Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 50 articles for you...
89
security advisoryfedoraupdateFedora 41: drupal7 Critical Update SA-CORE-2024-005 CVE-2024-55635
https:// https:// https:// https:// https://. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-d645721ca4 2025-11-29 16:05:06.047940+00:00 -------------------------------------------------------------------------------- Name : drupal7 Product : Fedora 41 Version : 7.103 Release : 1.fc41 URL : https:// Summary : An open-source content-management platform Description : Equipped with a powerful blend of features, Drupal is a Content Management System written in PHP that can support a variety of websites ranging from personal weblogs to large community-driven websites. Drupal is highly configurable, skinnable, and secure. -------------------------------------------------------------------------------- Update Information: https:// https:// https:// https:// https:// https:// https:// -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 19 2025 Shawn Iwinski - 7.103-1 - Update to 7.103 (RHBZ #2253220) - SA-CORE-2024-005 / CVE-2024-55635 - SA-CORE-2024-008 / CVE-2024-55638 * Wed Jul 23 2025 Fedora Release Engineering - 7.98-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Thu Jan 16 2025 Fedora Release Engineering - 7.98-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Wed Aug 28 2024 Miroslav Such - 7.98-5 - convert license to SPDX -------------------------------------------------------------------------------- References: [ 1 ] Bug #2253220 - drupal7-7.103 is available https://bugzilla.redhat.com/show_bug.cgi?id=2253220 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-d645721ca4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages aresigned with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Critical Fedora update released for drupal7 addressing core vulnerabilities with strong recommendations for installation.. Fedora security advisory, drupal7 update, software vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
Nov 29, 2025
•Critical
Fedora
89
security advisoryupdateFedoraFedora 40: 2025-6f07616b52 severe: rust-snphost openssl update
Update the openssl crate to version 0.10.70 and the openssl-sys crate to version 0.9.105. This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all packages that statically link the openssl crate.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-6f07616b52 2025-02-13 02:00:53.381620+00:00 -------------------------------------------------------------------------------- Name : rust-snphost Product : Fedora 40 Version : 0.5.0 Release : 3.fc40 URL : https://crates.io/crates/snphost Summary : Administrative utility for AMD SEV-SNP Description : Administrative utility for AMD SEV-SNP. -------------------------------------------------------------------------------- Update Information: Update the openssl crate to version 0.10.70 and the openssl-sys crate to version 0.9.105. This includes a fix for RUSTSEC-2025-0004 / CVE-2025-0977 and rebuilds of all packages that statically link the openssl crate. -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 6 2025 Fabio Valentini - 0.5.0-3 - Rebuild for openssl crate > = v0.10.70 (RUSTSEC-2025-0004) * Sun Jan 19 2025 Fedora Release Engineering - 0.5.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2343478 - CVE-2025-0977 rust-openssl: ssl::select_next_proto use after free [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2343478 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6f07616b52' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed withthe Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 13, 2025
•Critical
Fedora
217
security advisorysecurity issueupdateOracle Linux 7: ELSA-2024-12610 Important Kernel Security Update
