Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 527
Alerts This Week
Warning Icon 1 527

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 31 articles for you...
100

SUSE rpcbind Moderate Memory Leak Buffer Overflow Vuln 2026-22331-1

# Security update for rpcbind Announcement ID: SUSE-SU-2026:22331-1 Release Date: 2026-06-22T14:34:40Z Rating: moderate References:. # Security update for rpcbind Announcement ID: SUSE-SU-2026:22331-1 Release Date: 2026-06-22T14:34:40Z Rating: moderate References: * bsc#1117217 * bsc#1181400 * bsc#1267212 Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that has three fixes can now be installed. ## Description: This update for rpcbind fixes the following issues * Update to rpcbind 1.2.9 (bsc#1267212) https://lore.kernel.org/linux- nfs/This email address is being protected from spambots. You need JavaScript enabled to view it./ * rpcinfo: stack buffer overflow in rpcinfo rpcbaddrlist() * rpcbind: Stop unauthenticated oversized allocation in PMAPPROC_CALLIT decode * rpcbind: fix memory leak in read_warmstart() * rpcbind: fix memory leaks in network_init() * rpcbind: fix memory leak in init_transport() * Added -v (print version and compile flags) * rpcinfo: Removed a number of "old-style function definition" warnings * man/rpcbind: Update list of options * Comment out ListenStream=@/run/rpcbind.sock * [nfs/nfs-utils/rpcbind] rpcbind: avoid dereferencing NULL from realloc() * systemd/rpcbind.service.in: Add various hardenings options * man/rpcbind: Add Files section to manpage * Moved rpcbind.lock and default configs to /run instead of /var/run ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-1031=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-1031=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * rpcbind-debugsource-1.2.9-160000.1.1 * rpcbind-1.2.9-160000.1.1 *rpcbind-debuginfo-1.2.9-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * rpcbind-debugsource-1.2.9-160000.1.1 * rpcbind-1.2.9-160000.1.1 * rpcbind-debuginfo-1.2.9-160000.1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1117217 * https://bugzilla.suse.com/show_bug.cgi?id=1181400 * https://bugzilla.suse.com/show_bug.cgi?id=1267212 . Critical security updates for rpcbind in SUSE addressing memory leaks and buffer overflow issues. Install patches immediately.. rpcbind update SUSE patch memory leak buffer overflow. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 moderate SuSE
202

openSUSE Leap 16.0 rpcbind Moderate Memory Leak Fix 2026-21019-1

-------------------------------------------------------------. openSUSE security update: security update for rpcbind ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21019-1 Rating: moderate References: * bsc#1117217 * bsc#1181400 * bsc#1267212 Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that has 3 bug fixes can now be installed. Description: This update for rpcbind fixes the following issues - Update to rpcbind 1.2.9 (bsc#1267212) https://lore.kernel.org/linux-nfs/This email address is being protected from spambots. You need JavaScript enabled to view it./ * rpcinfo: stack buffer overflow in rpcinfo rpcbaddrlist() * rpcbind: Stop unauthenticated oversized allocation in PMAPPROC_CALLIT decode * rpcbind: fix memory leak in read_warmstart() * rpcbind: fix memory leaks in network_init() * rpcbind: fix memory leak in init_transport() * Added -v (print version and compile flags) * rpcinfo: Removed a number of "old-style function definition" warnings * man/rpcbind: Update list of options * Comment out ListenStream=@/run/rpcbind.sock * [nfs/nfs-utils/rpcbind] rpcbind: avoid dereferencing NULL from realloc() * systemd/rpcbind.service.in: Add various hardenings options * man/rpcbind: Add Files section to manpage * Moved rpcbind.lock and default configs to /run instead of /var/run Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-1031=1 Package List: - openSUSE Leap 16.0: rpcbind-1.2.9-160000.1.1 . This advisory details the security update for rpcbind in openSUSE Leap 16.0, addressing issues such as memory leaks and buffer overflow.. openSUSE, rpcbind, security update, moderate, memory leak. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 moderate OpenSUSE
100

