #2455889 - CVE-2026-35444 SDL2_image: SDL_image: Information disclosure via crafted XCF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2455889 [ 3 ] Bug #2456290 - SDL2_image-2.8.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2456290 -------------------------------------------------------------------------------- This update can be installed with the "dnf" updateprogram. Use su -c 'dnf upgrade --advisory FEDORA-2026-f1f87b465a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 19, 2026
•Informational
Fedora
89
security advisoryfedoraversion updateFedora 42: Critical NextCloud 32.0.2 Authorization Bypass Advisory
32.0.2 release RHBZ#2416087 RHBZ#2415750 RHBZ#2415751 RHBZ#2415752 RHBZ#2415753. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-f62aee4fe6 2025-12-03 01:05:22.296742+00:00 -------------------------------------------------------------------------------- Name : nextcloud Product : Fedora 42 Version : 32.0.2 Release : 1.fc42 URL : http://nextcloud.com Summary : Private file sync and share server Description : NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing right on the web. NextCloud is extendable via a simple but powerful API for applications and plugins. -------------------------------------------------------------------------------- Update Information: 32.0.2 release RHBZ#2416087 RHBZ#2415750 RHBZ#2415751 RHBZ#2415752 RHBZ#2415753 -------------------------------------------------------------------------------- ChangeLog: * Mon Nov 24 2025 Andrew Bauer - 32.0.2-1 - 32.0.2 release RHBZ#2416087 RHBZ#2415750 RHBZ#2415751 RHBZ#2415752 RHBZ#2415753 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2415750 - CVE-2025-64500 nextcloud: Symfony HttpFoundation: Limited authorization bypass [epel-10] https://bugzilla.redhat.com/show_bug.cgi?id=2415750 [ 2 ] Bug #2415751 - CVE-2025-64500 nextcloud: Symfony HttpFoundation: Limited authorization bypass [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2415751 [ 3 ] Bug #2415752 - CVE-2025-64500 nextcloud: Symfony HttpFoundation: Limited authorization bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2415752 [ 4 ] Bug #2415753 - CVE-2025-64500 nextcloud: Symfony HttpFoundation: Limited authorization bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2415753 [ 5 ] Bug #2416087 - nextcloud-32.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2416087 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f62aee4fe6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Dec 03, 2025
•Critical
Fedora
89
security advisoryfedoraupdateFedora 42: python-spotipy Update 2025-9501cd4d8c to Version 2.25.2
update to version 2.25.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-9501cd4d8c 2025-12-02 01:30:54.608324+00:00 -------------------------------------------------------------------------------- Name : python-spotipy Product : Fedora 42 Version : 2.25.2 Release : 1.fc42 URL : https://github.com/spotipy-dev/spotipy Summary : A light weight Python library for the Spotify Web API Description : A light weight Python library for the Spotify Web API -------------------------------------------------------------------------------- Update Information: update to version 2.25.2 -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 26 2025 Bill Pemberton - 2.25.2-1 - update to version 2.25.2 * Fri Sep 19 2025 Python Maint - 2.25.1-5 - Rebuilt for Python 3.14.0rc3 bytecode * Fri Aug 15 2025 Python Maint - 2.25.1-4 - Rebuilt for Python 3.14.0rc2 bytecode * Fri Jul 25 2025 Fedora Release Engineering - 2.25.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Tue Jun 3 2025 Python Maint - 2.25.1-2 - Rebuilt for Python 3.14 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-9501cd4d8c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Dec 02, 2025
•Informational
Fedora
89
security advisoryfedoraupdateFedora 42: Firefox 143.0 Upstream Release Update FEDORA-2025-4dca10ca2c