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12610 http://linux.oracle.com/errata/ELSA-2024-12610.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-5.4.17-2136.335.4.el7uek.x86_64.rpm kernel-uek-debug-5.4.17-2136.335.4.el7uek.x86_64.rpm kernel-uek-debug-devel-5.4.17-2136.335.4.el7uek.x86_64.rpm kernel-uek-devel-5.4.17-2136.335.4.el7uek.x86_64.rpm kernel-uek-doc-5.4.17-2136.335.4.el7uek.noarch.rpm kernel-uek-tools-5.4.17-2136.335.4.el7uek.x86_64.rpm aarch64: kernel-uek-5.4.17-2136.335.4.el7uek.aarch64.rpm kernel-uek-debug-5.4.17-2136.335.4.el7uek.aarch64.rpm kernel-uek-debug-devel-5.4.17-2136.335.4.el7uek.aarch64.rpm kernel-uek-devel-5.4.17-2136.335.4.el7uek.aarch64.rpm kernel-uek-doc-5.4.17-2136.335.4.el7uek.noarch.rpm kernel-uek-tools-5.4.17-2136.335.4.el7uek.aarch64.rpm kernel-uek-tools-libs-5.4.17-2136.335.4.el7uek.aarch64.rpm perf-5.4.17-2136.335.4.el7uek.aarch64.rpm python-perf-5.4.17-2136.335.4.el7uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-5.4.17-2136.335.4.el7uek.src.rpm RelatedCVEs: CVE-2022-3566 CVE-2022-3567 CVE-2023-4881 CVE-2023-52628 CVE-2023-52803 CVE-2024-36484 CVE-2024-36894 CVE-2024-36974 CVE-2024-36978 CVE-2024-37078 CVE-2024-38619 CVE-2024-39469 CVE-2024-39487 CVE-2024-39495 CVE-2024-39499 CVE-2024-39501 CVE-2024-39502 CVE-2024-39505 CVE-2024-39506 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40905 CVE-2024-40912 CVE-2024-40932 CVE-2024-40934 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40945 CVE-2024-40958 CVE-2024-40959 CVE-2024-40960 CVE-2024-40961 CVE-2024-40963 CVE-2024-40968 CVE-2024-40974 CVE-2024-40978 CVE-2024-40980 CVE-2024-40981 CVE-2024-40987 CVE-2024-40988 CVE-2024-40993 CVE-2024-40995 CVE-2024-41006 CVE-2024-41007 CVE-2024-41022 CVE-2024-41034 CVE-2024-41035 CVE-2024-41041 CVE-2024-41044 CVE-2024-41046 CVE-2024-41049 CVE-2024-41087 CVE-2024-41089 CVE-2024-41095 CVE-2024-41097 CVE-2024-42070 CVE-2024-42076 CVE-2024-42084 CVE-2024-42086 CVE-2024-42087 CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42094 CVE-2024-42096 CVE-2024-42097 CVE-2024-42101 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42115 CVE-2024-42119 CVE-2024-42124 CVE-2024-42127 CVE-2024-42143 CVE-2024-42145 CVE-2024-42148 CVE-2024-42153 CVE-2024-42154 CVE-2024-42157 CVE-2024-42223 CVE-2024-42224 CVE-2024-42232 CVE-2024-42236 Description of changes: [5.4.17-2136.335.4.el7uek] caches for x86_64. (Imran Khan) [Orabug: 36951041] - printk: add kthread for long-running print (Stephen Brennan) [Orabug: 36456582] - kdb: Use the passed prompt in kdb_position_cursor() (Douglas Anderson) - driver core: Fix uevent_show() vs driver detach race (Dan Williams) - pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (Yang Yingliang) - pinctrl: ti: ti-iodelay: Drop if block with always false condition (Uwe Kleine-König) - pinctrl: single: fix possible memory leak when pinctrl_enable() fails (Yang Yingliang) - pinctrl: core: fix possible memory leak when pinctrl_enable() fails (Yang Yingliang) - ipvs: Avoidunnecessary calls to skb_is_gso_sctp (Ismael Luceno) [5.4.17-2136.335.3.el7uek] - MIPS: Octeon: Add PCIe link status check (Dave Kleikamp) [Orabug: 36947196] {CVE-2024-40968} [5.4.17-2136.335.2.el7uek] - drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (Dan Carpenter) [Orabug: 36898075] {CVE-2024-41022} - net: relax socket state check at accept time. (Paolo Abeni) [Orabug: 36768889] {CVE-2024-36484} - fsnotify: clear PARENT_WATCHED flags lazily (Amir Goldstein) [Orabug: 36922241] - NFSD: Increase NFSD_MAX_OPS_PER_COMPOUND (Chuck Lever) [Orabug: 36908594] - x86/cpu: Avoid cpuinfo-induced IPI pileups (Paul E. McKenney) [Orabug: 35773811] [5.4.17-2136.335.1.el7uek] - LTS tag: v5.4.280 (Alok Tiwari) - i2c: rcar: bring hardware to known state when probing (Wolfram Sang) - nilfs2: fix kernel bug on rename operation of broken directory (Ryusuke Konishi) [Orabug: 36896821] {CVE-2024-41034} - tcp: avoid too many retransmit packets (Eric Dumazet) [Orabug: 36841816] {CVE-2024-41007} - tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (Eric Dumazet) - net: tcp: fix unexcepted socket die when snd_wnd is 0 (Menglong Dong) - tcp: refactor tcp_retransmit_timer() (Eric Dumazet) - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (felix) [Orabug: 