Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
172
security advisorydenial of servicecriticalUbuntu 25.10: Erlang Critical DoS Issue Fix USN-7831-1 CVE-2025-48038
Several security issues were fixed in Erlang.. ========================================================================== Ubuntu Security Notice USN-7831-1 October 21, 2025 erlang vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Erlang. Software Description: - erlang: Concurrent, real-time, distributed functional language Details: It was discovered that Erlang incorrectly handled resource allocation and consumption in the SFTP SSH module. An attacker could possibly use this issue cause Erlang to consume excessive resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 erlang 1:27.3.4.1+dfsg-1ubuntu0.1 erlang-ssh 1:27.3.4.1+dfsg-1ubuntu0.1 Ubuntu 25.04 erlang 1:27.3+dfsg-1ubuntu1.3 erlang-ssh 1:27.3+dfsg-1ubuntu1.3 Ubuntu 24.04 LTS erlang 1:25.3.2.8+dfsg-1ubuntu4.5 erlang-ssh 1:25.3.2.8+dfsg-1ubuntu4.5 Ubuntu 22.04 LTS erlang 1:24.2.1+dfsg-1ubuntu0.6 erlang-ssh 1:24.2.1+dfsg-1ubuntu0.6 Ubuntu 20.04 LTS erlang 1:22.2.7+dfsg-1ubuntu0.5+esm1 Available with Ubuntu Pro erlang-ssh 1:22.2.7+dfsg-1ubuntu0.5+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS erlang 1:20.2.2+dfsg-1ubuntu2+esm2 Available with Ubuntu Pro erlang-ssh 1:20.2.2+dfsg-1ubuntu2+esm2 Available withUbuntu Pro Ubuntu 16.04 LTS erlang 1:18.3-dfsg-1ubuntu3.1+esm2 Available with Ubuntu Pro erlang-ssh 1:18.3-dfsg-1ubuntu3.1+esm2 Available with Ubuntu Pro Ubuntu 14.04 LTS erlang 1:16.b.3-dfsg-1ubuntu2.2+esm1 Available with Ubuntu Pro erlang-ssh 1:16.b.3-dfsg-1ubuntu2.2+esm1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7831-1 CVE-2025-48038, CVE-2025-48039, CVE-2025-48040, CVE-2025-48041 Package Information: https://launchpad.net/ubuntu/+source/erlang/1:27.3.4.1+dfsg-1ubuntu0.1 https://launchpad.net/ubuntu/+source/erlang/1:25.3.2.8+dfsg-1ubuntu4.5 https://launchpad.net/ubuntu/+source/erlang/1:24.2.1+dfsg-1ubuntu0.6 . Multiple security issues in Erlang for Ubuntu fixed; updates recommended for stability and protection against DoS.. Erlang security, Ubuntu updates, resource management, Denial of Service. . Severity: Critical. LinuxSecurity.com Team
Oct 21, 2025
•Critical
Ubuntu
89
security advisorysecurity issuefedoraFedora 42 Release: Critical Update for Kubernetes 1.32 Resource Management
Update to release v1.32.6. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-b8463b0972 2025-06-29 01:03:14.526432+00:00 -------------------------------------------------------------------------------- Name : kubernetes1.32 Product : Fedora 42 Version : 1.32.6 Release : 1.fc42 URL : https://github.com/kubernetes/kubernetes Summary : Open Source Production-Grade Container Scheduling And Management Platform Description : Production-Grade Container Scheduling and Management. Installs kubelet, the kubernetes agent on each machine in a cluster. The kubernetes-client sub-package, containing kubectl, is recommended but not strictly required. The kubernetes-client sub-package should be installed on control plane machines. -------------------------------------------------------------------------------- Update Information: Update to release v1.32.6 -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 19 2025 Bradley G Smith - 1.32.6-1 - Update to release v1.32.6 - Resolves: rhbz#2373848,rhbz#2373847 - Resolves: CVE-2025-4563 - Upstream fixes and cleanups -------------------------------------------------------------------------------- References: [ 1 ] Bug #2373847 - CVE-2025-4563 kubernetes1.32: NodeRestriction Admission Controller Dynamic Resource Allocation Bypass [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2373847 [ 2 ] Bug #2373848 - CVE-2025-4563 kubernetes1.32: NodeRestriction Admission Controller Dynamic Resource Allocation Bypass [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2373848 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-b8463b0972' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 29, 2025
