Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 18 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianimportant

Debian 11 LTS DLA-4472-1 Sudo Important Log Issue CVE-2023-28486

Sudo, a program designed to allow a sysadmin to give limited root privileges to users and log root activity, was affected by multiple vulnerabilities. CVE-2023-28486 Sudo did not escape control characters in log messages.. Debian LTS Advisory DLA-4472-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Bastien Roucari��s February 06, 2026 https://wiki.debian.org/LTS Package : sudo Version : 1.9.5p2-3+deb11u3 CVE ID : CVE-2023-28486 CVE-2023-28487 Sudo, a program designed to allow a sysadmin to give limited root privileges to users and log root activity, was affected by multiple vulnerabilities. CVE-2023-28486 Sudo did not escape control characters in log messages. CVE-2023-28487 Sudo did not escape control characters in sudoreplay output. For Debian 11 bullseye, these problems have been fixed in version 1.9.5p2-3+deb11u3. We recommend that you upgrade your sudo packages. For the detailed security status of sudo please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/sudo Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Sudo vulnerabilities in Debian LTS affect log messages and require updates for system integrity and security. Upgrade recommended.. Debian sudo security root privileges updates vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 06, 2026 Important Debian LTS
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderatesecurity fix

openSUSE Leap 15.3: nginx Moderate Security Fix 2025:02542-1

An update that has one security fix can now be installed.. # Security update for nginx Announcement ID: SUSE-SU-2025:02542-1 Release Date: 2025-07-29T08:58:38Z Rating: moderate References: * bsc#1246090 Affected Products: * openSUSE Leap 15.3 An update that has one security fix can now be installed. ## Description: This update for nginx fixes the following issues: Security hardening: \- Drop root priviledges while running logrotatei. (bsc#1246090) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2542=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * nginx-1.19.8-150300.3.15.1 * nginx-debugsource-1.19.8-150300.3.15.1 * nginx-debuginfo-1.19.8-150300.3.15.1 * openSUSE Leap 15.3 (noarch) * nginx-source-1.19.8-150300.3.15.1 * vim-plugin-nginx-1.19.8-150300.3.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1246090 . Enhancement notice for nginx concerning security fortification via reduction of root privileges on openSUSE Leap 15.3. Suggested update is now accessible.. openSUSE, nginx, security update, privilege drop, patch. . LinuxSecurity.com Team

Calendar 2 Jul 29, 2025 OpenSUSE
Banner 3 1028x280 1708121785 1771599793
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorysecurity issuecritical

Ubuntu 16.04 ESM USN-5578-2 Critical: Open VM Tools Root Access Risk

open-vm-tools could be made to run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-5578-2 August 24, 2022 open-vm-tools vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM Summary: open-vm-tools could be made to run programs as an administrator. Software Description: - open-vm-tools: Open VMware Tools for virtual machines hosted on VMware Details: USN-5578-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root privileges inside the virtual machine. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: open-vm-tools 2:10.2.0-3~ubuntu0.16.04.1+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5578-2 https://ubuntu.com/security/notices/USN-5578-1 CVE-2022-31676 . The Open VM Tools flaw identified in Ubuntu 16.04 ESM may permit unauthorized administrative privileges to attackers. It is recommended to apply updates promptly.. Open VM Tools, Ubuntu 16.04 ESM, administrative access, security update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 24, 2022 Critical Ubuntu
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity updatebuffer overflow

openSUSE Leap 15.1: 2021:0169-1 Important: Sudo Buffer Overflow Issue

An update that solves three vulnerabilities and has one errata is now available. . openSUSE Security Update: Security update for sudo ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0169-1 Rating: important References: #1180684 #1180685 #1180687 #1181090 Cross-References: CVE-2021-23239 CVE-2021-23240 CVE-2021-3156 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for sudo fixes the following issues: - A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156] - It was possible for a user to test for the existence of a directory due to a Race Condition in `sudoedit` [bsc#1180684,CVE-2021-23239] - A Possible Symlink Attack vector existed in `sudoedit` if SELinux was running in permissive mode [bsc#1180685, CVE-2021-23240] - It was possible for a User to enable Debug Settings not Intended for them [bsc#1180687] This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2021-169=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): sudo-1.8.22-lp151.5.12.1 sudo-debuginfo-1.8.22-lp151.5.12.1 sudo-debugsource-1.8.22-lp151.5.12.1 sudo-devel-1.8.22-lp151.5.12.1 sudo-test-1.8.22-lp151.5.12.1 References: https://www.suse.com/security/cve/CVE-2021-23239.html https://www.suse.com/security/cve/CVE-2021-23240.html https://www.suse.com/security/cve/CVE-2021-3156.html https://bugzilla.suse.com/1180684 https://bugzilla.suse.com/1180685 https://bugzilla.suse.com/1180687 https://bugzilla.suse.com/1181090 . A vital security patch for sudo in openSUSE resolves significant buffer overflow and race condition vulnerabilities.. openSUSE,Sudo,Security Update,Root Access,Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 27, 2021 Important OpenSUSE
Banner 3 1028x280 1708121785 1771599793
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitygentoo

Gentoo: GLSA-202101-22 High: libvirt Local Escalation Threat

A vulnerability in libvirt may allow root privilege escalation.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202101-22 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: libvirt: Unintended access to /dev/mapper/control Date: January 26, 2021 Bugs: #739948 ID: 202101-22 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in libvirt may allow root privilege escalation. Background ========= libvirt is a C toolkit for manipulating virtual machines. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-emulation/libvirt < 6.7.0 > = 6.7.0 Description ========== A file descriptor for /dev/mapper/control was insufficiently protected. Impact ===== A local attacker may be able to escalate to root privileges. Workaround ========= There is no known workaround at this time. Resolution ========= All libvirt users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-emulation/libvirt-6.7.0" References ========= [ 1 ] CVE-2020-14339 https://nvd.nist.gov/vuln/detail/CVE-2020-14339 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202101-22 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you mayfile a bug at https://bugs.gentoo.org. License ====== Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . A flaw in libvirt exposes local users to potential root privilege escalation. It is recommended to update to version 6.7.0 to address this vulnerability.. libvirt Privilege Escalation,Gentoo Security,Local Privilege Escalation,High Severity Advisory,Access Control Issue. . LinuxSecurity.com Team

Calendar 2 Jan 25, 2021 Gentoo
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryremote accesssoftware issue

Ubuntu 16.04 LTS: USN-3081-2 Critical: Tomcat Remote Access Flaw

The system could be made to run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-3081-2 October 27, 2020 tomcat6 vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: The system could be made to run programs as an administrator. Software Description: - tomcat6: Servlet and JSP engine Details: Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges. (CVE-2016-1240) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libservlet2.5-java 6.0.45+dfsg-1ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3081-2 https://ubuntu.com/security/notices/USN-3081-1 CVE-2016-1240 Package Information: https://launchpad.net/ubuntu/+source/tomcat6/6.0.45+dfsg-1ubuntu0.2 . The Ubuntu Security Notice USN-3082-1 highlights a vulnerability in nginx that could permit unauthorized file access.. ubuntu security notice, tomcat6 advisory, remote access vulnerability, root privilege escalation. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 27, 2020 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryroot privilegescommand injection

Debian DSA-4521-1: Critical Docker.io Security Advisory on Vulnerabilities

Three security vulnerabilities have been discovered in the Docker container runtime: Insecure loading of NSS libraries in "docker cp" could result in execution of code with root privileges, sensitive data could be logged in debug mode and there was a command injection . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4521-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff September 09, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : docker.io CVE ID : CVE-2019-13139 CVE-2019-13509 CVE-2019-14271 Three security vulnerabilities have been discovered in the Docker container runtime: Insecure loading of NSS libraries in "docker cp" could result in execution of code with root privileges, sensitive data could be logged in debug mode and there was a command injection vulnerability in the "docker build" command. For the stable distribution (buster), these problems have been fixed in version 18.09.1+dfsg1-7.1+deb10u1. We recommend that you upgrade your docker.io packages. For the detailed security status of docker.io please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/docker.io Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Three critical weaknesses discovered in the Docker container environment necessitate immediate attention to strengthen defenses and mitigate potential threats.. Security Advisory, Docker Security, Command Injection, Data Logging, Root Privileges. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 09, 2019 Critical Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorybuffer overflowdebian

Debian: DSA-4517-1 Critical: Exim4 Buffer Overflow Risk

"Zerons" and Qualys discovered that a buffer overflow triggerable in the TLS negotiation code of the Exim mail transport agent could result in the execution of arbitrary code with root privileges. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4517-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff September 06, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : exim4 CVE ID : CVE-2019-15846 "Zerons" and Qualys discovered that a buffer overflow triggerable in the TLS negotiation code of the Exim mail transport agent could result in the execution of arbitrary code with root privileges. For the oldstable distribution (stretch), this problem has been fixed in version 4.89-2+deb9u6. For the stable distribution (buster), this problem has been fixed in version 4.92-8+deb10u2. We recommend that you upgrade your exim4 packages. For the detailed security status of exim4 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/exim4 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . A critical vulnerability discovered in Exim mail service could permit execution of root-level code. Ensure to promptly update exim4 packages to safeguard against potential threats.. Security Advisory, Debian Exim Update, Buffer Overflow Issue, Exim Package Upgrade, Root Access Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 06, 2019 Critical Debian
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here