36940547] {CVE-2023-52803} - libceph: fix race between delayed_work() and ceph_monc_stop() (Ilya Dryomov) [Orabug: 36930128] {CVE-2024-42232} - ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (Edson Juliano Drosdeck) - nvmem: meson-efuse: Fix return value of nvmem callbacks (Joy Chakraborty) - hpet: Support 32-bit userspace (He Zhe) - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (Alan Stern) [Orabug: 36896826] {CVE-2024-41035} - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (Lee Jones) [Orabug: 36930138] {CVE-2024-42236} - USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (WangYuli) - USB: serial: option: add Rolling RW350-GL variants (Vanillan Wang) - USB: serial: option: addNetprisma LCUK54 series modules (Mank Wang) - USB: serial: option: add support for Foxconn T99W651 (Slark Xiao) - USB: serial: option: add Fibocom FM350-GL (Bjørn Mork) - USB: serial: option: add Telit FN912 rmnet compositions (Daniele Palmas) - USB: serial: option: add Telit generic core-dump composition (Daniele Palmas) - ARM: davinci: Convert comma to semicolon (Chen Ni) - s390: Mark psw in __load_psw_mask() as __unitialized (Sven Schnelle) - udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). (Kuniyuki Iwashima) [Orabug: 36896842] {CVE-2024-41041} - ppp: reject claimed-as-LCP but actually malformed packets (Dmitry Antipov) [Orabug: 36896856] {CVE-2024-41044} - net: ethernet: lantiq_etop: fix double free in detach (Aleksander Jan Bajkowski) [Orabug: 36896863] {CVE-2024-41046} - net: lantiq_etop: add blank line after declaration (Aleksander Jan Bajkowski) - octeontx2-af: Fix incorrect value output on error path in rvu_check_rsrc_availability() (Aleksandr Mishin) - tcp: fix incorrect undo caused by DSACK of TLP retransmit (Neal Cardwell) - tcp: add TCP_INFO status for failed client TFO (Jason Baron) - vfs: don't mod negative dentry count when on shrinker list (Brian Foster) - fs/dcache: Re-use value stored to dentry-> d_flags instead of re-reading (linke li) - filelock: fix potential use-after-free in posix_lock_inode (Jeff Layton) [Orabug: 36896877] {CVE-2024-41049} - nilfs2: fix incorrect inode allocation from reserved inodes (Ryusuke Konishi) - nvme-multipath: find NUMA path only for online numa-node (Nilay Shroff) - ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (Jian-Hong Pan) - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr (Piotr Wojtaszczyk) [Orabug: 36897909] {CVE-2024-42153} - media: dw2102: fix a potential buffer overflow (Mauro Carvalho Chehab) - bnx2x: Fix multiple UBSAN array-index-out-of-bounds (Ghadi Elie Rahme) [Orabug: 36897886] {CVE-2024-42148} - drm/amdgpu/atomfirmware: silence UBSAN warning (Alex Deucher) -drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (Ma Ke) [Orabug: 36897640] {CVE-2024-42101} - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (Jan Kara) - fsnotify: Do not generate events for O_PATH file descriptors (Jan Kara) - can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (Jimmy Assarsson) - mm: optimize the redundant loop of mm_update_owner_next() (Jinliang Zheng) - nilfs2: add missing check for inode numbers on directory entries (Ryusuke Konishi) [Orabug: 36897652] {CVE-2024-42104} - nilfs2: fix inode number range checks (Ryusuke Konishi) [Orabug: 36897658] {CVE-2024-42105} - inet_diag: Initialize pad field in struct inet_diag_req_v2 (Shigeru Yoshida) [Orabug: 36897666] {CVE-2024-42106} - selftests: make order checking verbose in msg_zerocopy selftest (Zijian Zhang) - selftests: fix OOM in msg_zerocopy selftest (Zijian Zhang) - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (Sam Sun) [Orabug: 36825248] {CVE-2024-39487} - tcp_metrics: validate source addr length (Jakub Kicinski) [Orabug: 36897915] {CVE-2024-42154} - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (Neal Cardwell) - net: tcp better handling of reordering then loss cases (Yuchung Cheng) - tcp: add ece_ack flag to reno sack functions (Yousuk Seung) - tcp: tcp_mark_head_lost is only valid for