•Critical
Fedora
197
security advisorydenial of serviceDebianDebian 10 LTS: DLA-3834-1 Critical: Netty Denial Of Service Fix
Julien Viet discovered that Netty, a Java NIO client/server socket framework, was vulnerable to allocation of resources without limits or throttling due to the accumulation of data in the HttpPostRequestDecoder. This would allow an attacker to cause a denial of service. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3834-1
Jun 21, 2024
•Critical
Debian LTS
100
security advisorymoderateremote code executionSUSE: 2018:2305-1 Moderate: ffmpeg Security Issues Fixed
An update that fixes 5 vulnerabilities is now available. . SUSE Security Update: Security update for ffmpeg ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:2305-1 Rating: moderate References: #1100356 #1102687 #1102688 #1102689 #1102899 Cross-References: CVE-2018-13302 CVE-2018-1999010 CVE-2018-1999011 CVE-2018-1999012 CVE-2018-1999013 Affected Products: SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Module for Desktop Applications 15 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for ffmpeg fixes the following issues: Security issues fixed: - CVE-2018-13302: Fixed out of array access issue (bsc#1100356). - CVE-2018-1999010: Fixed multiple out of array access vulnerabilities in the mms protocol that could result in accessing out of bound data via specially crafted input files (bnc#1102899) - CVE-2018-1999011: Fixed a heap buffer overflow in asf_o format demuxer that could result in remote code execution (bnc#1102689) - CVE-2018-1999012: Fixed an infinite loop vulnerability in pva format demuxer that could result in excessive amount of ressource allocation like CPU an RAM (CVE-2018-1999012 bnc#1102688). - CVE-2018-1999013: Fixed an use-after-free vulnerability in the realmedia demuxer that could allow remote attackers to read heap memory (bnc#1102687) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15: zypper in -t patch SUSE-SLE-Product-WE-15-2018-1544=1 - SUSE Linux Enterprise Module for Desktop Applications 15: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-1544=1 Package List: - SUSE Linux Enterprise Workstation Extension 15 (x86_64): ffmpeg-debuginfo-3.4.2-4.5.1 ffmpeg-debugsource-3.4.2-4.5.1 libavcodec-devel-3.4.2-4.5.1 libavformat-devel-3.4.2-4.5.1 libavformat57-3.4.2-4.5.1 libavformat57-debuginfo-3.4.2-4.5.1 libavresample-devel-3.4.2-4.5.1 libavresample3-3.4.2-4.5.1 libavresample3-debuginfo-3.4.2-4.5.1 - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64): ffmpeg-debuginfo-3.4.2-4.5.1 ffmpeg-debugsource-3.4.2-4.5.1 libavcodec57-3.4.2-4.5.1 libavcodec57-debuginfo-3.4.2-4.5.1 libavutil-devel-3.4.2-4.5.1 libavutil55-3.4.2-4.5.1 libavutil55-debuginfo-3.4.2-4.5.1 libpostproc-devel-3.4.2-4.5.1 libpostproc54-3.4.2-4.5.1 libpostproc54-debuginfo-3.4.2-4.5.1 libswresample-devel-3.4.2-4.5.1 libswresample2-3.4.2-4.5.1 libswresample2-debuginfo-3.4.2-4.5.1 libswscale-devel-3.4.2-4.5.1 libswscale4-3.4.2-4.5.1 libswscale4-debuginfo-3.4.2-4.5.1 References: https://www.suse.com/security/cve/CVE-2018-13302.html https://www.suse.com/security/cve/CVE-2018-1999010.html https://www.suse.com/security/cve/CVE-2018-1999011.html https://www.suse.com/security/cve/CVE-2018-1999012.html https://www.suse.com/security/cve/CVE-2018-1999013.html https://bugzilla.suse.com/1100356 https://bugzilla.suse.com/1102687 https://bugzilla.suse.com/1102688 https://bugzilla.suse.com/1102689 https://bugzilla.suse.com/1102899 . A patch for SUSE that resolves various vulnerabilities in libavcodec, boosting overall system security and stability.. SUSE Update, ffmpeg Security, Software Update, Patch Management. . LinuxSecurity.com Team
Aug 11, 2018
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!