New upstream release (143.0). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-4dca10ca2c 2025-09-17 00:56:08.077719+00:00 -------------------------------------------------------------------------------- Name : firefox Product : Fedora 42 Version : 143.0 Release : 1.fc42 URL : https://www.firefox.com/ Summary : Mozilla Firefox Web browser Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. -------------------------------------------------------------------------------- Update Information: New upstream release (143.0) -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 10 2025 Martin Stransky - 143.0-1 - Updated to 143.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-4dca10ca2c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Sep 17, 2025
•Informational
Fedora
89
security advisoryfedoraupdateFedora 42: matrix-synapse 1.135.2 Security Advisory FEDORA-2025-9e0e3043af
Update to 1.135.2 Update to 1.135.0. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-9e0e3043af 2025-08-13 01:15:46.336976+00:00 -------------------------------------------------------------------------------- Name : matrix-synapse Product : Fedora 42 Version : 1.135.2 Release : 1.fc42 URL : https://github.com/element-hq/synapse Summary : A Matrix reference homeserver written in Python using Twisted Description : Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in the context of a coded base and let you run your own homeserver and generally help bootstrap the ecosystem. -------------------------------------------------------------------------------- Update Information: Update to 1.135.2 Update to 1.135.0 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 11 2025 Jonathan Schleifer - 1.135.2-1 - Update to v1.135.2 * Sun Aug 10 2025 Jonathan Schleifer - 1.135.0-1 - Update to v1.135.0 * Thu Jul 24 2025 Fedora Release Engineering - 1.133.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-9e0e3043af' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Aug 13, 2025
•Important
Fedora
172
security advisorycriticalsoftware updateUbuntu 24.04: Linux Kernel Critical Security Issue USN-7651-2
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7651-2 July 18, 2025 linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-ibm: Linux kernel for IBM cloud systems - linux-lowlatency: Linux low latency kernel - linux-ibm-6.8: Linux kernel for IBM cloud systems - linux-lowlatency-hwe-6.8: Linux low latency kernel Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Drivers core; - Network block device driver; - Character device driver; - TPM device driver; - Clock framework and drivers; - FireWire subsystem; - GPU drivers; - HID subsystem; - I3C subsystem; - InfiniBand drivers; - IOMMU subsystem; - Media drivers; - NVIDIA Tegra memory controller driver; - Fastrpc Driver; - Network drivers; - Operating Performance Points (OPP) driver; - PCI subsystem; - x86 platform drivers; - PPS (Pulse Per Second) driver; - PTP clock framework; - Remote Processor subsystem; - Real Time Clock drivers; - SCSI subsystem; - QCOM SoC drivers; - Media staging drivers; - TTY drivers; - UFS subsystem; - USB Gadget drivers; - USB Host Controller drivers; - File systems infrastructure; - BTRFS file system; - F2FS file system; - NILFS2 file system; - SMB network file system; - UBI file system; - Timer subsystem; - KVM subsystem; - Networking core; - ptr_ring data structure definitions; -Networking subsytem; - Amateur Radio drivers; - XFRM subsystem; - Tracing infrastructure; - BPF subsystem; - Padata parallel execution mechanism; - printk logging mechanism; - Memory management; - Bluetooth subsystem; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NFC subsystem; - Rose network layer; - RxRPC session sockets; - Network traffic control; - Landlock security; - Linux Security Modules (LSM) Framework; - Tomoyo security module; - SoC audio core drivers; (CVE-2024-57980, CVE-2024-57999, CVE-2025-21727, CVE-2024-58058, CVE-2024-58052, CVE-2025-21739, CVE-2025-21722, CVE-2024-58072, CVE-2025-21748, CVE-2024-57993, CVE-2024-58003, CVE-2024-58077, CVE-2025-21734, CVE-2024-58070, CVE-2025-21719, CVE-2024-58006, CVE-2025-21826, CVE-2024-58061, CVE-2025-21745, CVE-2025-21715, CVE-2024-58078, CVE-2025-21829, CVE-2024-49887, CVE-2025-21742, CVE-2025-21721, CVE-2025-21724, CVE-2025-21828, CVE-2025-21814, CVE-2025-21801, CVE-2024-57953, CVE-2024-58081, CVE-2024-58080, CVE-2025-21753, CVE-2025-21732, CVE-2025-21811, CVE-2025-37974, CVE-2024-58068, CVE-2024-58010, CVE-2024-58011, CVE-2024-58085, CVE-2025-21714, CVE-2025-21705, CVE-2025-21735, CVE-2024-58001, CVE-