sack-tcp (zhang kai) - s390/pkey: Wipe sensitive data on failure (Holger Dengler) [Orabug: 36897934] {CVE-2024-42157} - jffs2: Fix potential illegal address access in jffs2_free_inode (Wang Yong) [Orabug: 36897696] {CVE-2024-42115} - powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (Greg Kurz) - orangefs: fix out-of-bounds fsid access (Mike Marshall) [Orabug: 36897837] {CVE-2024-42143} - powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (Michael Ellerman) - i2c: i801: Annotate apanel_addr as __ro_after_init (Heiner Kallweit) - media: dvb-frontends: tda10048: Fix integer overflow(Ricardo Ribalda) [Orabug: 36897976] {CVE-2024-42223} - media: s2255: Use refcount_t instead of atomic_t for num_channels (Ricardo Ribalda) - media: dvb-frontends: tda18271c2dd: Remove casting during div (Ricardo Ribalda) - net: dsa: mv88e6xxx: Correct check for empty list (Simon Horman) [Orabug: 36897982] {CVE-2024-42224} - Input: ff-core - prefer struct_size over open coded arithmetic (Erick Archer) - firmware: dmi: Stop decoding on broken entry (Jean Delvare) - sctp: prefer struct_size over open coded arithmetic (Erick Archer) - media: dw2102: Don't translate i2c read into write (Michael Bunk) - drm/amd/display: Skip finding free audio for unknown engine_id (Alex Hung) [Orabug: 36897726] {CVE-2024-42119} - drm/amdgpu: Initialize timestamp for some legacy SOCs (Ma Jun) - scsi: qedf: Make qedf_execute_tmf() non-preemptible (John Meneghini) [Orabug: 36897761] {CVE-2024-42124} - IB/core: Implement a limit on UMAD receive List (Michael Guralnik) [Orabug: 36897847] {CVE-2024-42145} - media: dvb-usb: dib0700_devices: Add missing release_firmware() (Ricardo Ribalda) - media: dvb: as102-fe: Fix as10x_register_addr packing (Ricardo Ribalda) - drm/lima: fix shared irq handling on driver remove (Erico Nunes) [Orabug: 36897779] {CVE-2024-42127} - LTS tag: v5.4.279 (Alok Tiwari) - arm64: dts: rockchip: Add sound-dai-cells for RK3368 (Alex Bee) - ARM: dts: rockchip: rk3066a: add #sound-dai-cells to hdmi node (Johan Jonker) - tcp: Fix data races around icsk-> icsk_af_ops. (Kuniyuki Iwashima) [Orabug: 34719866] {CVE-2022-3566} - ipv6: Fix data races around sk-> sk_prot. (Kuniyuki Iwashima) [Orabug: 34719906] {CVE-2022-3567} - ipv6: annotate some data-races around sk-> sk_prot (Eric Dumazet) - nfs: Leave pages in the pagecache if readpage failed (Matthew Wilcox (Oracle)) - pwm: stm32: Refuse too small period requests (Uwe Kleine-König) - mtd: spinand: macronix: Add support for serial NAND flash (Jaime Liao) - ftruncate: pass a signed offset (Arnd Bergmann) [Orabug: 36897558] {CVE-2024-42084} - ata:libata-core: Fix double free on error (Niklas Cassel) [Orabug: 36897374] {CVE-2024-41087} - batman-adv: Don't accept TT entries for out-of-spec VIDs (Sven Eckelmann) - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (Ma Ke) [Orabug: 36897380] {CVE-2024-41089} - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (Ma Ke) [Orabug: 36897444] {CVE-2024-41095} - hexagon: fix fadvise64_64 calling conventions (Arnd Bergmann) - csky, hexagon: fix broken sys_sync_file_range (Arnd Bergmann) - net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (Oleksij Rempel) - net: can: j1939: recover socket queue on CAN bus error during BAM transmission (Oleksij Rempel) - net: can: j1939: Initialize unused data in j1939_send_one() (Shigeru Yoshida) [Orabug: 36897516] {CVE-2024-42076} - tty: mcf: MCF54418 has 10 UARTS (Jean-Michel Hautbois) - usb: atm: cxacru: fix endpoint checking in cxacru_bind() (Nikita Zhandarovich) [Orabug: 36897451] {CVE-2024-41097} - usb: musb: da8xx: fix a resource leak in probe() (Dan Carpenter) - usb: gadget: printer: SS+ support (Oliver Neukum) - net: usb: ax88179_178a: improve link status logs (Jose Ignacio Tornos Martinez) - iio: chemical: bme680: Fix sensor data read operation (Vasileios Amoiridis) - iio: chemical: bme680: Fix overflows in compensate() functions (Vasileios Amoiridis) [Orabug: 36897566] {CVE-2024-42086} - iio: chemical: bme680: Fix calibration