Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicegentoo

Gentoo Linux GLSA-202210-11 Low: schroot Denial Of Service

A vulnerability has been discovered in schroot which could result in denial of service of the schroot service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202210-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: schroot: Denial of Service Date: October 31, 2022 Bugs: #867016 ID: 202210-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability has been discovered in schroot which could result in denial of service of the schroot service. Background ========= schroot is a utility to execute commands in a chroot environment. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-util/schroot < 1.6.13_p2 > = 1.6.13_p2 Description ========== schroot is unecessarily permissive in rules regarding chroot and session names. Impact ===== A crafted chroot or session name can break the internal state of the schroot service, leading to denial of service. Workaround ========= There is no known workaround at this time. Resolution ========= All schroot users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-util/schroot-1.6.13" References ========= [ 1 ] CVE-2022-2787 https://nvd.nist.gov/vuln/detail/CVE-2022-2787 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202210-11 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of ourusers' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . An issue within the userspace tool can result in system instability. Ensure you upgrade to the newest release to reduce potential threats.. Gentoo Linux, schroot update, service interruption, security patch. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Oct 30, 2022 Low Gentoo
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderatedenial of service

Mageia 8: MGASA-2022-0329 Moderate: Schroot Denial Of Service

Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. (CVE-2022-2787) References: . MGASA-2022-0329 - Updated schroot packages fix security vulnerability Publication date: 16 Sep 2022 URL: https://advisories.mageia.org/MGASA-2022-0329.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-2787 Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. (CVE-2022-2787) References: - https://bugs.mageia.org/show_bug.cgi?id=30758 - https://lists.debian.org/debian-security-announce/2022/msg00182.html - https://www.cve.org/CVERecord?id=CVE-2022-2787 SRPMS: - 8/core/schroot-1.7.2-18.1.mga8 . Recent enhancements to Schroot address a denial of service vulnerability in Mageia, improving both security and stability for its users.. Schroot Update, Mageia Security, Denial Of Service, Security Patch. . LinuxSecurity.com Team

Calendar 2 Sep 16, 2022 Mageia
Banner 4 1028x280 1708121825 1771600306
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicemoderate severity

Ubuntu 22.04 LTS: 5584-1 Moderate: Schroot Denial Of Service

Schroot could be made to denial of service if certain schroot names are used.. =========================================================================Ubuntu Security Notice USN-5584-1 August 29, 2022 schroot vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM Summary: Schroot could be made to denial of service if certain schroot names are used. Software Description: - schroot: Execute commands in a chroot environment Details: It was discovered that Schroot incorrectly handled certain Schroot names. An attacker could possibly use this issue to break schroot's internal state causing a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: schroot 1.6.10-12ubuntu3.1 Ubuntu 20.04 LTS: schroot 1.6.10-9ubuntu0.1 Ubuntu 18.04 LTS: schroot 1.6.10-4ubuntu0.1 Ubuntu 16.04 ESM: schroot 1.6.10-1ubuntu3+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5584-1 CVE-2022-2787 Package Information: https://launchpad.net/ubuntu/+source/schroot/1.6.10-12ubuntu3.1 https://launchpad.net/ubuntu/+source/schroot/1.6.10-9ubuntu0.1 https://launchpad.net/ubuntu/+source/schroot/1.6.10-4ubuntu0.1 . A critical vulnerability in Ubuntu's Schroot functionality may result in a denial of service under specific conditions. Urgent action is needed to apply necessary updates.. Schroot Vulnerability, Ubuntu Security, Denial of Service. . LinuxSecurity.com Team

Calendar 2 Aug 29, 2022 Ubuntu
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of serviceDebian

Debian Bullseye DSA-5213-1: Critical Schroot Denial Of Service

Julian Gilbey discovered that schroot, a tool allowing users to execute commands in a chroot environment, had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5213-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso August 18, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : schroot CVE ID : CVE-2022-2787 Julian Gilbey discovered that schroot, a tool allowing users to execute commands in a chroot environment, had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. Note that existing chroots and sessions are checked during upgrade, and an upgrade is aborted if any future invalid name is detected. Problematic session and chroots can be checked before upgrading with the following command: schroot --list --all | LC_ALL=C grep -vE '^[a-z]+:[a-zA-Z0-9][a-zA-Z0-9_.-]*$' See for instructions on how to resolve such a situation. For the stable distribution (bullseye), this problem has been fixed in version 1.6.10-12+deb11u1. We recommend that you upgrade your schroot packages. For the detailed security status of schroot please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/schroot Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Bulletin DSA-5214-2 highlights a vulnerability in pkg-config that could impact package configuration processes.. Debian Security, schroot update,denial of service, chroot commands. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 18, 2022 Critical Debian
Banner 4 1028x280 1708121825 1771600306
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysecurity updatecritical

Debian 10 Buster DLA-3075-1 Critical: Schroot Denial of Service

Julian Gilbey discovered that schroot, a tool allowing users to execute commands in a chroot environment, had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3075-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Salvatore Bonaccorso August 18, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : schroot Version : 1.6.10-6+deb10u1 CVE ID : CVE-2022-2787 Julian Gilbey discovered that schroot, a tool allowing users to execute commands in a chroot environment, had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session. Note that existing chroots and sessions are checked during upgrade, and an upgrade is aborted if any future invalid name is detected. Problematic session and chroots can be checked before upgrading with the following command: schroot --list --all | LC_ALL=C grep -vE '^[a-z]+:[a-zA-Z0-9][a-zA-Z0-9_.-]*$' See for instructions on how to resolve such a situation. For Debian 10 buster, this problem has been fixed in version 1.6.10-6+deb10u1. We recommend that you upgrade your schroot packages. For the detailed security status of schroot please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/schroot Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance Debian LTS security by updating the schroot package to fix vulnerabilities in session name handling and prevent potential DoS attacks. schroot update, denial of service, debian security, user commands.. Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 18, 2022 Critical Debian LTS
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here