2024-58082, CVE-2024-58055, CVE-2025-21743, CVE-2025-21716, CVE-2024-57998, CVE-2025-21731, CVE-2024-58017, CVE-2024-58053, CVE-2025-21808, CVE-2024-57997, CVE-2024-58016, CVE-2024-58076, CVE-2025-21710, CVE-2025-21738, CVE-2025-21809, CVE-2025-21733, CVE-2025-21810, CVE-2024-57996, CVE-2024-58005, CVE-2025-21720, CVE-2025-21728, CVE-2024-58054, CVE-2024-58057, CVE-2025-21725, CVE-2025-21812, CVE-2025-21830, CVE-2024-58014, CVE-2025-21832, CVE-2024-58002, CVE-2025-21802, CVE-2024-57986, CVE-2025-21749, CVE-2024-58018, CVE-2024-57984, CVE-2025-21736, CVE-2024-58079, CVE-2024-58034, CVE-2024-57973, CVE-2024-57974, CVE-2025-21718, CVE-2025-21723, CVE-2024-58019, CVE-2025-21820, CVE-2024-58013, CVE-2025-21707, CVE-2024-58071, CVE-2025-21711, CVE-2024-58056, CVE-2024-58007,CVE-2024-58051, CVE-2025-21815, CVE-2024-57982, CVE-2025-21799, CVE-2025-21754, CVE-2025-21708, CVE-2025-21798, CVE-2024-57979, CVE-2024-57981, CVE-2024-58069, CVE-2025-21744, CVE-2025-21741, CVE-2024-58063, CVE-2024-58083, CVE-2024-57994, CVE-2025-21804, CVE-2025-21825, CVE-2024-57990, CVE-2025-21726, CVE-2025-21806, CVE-2024-57975, CVE-2025-21750, CVE-2025-21816, CVE-2025-37750) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.8.0-1029-ibm 6.8.0-1029.29 linux-image-6.8.0-64-lowlatency 6.8.0-64.67.1 linux-image-6.8.0-64-lowlatency-64k 6.8.0-64.67.1 linux-image-ibm 6.8.0-1029.29 linux-image-ibm-6.8 6.8.0-1029.29 linux-image-ibm-classic 6.8.0-1029.29 linux-image-ibm-lts-24.04 6.8.0-1029.29 linux-image-lowlatency 6.8.0-64.67.1 linux-image-lowlatency-6.8 6.8.0-64.67.1 linux-image-lowlatency-64k 6.8.0-64.67.1 linux-image-lowlatency-64k-6.8 6.8.0-64.67.1 Ubuntu 22.04 LTS linux-image-6.8.0-1029-ibm 6.8.0-1029.29~22.04.1 linux-image-6.8.0-64-lowlatency 6.8.0-64.67.1~22.04.1 linux-image-6.8.0-64-lowlatency-64k 6.8.0-64.67.1~22.04.1 linux-image-ibm-6.8 6.8.0-1029.29~22.04.1 linux-image-lowlatency-6.8 6.8.0-64.67.1~22.04.1 linux-image-lowlatency-64k-6.8 6.8.0-64.67.1~22.04.1 linux-image-lowlatency-64k-hwe-22.04 6.8.0-64.67.1~22.04.1 linux-image-lowlatency-hwe-22.04 6.8.0-64.67.1~22.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this aswell. References: https://ubuntu.com/security/notices/USN-7651-2 https://ubuntu.com/security/notices/USN-7651-1 CVE-2024-49887, CVE-2024-57953, CVE-2024-57973, CVE-2024-57974, CVE-2024-57975, CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57982, CVE-2024-57984, CVE-2024-57986, CVE-2024-57990, CVE-2024-57993, CVE-2024-57994, CVE-2024-57996, CVE-2024-57997, CVE-2024-57998, CVE-2024-57999, CVE-2024-58001, CVE-2024-58002, CVE-2024-58003, CVE-2024-58005, CVE-2024-58006, CVE-2024-58007, CVE-2024-58010, CVE-2024-58011, CVE-2024-58013, CVE-2024-58014, CVE-2024-58016, CVE-2024-58017, CVE-2024-58018, CVE-2024-58019, CVE-2024-58034, CVE-2024-58051, CVE-2024-58052, CVE-2024-58053, CVE-2024-58054, CVE-2024-58055, CVE-2024-58056, CVE-2024-58057, CVE-2024-58058, CVE-2024-58061, CVE-2024-58063, CVE-2024-58068, CVE-2024-58069, CVE-2024-58070, CVE-2024-58071, CVE-2024-58072, CVE-2024-58076, CVE-2024-58077, CVE-2024-58078, CVE-2024-58079, CVE-2024-58080, CVE-2024-58081, CVE-2024-58082, CVE-2024-58083, CVE-2024-58085, CVE-2025-21705, CVE-2025-21707, CVE-2025-21708, CVE-2025-21710, CVE-2025-21711, CVE-2025-21714, CVE-2025-21715, CVE-2025-21716, CVE-2025-21718, CVE-2025-21719, CVE-2025-21720, CVE-2025-21721, CVE-2025-21722, CVE-2025-21723, CVE-2025-21724, CVE-2025-21725, CVE-2025-21726, CVE-2025-21727, CVE-2025-21728, CVE-2025-21731, CVE-2025-21732, CVE-2025-21733, CVE-2025-21734, CVE-2025-21735, CVE-2025-21736, CVE-2025-21738, CVE-2025-21739, CVE-2025-21741, CVE-2025-21742, CVE-2025-21743, CVE-2025-21744, CVE-2025-21745, CVE-2025-21748, CVE-2025-21749, CVE-2025-21750, CVE-2025-21753, CVE-2025-21754, CVE-2025-21798, CVE-2025-21799, CVE-2025-21801, CVE-2025-21802, CVE-2025-21804, CVE-2025-21806, CVE-2025-21808, CVE-2025-21809, CVE-2025-21810, CVE-2025-21811, CVE-2025-21812, CVE-2025-21814, CVE-2025-21815, CVE-2025-21816, CVE-2025-21820, CVE-2025-21825, CVE-2025-21826, CVE-2025-21828, CVE-2025-21829, CVE-2025-21830, CVE-2025-21832, CVE-2025-37750, CVE-2025-37974 Package Information: https://launchpad.net/ubuntu/+source/linux-ibm/6.8.0-1029.29 https://launchpad.net/ubuntu/+source/linux-lowlatency/6.8.0-64.67.1 https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-6.8/6.8.0-64.67.1~22.04.1 . An important alert for Ubuntu addresses several vulnerabilities in the kernel that require immediate action to ensure the safety of the system.. Ubuntu Security, Linux Kernel Update, Critical Security Advisory. . Severity: Critical. LinuxSecurity.com Team