data variable (Vasileios Amoiridis) - iio: chemical: bme680: Fix pressure value output (Vasileios Amoiridis) - iio: adc: ad7266: Fix variable checking bug (Fernando Yang) - mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (Adrian Hunter) - mmc: sdhci: Do not invert write-protect twice (Adrian Hunter) - mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen) - x86: stop playing stack games in profile_pc() (Linus Torvalds) [Orabug: 36897616] {CVE-2024-42096} - gpio: davinci: Validate the obtained number of IRQs(Aleksandr Mishin) [Orabug: 36897599] {CVE-2024-42092} - nvme: fixup comment for nvme RDMA Provider Type (Hannes Reinecke) - soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (Andrew Davis) - media: dvbdev: Initialize sbuf (Ricardo Ribalda) - ALSA: emux: improve patch ioctl data validation (Oswald Buddenhagen) [Orabug: 36897624] {CVE-2024-42097} - net/dpaa2: Avoid explicit cpumask var allocation on stack (Dawei Li) [Orabug: 36897602] {CVE-2024-42093} - net/iucv: Avoid explicit cpumask var allocation on stack (Dawei Li) [Orabug: 36897608] {CVE-2024-42094} - mtd: partitions: redboot: Added conversion of operands to a larger type (Denis Arefev) - drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (Laurent Pinchart) [Orabug: 36897570] {CVE-2024-42087} - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Pablo Neira Ayuso) [Orabug: 36897500] {CVE-2024-42070} - parisc: use correct compat recv/recvfrom syscalls (Arnd Bergmann) - sparc: fix old compat_sys_select() (Arnd Bergmann) - net: phy: micrel: add Microchip KSZ 9477 to the device table (Enguerrand de Ribaucourt) - net: phy: mchp: Add support for LAN8814 QUAD PHY (Divya Koppera) - net: dsa: microchip: fix initial port flush problem (Tristram Ha) - ASoC: fsl-asoc-card: set priv-> pdev before using it (Elinor Montmasson) [Orabug: 36897578] {CVE-2024-42089} - netfilter: nf_tables: validate family when identifying table via handle (Pablo Neira Ayuso) - drm/amdgpu: fix UBSAN warning in kv_dpm.c (Alex Deucher) [Orabug: 36835992] {CVE-2024-40987} - pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (Huang-Huang Bao) - pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (Huang-Huang Bao) - pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (Huang-Huang Bao) - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (Hagar Hemdan) [Orabug: 36897586] {CVE-2024-42090} - iio: dac: ad5592r: fix temperature channel scaling value (Marc Ferland) - iio: dac:ad5592r: un-indent code-block for scale read (Alexandru Ardelean) - iio: dac: ad5592r-base: Replace indio_dev-> mlock with own device lock (Sergiu Cuciurean) - x86/amd_nb: Check for invalid SMN reads (Yazen Ghannam) - PCI: Add PCI_ERROR_RESPONSE and related definitions (Naveen Naidu) - perf/core: Fix missing wakeup when waiting for context reference (Haifeng Xu) - tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (Jeff Johnson) - arm64: dts: qcom: qcs404: fix bluetooth device address (Johan Hovold) - ARM: dts: samsung: smdk4412: fix keypad no-autorepeat (Krzysztof Kozlowski) - ARM: dts: samsung: exynos4412-origen: fix keypad no-autorepeat (Krzysztof Kozlowski) - ARM: dts: samsung: smdkv310: fix keypad no-autorepeat (Krzysztof Kozlowski) - i2c: ocores: set IACK bit after core is enabled (Grygorii Tertychnyi) - gcov: add support for GCC 14 (Peter Oberparleiter) - drm/radeon: fix UBSAN warning in kv_dpm.c (Alex Deucher) [Orabug: 36835997] {CVE-2024-40988} - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (Raju Rangoju) - dmaengine: ioatdma: Fix missing kmem_cache_destroy() (Nikita Shubin) - regulator: core: Fix modpost error "regulator_get_regmap" undefined (Biju Das) - net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (Oliver Neukum) - netfilter: ipset: Fix suspicious rcu_dereference_protected() (Jozsef Kadlecsik) [Orabug: 36838634] {CVE-2024-40993} - virtio_net: checksum offloading handling fix (Heng Qi) - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (David Ruth) [Orabug: 36836019] {CVE-2024-40995} - net/sched: act_api: rely on rcu in tcf_idr_check_alloc (Pedro Tammela) - netns: Make get_net_ns() handle zero refcount net (Yue Haibing) [Orabug: 36835849] {CVE-2024-40958} - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (Eric Dumazet) [Orabug: 36835852] {CVE-2024-40959} - ipv6: prevent possible NULL dereference in rt6_probe() (Eric Dumazet) [Orabug: 36835857] {CVE-2024-40960} - ipv6:prevent possible NULL deref in fib6_nh_init() (Eric Dumazet) [Orabug: 36835862] {CVE-2024-40961} - netrom: Fix a memory leak in nr_heartbeat_expiry() (Gavrilov Ilia) [Orabug: 36836086] {CVE-2024-41006} - cipso: fix total option length computation (Ondrej Mosnacek) - mips: bmips: BCM6358: make sure CBR is correctly set (Christian Marangi) [Orabug: 36835870] {CVE-2024-40963} - MIPS: Routerboard 532: Fix vendor retry check code (Ilpo Järvinen) - PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (Mario Limonciello) - udf: udftime: prevent overflow in udf_disk_stamp_to_time() (Roman Smirnov) - usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (Alex Henrie) - powerpc/io: Avoid clang null pointer arithmetic warnings (Michael Ellerman) - powerpc/pseries: Enforce hcall result buffer validity and size (Nathan Lynch) [Orabug: 36835926] {CVE-2024-40974} - Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (Uri Arev) - scsi: qedi: Fix crash while reading debugfs attribute (Manish Rangankar) [Orabug: 36835947] {CVE-2024-40978} - drop_monitor: replace spin_lock by raw_spin_lock (Wander Lairson Costa) [Orabug: 36835960] {CVE-2024-40980} - batman-adv: bypass empty buckets in batadv_purge_orig_ref() (Eric Dumazet) [Orabug: 36835966] {CVE-2024-40981} - selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (Alessandro Carminati (Red Hat)) - rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment (Paul E. McKenney) - i2c: at91: Fix the functionality flags of the slave-only interface (Jean Delvare) - usb-storage: alauda: Check whether the media is initialized (Shichao Lai) [Orabug: 36753734] {CVE-2024-38619} - greybus: Fix use-after-free bug in gb_interface_release due to race condition. (Sicong Huang) [Orabug: 36835564] {CVE-2024-39495} - netfilter: nftables: exthdr: fix 4-byte stack OOB write (Florian Westphal) [Orabug: 35814445] {CVE-2023-4881} {CVE-2023-52628} - hugetlb_encode.h: fix undefined behaviour (34
Sep 13, 2024
•Important
Oracle
172
security advisorysoftware updateauthentication issueUbuntu 22.04 LTS: USN-6876-1 Critical: Kopano Core Security Update
Several security issues were fixed in Kopano Core.. ========================================================================== Ubuntu Security Notice USN-6876-1 July 04, 2024 kopanocore vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Kopano Core. Software Description: - kopanocore: Complete and feature rich groupware solution Details: It was discovered that Kopano Core allowed out-of-bounds access. An attacker could use this issue to expose private information. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-19907) It was discovered that Kopano Core allowed possible authentication with expired passwords. An attacker could use this issue to bypass authentication. (CVE-2022-26562) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS kopano-archiver 8.7.0-7.1ubuntu10.1 kopano-contacts 8.7.0-7.1ubuntu10.1 kopano-dagent 8.7.0-7.1ubuntu10.1 kopano-gateway 8.7.0-7.1ubuntu10.1 kopano-ical 8.7.0-7.1ubuntu10.1 kopano-libs 8.7.0-7.1ubuntu10.1 kopano-monitor 8.7.0-7.1ubuntu10.1 kopano-server 8.7.0-7.1ubuntu10.1 kopano-spooler 8.7.0-7.1ubuntu10.1 kopano-utils 8.7.0-7.1ubuntu10.1 php-mapi 8.7.0-7.1ubuntu10.1 python3-mapi 8.7.0-7.1ubuntu10.1 Ubuntu 20.04 LTS kopano-archiver 8.7.0-7ubuntu1.1 kopano-contacts 8.7.0-7ubuntu1.1 kopano-dagent 8.7.0-7ubuntu1.1 kopano-gateway 8.7.0-7ubuntu1.1 kopano-ical 8.7.0-7ubuntu1.1 kopano-libs 8.7.0-7ubuntu1.1 kopano-monitor 8.7.0-7ubuntu1.1 kopano-server 8.7.0-7ubuntu1.1 kopano-spooler 8.7.0-7ubuntu1.1 kopano-utils 8.7.0-7ubuntu1.1 php-mapi 8.7.0-7ubuntu1.1 python3-mapi 8.7.0-7ubuntu1.1 