SUSE Linux Micro 6.2 rpcbind Moderate Threat Fix 2026-22259-1

# Security update for rpcbind Announcement ID: SUSE-SU-2026:22259-1 Release Date: 2026-06-22T14:41:38Z Rating: moderate References:. # Security update for rpcbind Announcement ID: SUSE-SU-2026:22259-1 Release Date: 2026-06-22T14:41:38Z Rating: moderate References: * bsc#1117217 * bsc#1181400 * bsc#1267212 Affected Products: * SUSE Linux Micro 6.2 An update that has three fixes can now be installed. ## Description: This update for rpcbind fixes the following issues * Update to rpcbind 1.2.9 (bsc#1267212) https://lore.kernel.org/linux- nfs/This email address is being protected from spambots. You need JavaScript enabled to view it./ * rpcinfo: stack buffer overflow in rpcinfo rpcbaddrlist() * rpcbind: Stop unauthenticated oversized allocation in PMAPPROC_CALLIT decode * rpcbind: fix memory leak in read_warmstart() * rpcbind: fix memory leaks in network_init() * rpcbind: fix memory leak in init_transport() * Added -v (print version and compile flags) * rpcinfo: Removed a number of "old-style function definition" warnings * man/rpcbind: Update list of options * Comment out ListenStream=@/run/rpcbind.sock * [nfs/nfs-utils/rpcbind] rpcbind: avoid dereferencing NULL from realloc() * systemd/rpcbind.service.in: Add various hardenings options * man/rpcbind: Add Files section to manpage * Moved rpcbind.lock and default configs to /run instead of /var/run ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-1031=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * rpcbind-debugsource-1.2.9-160000.1.1 * rpcbind-debuginfo-1.2.9-160000.1.1 * rpcbind-1.2.9-160000.1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1117217 * https://bugzilla.suse.com/show_bug.cgi?id=1181400 * https://bugzilla.suse.com/show_bug.cgi?id=1267212 . Amoderate security update for rpcbind on SUSE addressing multiple issues including memory leaks and overflow.. rpcbind moderate update SUSE memory leak overflow. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 29, 2026 moderate SuSE
100

SUSE Linux Micro 6.1 Moderate Security Patch for rpcbind 2026-22069-1

# Security update for rpcbind Announcement ID: SUSE-SU-2026:22069-1 Release Date: 2026-06-04T13:00:55Z Rating: moderate References:. # Security update for rpcbind Announcement ID: SUSE-SU-2026:22069-1 Release Date: 2026-06-04T13:00:55Z Rating: moderate References: * bsc#1117217 * bsc#1267212 Affected Products: * SUSE Linux Micro 6.1 An update that has two fixes can now be installed. ## Description: This update for rpcbind fixes the following issues Update to rpcbind 1.2.9: Security issue: * Fix several memory leaks and buffer overflows (bsc#1267212). Non security issue: * rpcbind fails to start (tumbleweed snapshot 20181120) (bsc#1117217). Changes: * rpcinfo: stack buffer overflow in rpcinfo rpcbaddrlist() * rpcbind: Stop unauthenticated oversized allocation in PMAPPROC_CALLIT decode * rpcbind: fix memory leak in read_warmstart() * rpcbind: fix memory leaks in network_init() * rpcbind: fix memory leak in init_transport() * Added -v (print version and compile flags) * rpcinfo: Removed a number of "old-style function definition" warnings * man/rpcbind: Update list of options * Comment out ListenStream=@/run/rpcbind.sock * [nfs/nfs-utils/rpcbind] rpcbind: avoid dereferencing NULL from realloc() * systemd/rpcbind.service.in: Add various hardenings options * man/rpcbind: Add Files section to manpage * Moved rpcbind.lock and default configs to /run instead of /var/run * rpcinfo: try connecting using abstract address * Listen on an AF_UNIX abstract address if supported * autotools/systemd: call rpcbind with -w only on enabled warm starts * rpcbind: fix double free in init_transport ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-565=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) *rpcbind-debugsource-1.2.9-slfo.1.1_1.1 * rpcbind-1.2.9-slfo.1.1_1.1 * rpcbind-debuginfo-1.2.9-slfo.1.1_1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1117217 * https://bugzilla.suse.com/show_bug.cgi?id=1267212 . SUSE Linux Micro 6.1 rpcbind security patch addresses memory leaks, buffer overflows, and systemd enhancements.. SUSE Linux Micro,rpcbind,security patch,buffer overflow. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 12, 2026 moderate SuSE
172