Jul 18, 2025
•Critical
Ubuntu
89
security advisoryFedoraDoSFedora 42: 2025-c546fd3f09 critical: qt6 Remote Objects DoS
Qt 6.9.1 bugfix release.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-c546fd3f09 2025-06-11 02:45:06.590648+00:00 -------------------------------------------------------------------------------- Name : qt6-qtremoteobjects Product : Fedora 42 Version : 6.9.1 Release : 1.fc42 URL : http://www.qt.io Summary : Qt6 - Qt Remote Objects Description : Qt Remote Objects (QtRO) is an inter-process communication (IPC) module developed for Qt. -------------------------------------------------------------------------------- Update Information: Qt 6.9.1 bugfix release. -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 2 2025 Jan Grulich - 6.9.1-1 - 6.9.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2369872 - CVE-2025-5455 qt6: QtCore Assertion Failure Denial of Service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2369872 [ 2 ] Bug #2371133 - CVE-2025-5683 qt5: Qt ICNS Image Crash Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2371133 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-c546fd3f09' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 11, 2025
•Critical
Fedora
202
security advisoryupdatepatchopenSUSE 15.6: 2025:0754-1 Important: Wireshark Stack Overflow Issue
An update that solves one vulnerability can now be installed.. # Security update for wireshark Announcement ID: SUSE-SU-2025:0754-1 Release Date: 2025-02-28T16:31:33Z Rating: important References: * bsc#1237414 Cross-References: * CVE-2025-1492 CVSS scores: * CVE-2025-1492 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1492 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1492 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for wireshark fixes the following issues: Update to version 4.2.11: * CVE-2025-1492: uncontrolled recursion leading to a stack buffer overflow can cause Bundle Protocol and CBOR dissector to crash (bsc#1237414). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-754=1 openSUSE-SLE-15.6-2025-754=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-754=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-754=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libwiretap14-debuginfo-4.2.11-150600.18.20.1 * libwsutil15-4.2.11-150600.18.20.1 * libwsutil15-debuginfo-4.2.11-150600.18.20.1 * wireshark-ui-qt-4.2.11-150600.18.20.1 * wireshark-ui-qt-debuginfo-4.2.11-150600.18.20.1 * libwireshark17-4.2.11-150600.18.20.1 *wireshark-4.2.11-150600.18.20.1 * wireshark-debuginfo-4.2.11-150600.18.20.1 * wireshark-debugsource-4.2.11-150600.18.20.1 * wireshark-devel-4.2.11-150600.18.20.1 * libwiretap14-4.2.11-150600.18.20.1 * libwireshark17-debuginfo-4.2.11-150600.18.20.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libwiretap14-debuginfo-4.2.11-150600.18.20.1 * libwsutil15-4.2.11-150600.18.20.1 * libwsutil15-debuginfo-4.2.11-150600.18.20.1 * libwireshark17-4.2.11-150600.18.20.1 * wireshark-4.2.11-150600.18.20.1 * wireshark-debuginfo-4.2.11-150600.18.20.1 * wireshark-debugsource-4.2.11-150600.18.20.1 * libwiretap14-4.2.11-150600.18.20.1 * libwireshark17-debuginfo-4.2.11-150600.18.20.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wireshark-ui-qt-4.2.11-150600.18.20.1 * wireshark-ui-qt-debuginfo-4.2.11-150600.18.20.1 * wireshark-debugsource-4.2.11-150600.18.20.1 * wireshark-debuginfo-4.2.11-150600.18.20.1 * wireshark-devel-4.2.11-150600.18.20.1 ## References: * https://www.suse.com/security/cve/CVE-2025-1492.html * https://bugzilla.suse.com/show_bug.cgi?id=1237414 . SUSE provides a vital patch for Wireshark to address serious security flaws and avert system failures for enhanced protection.. SUSE Security Update, Wireshark Patch, Stack Overflow Bug. . Severity: Important. LinuxSecurity.com Team
Feb 28, 2025
•Important
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!