Ubuntu 18.04 LTS kopano-archiver 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-contacts 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-dagent 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-gateway 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-ical 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-libs 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-monitor 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-server 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-spooler 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro kopano-utils 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro php-mapi 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro python-mapi 8.5.5-0ubuntu1+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6876-1 CVE-2019-19907, CVE-2022-26562 Package Information: https://launchpad.net/ubuntu/+source/kopanocore/8.7.0-7.1ubuntu10.1 https://launchpad.net/ubuntu/+source/kopanocore/8.7.0-7ubuntu1.1 . Critical patches have been released for Kopano Core, targeting multiple Ubuntu LTS versions to resolve significant vulnerabilities.. Kopano Core Security, Ubuntu Updates, Kopano Auth Issues, Security Compliance. . Severity: Critical. LinuxSecurity.com Team
Jul 04, 2024
•Critical
Ubuntu
172
security advisorysoftware updateremote executionUbuntu 24.04 LTS USN-6789-1 Severe: LibreOffice Graphic Binding Threat
LibreOffice could be made to run programs when clicking a graphic.. ========================================================================== Ubuntu Security Notice USN-6789-1 May 28, 2024 libreoffice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: LibreOffice could be made to run programs when clicking a graphic. Software Description: - libreoffice: Office productivity suite Details: Amel Bouziane-Leblond discovered that LibreOffice incorrectly handled graphic on-click bindings. If a user were tricked into clicking a graphic in a specially crafted document, a remote attacker could possibly run arbitrary script. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS libreoffice 4:24.2.3-0ubuntu0.24.04.2 Ubuntu 23.10 libreoffice 4:7.6.7-0ubuntu0.23.10.2 Ubuntu 22.04 LTS libreoffice 1:7.3.7-0ubuntu0.22.04.5 Ubuntu 20.04 LTS libreoffice 1:6.4.7-0ubuntu0.20.04.10 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6789-1 CVE-2024-3044 Package Information: https://launchpad.net/ubuntu/+source/libreoffice/4:24.2.3-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/libreoffice/4:7.6.7-0ubuntu0.23.10.2 https://launchpad.net/ubuntu/+source/libreoffice/1:7.3.7-0ubuntu0.22.04.5 https://launchpad.net/ubuntu/+source/libreoffice/1:6.4.7-0ubuntu0.20.04.10 . Ubuntu 9810-2: Critical LibreOffice security patch targeting graphic elements. Ensure your devices are updated to block harmful code execution.. LibreOffice Security Updates, Ubuntu Patch Instructions, Remote Execution Threats, Software VulnerabilityResolution, Graphic Handling Issue. . Severity: Important. LinuxSecurity.com Team
May 28, 2024
•Important
Ubuntu
172
security advisorydenial of serviceubuntuUbuntu 22.04 LTS: 3458-7 Critical: Linux Kernel Vulnerability Mitigation
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6765-1 May 07, 2024 linux-oem-6.5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-6.5: Linux kernel for OEM systems Details: Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-6356, CVE-2023-6535, CVE-2023-6536) Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability (CVE-2022-0001) were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. (CVE-2024-2201) Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-23849) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - Core kernel; - x86 architecture; - Block layer subsystem; - Cryptographic API; -Android drivers; - Drivers core; - Power management core; - Bus devices; - Hardware random number generator core; - Device frequency; - DMA engine subsystem; - EDAC drivers; - ARM SCMI message protocol; - GPU drivers; - IIO ADC drivers; - InfiniBand