Ubuntu 20.04 LTS: USN-5123-1 Moderate Nginx Security Fix for DoS Risk

USN-4986-1 caused a regression in rpcbind.. =========================================================================Ubuntu Security Notice USN-4986-4 June 10, 2021 rpcbind regression ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: USN-4986-1 caused a regression in rpcbind. Software Description: - rpcbind: converts RPC program numbers into universal addresses Details: USN-4986-1 fixed a vulnerability in rpcbind. The update caused a regression resulting in rpcbind crashing in certain environments. This update fixes the problem for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that rpcbind incorrectly handled certain large data sizes. A remote attacker could use this issue to cause rpcbind to consume resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: rpcbind 0.2.3-0.2ubuntu0.16.04.1+esm2 Ubuntu 14.04 ESM: rpcbind 0.2.1-2ubuntu2.2+esm2 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4986-4 https://ubuntu.com/security/notices/USN-4986-1 https://bugs.launchpad.net/ubuntu/+source/rpcbind/+bug/1931507 . Ubuntu Security Update USN-4987-5 tackles a regression in rpcbind impacting Ubuntu 14.04 and 16.04 ESM.. rpcbind Update, Ubuntu Security Notice, DoS Attack, rpcbind Regression. . LinuxSecurity.com Team

Calendar%202 Jun 10, 2021 Ubuntu
172

Ubuntu 18.04 LTS USN-4986-3: Moderate Rpcbind Denial of Service

USN-4986-1 caused a regression in rpcbind.. =========================================================================Ubuntu Security Notice USN-4986-3 June 10, 2021 rpcbind regression ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: USN-4986-1 caused a regression in rpcbind. Software Description: - rpcbind: converts RPC program numbers into universal addresses Details: USN-4986-1 fixed a vulnerability in rpcbind. The update caused a regression resulting in rpcbind crashing in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that rpcbind incorrectly handled certain large data sizes. A remote attacker could use this issue to cause rpcbind to consume resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: rpcbind 0.2.3-0.6ubuntu0.18.04.3 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4986-3 https://ubuntu.com/security/notices/USN-4986-1 https://bugs.launchpad.net/ubuntu/+source/rpcbind/+bug/1931507 Package Information: https://launchpad.net/ubuntu/+source/rpcbind/0.2.3-0.6ubuntu0.18.04.3 . Enhance the handling of rpcbind bugs and denial of service flaws in Ubuntu 18.04 LTS.. rpcbind regression, Denial of Service, Ubuntu 18.04 LTS. . LinuxSecurity.com Team

Calendar%202 Jun 10, 2021 Ubuntu
172

Ubuntu 16.04 ESM: 4986-2 Critical: Rpcbind Denial Of Service

rpcbind could be made to consume resources and crash if it received specially crafted network traffic.. =========================================================================Ubuntu Security Notice USN-4986-2 June 09, 2021 rpcbind vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: rpcbind could be made to consume resources and crash if it received specially crafted network traffic. Software Description: - rpcbind: converts RPC program numbers into universal addresses Details: USN-4986-1 fixed a vulnerability in rpcbind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that rpcbind incorrectly handled certain large data sizes. A remote attacker could use this issue to cause rpcbind to consume resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: rpcbind 0.2.3-0.2ubuntu0.16.04.1+esm1 Ubuntu 14.04 ESM: rpcbind 0.2.1-2ubuntu2.2+esm1 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4986-2 https://ubuntu.com/security/notices/USN-4986-1 CVE-2017-8779 . The Ubuntu USN-4986-2 notice pertains to a vulnerability in rpcbind, which could result in a denial of service when subjected to specially designed traffic.. rpcbind Vulnerability, Denial of Service, Ubuntu Security Update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 09, 2021 Critical Ubuntu
172

Ubuntu 18.04 LTS USN-4986-1 Critical Rpcbind DoS Vulnerability Alert

rpcbind could be made to consume resources and crash if it received specially crafted network traffic.. =========================================================================Ubuntu Security Notice USN-4986-1 June 09, 2021 rpcbind vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: rpcbind could be made to consume resources and crash if it received specially crafted network traffic. Software Description: - rpcbind: converts RPC program numbers into universal addresses Details: It was discovered that rpcbind incorrectly handled certain large data sizes. A remote attacker could use this issue to cause rpcbind to consume resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: rpcbind 0.2.3-0.6ubuntu0.18.04.2 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4986-1 CVE-2017-8779 Package Information: https://launchpad.net/ubuntu/+source/rpcbind/0.2.3-0.6ubuntu0.18.04.2 . The rpcbind flaw on Ubuntu poses risks of excessive resource usage and system instability. For further information, refer to advisory USN-4987-1.. rpcbind Security Advisory, Ubuntu 18.04 LTS, Denial of Service Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 09, 2021 Critical Ubuntu
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200