drivers; - IOMMU subsystem; - Media drivers; - Multifunction device drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - PCI driver for MicroSemi Switchtec; - x86 platform drivers; - Power supply drivers; - SCSI drivers; - QCOM SoC drivers; - SPMI drivers; - Thermal drivers; - TTY drivers; - VFIO drivers; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - EROFS file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFS file system; - Network file systems library; - Network file system server daemon; - Pstore file system; - ReiserFS file system; - SMB network file system; - BPF subsystem; - Memory management; - TLS protocol; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Netfilter; - Network traffic control; - SMC sockets; - Sun RPC protocol; - AppArmor security module; (CVE-2023-52635, CVE-2024-26632, CVE-2023-52468, CVE-2023-52472, CVE-2023-52589, CVE-2024-26671, CVE-2024-26640, CVE-2024-26631, CVE-2023-52489, CVE-2023-52616, CVE-2023-52445, CVE-2023-52463, CVE-2024-26610, CVE-2023-52497, CVE-2023-52453, CVE-2023-52470, CVE-2024-26649, CVE-2023-52583, CVE-2024-26644, CVE-2023-52607, CVE-2023-52587, CVE-2024-26594, CVE-2023-52618, CVE-2023-52495, CVE-2023-52632, CVE-2024-26583, CVE-2023-52633, CVE-2023-52591, CVE-2024-26633, CVE-2023-52627, CVE-2024-26670, CVE-2024-26598, CVE-2024-26592, CVE-2023-52473, CVE-2023-52623, CVE-2023-52446, CVE-2023-52443, CVE-2023-52451, CVE-2024-26629, CVE-2023-52462, CVE-2024-26808, CVE-2023-52598, CVE-2023-52611,CVE-2023-52492, CVE-2023-52456, CVE-2023-52626, CVE-2023-52455, CVE-2024-26641, CVE-2023-52588, CVE-2023-52608, CVE-2024-26618, CVE-2024-26582, CVE-2023-52609, CVE-2023-52604, CVE-2024-26646, CVE-2024-26634, CVE-2023-52469, CVE-2023-52467, CVE-2023-52447, CVE-2024-26623, CVE-2023-52621, CVE-2024-26647, CVE-2024-26615, CVE-2023-52450, CVE-2023-52619, CVE-2023-52610, CVE-2023-52606, CVE-2023-52464, CVE-2023-52465, CVE-2024-26638, CVE-2023-52498, CVE-2024-26625, CVE-2023-52449, CVE-2023-52584, CVE-2023-52454, CVE-2023-52458, CVE-2024-26585, CVE-2024-26669, CVE-2023-52493, CVE-2024-26645, CVE-2024-26607, CVE-2023-52615, CVE-2023-52617, CVE-2024-26612, CVE-2024-26668, CVE-2023-52594, CVE-2023-52612, CVE-2024-26584, CVE-2024-26586, CVE-2024-26616, CVE-2024-26673, CVE-2023-52448, CVE-2024-26620, CVE-2023-52614, CVE-2024-26636, CVE-2023-52602, CVE-2023-52452, CVE-2023-52601, CVE-2024-26635, CVE-2024-26627, CVE-2023-52488, CVE-2023-52487, CVE-2023-52597, CVE-2023-52494, CVE-2023-52444, CVE-2024-26608, CVE-2023-52593, CVE-2023-52491, CVE-2023-52595, CVE-2023-52599, CVE-2024-26595, CVE-2023-52622, CVE-2024-26650, CVE-2024-26614, CVE-2023-52490, CVE-2023-52486, CVE-2023-52457) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-6.5.0-1022-oem 6.5.0-1022.23 linux-image-oem-22.04 6.5.0.1022.24 linux-image-oem-22.04a 6.5.0.1022.24 linux-image-oem-22.04b 6.5.0.1022.24 linux-image-oem-22.04c 6.5.0.1022.24 linux-image-oem-22.04d 6.5.0.1022.24 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic,linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52446, CVE-2023-52447, CVE-2023-52448, CVE-2023-52449, CVE-2023-52450, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52454, CVE-2023-52455, CVE-2023-52456, CVE-2023-52457, CVE-2023-52458, CVE-2023-52462, CVE-2023-52463, CVE-2023-52464, CVE-2023-52465, CVE-2023-52467, CVE-2023-52468, CVE-2023-52469, CVE-2023-52470, CVE-2023-52472, CVE-2023-52473, CVE-2023-52486, CVE-2023-52487, CVE-2023-52488, CVE-2023-52489, CVE-2023-52490, CVE-2023-52491, CVE-2023-52492, CVE-2023-52493, CVE-2023-52494, CVE-2023-52495, CVE-2023-52497, CVE-2023-52498, CVE-2023-52583, CVE-2023-52584, CVE-2023-52587, CVE-2023-52588, CVE-2023-52589, CVE-2023-52591, CVE-2023-52593, CVE-2023-52594, CVE-2023-52595, CVE-2023-52597, CVE-2023-52598, CVE-2023-52599, CVE-2023-52601, CVE-2023-52602, CVE-2023-52604, CVE-2023-52606, CVE-2023-52607, CVE-2023-52608, CVE-2023-52609, CVE-2023-52610, CVE-2023-52611, CVE-2023-52612, CVE-2023-52614, CVE-2023-52615, CVE-2023-52616, CVE-2023-52617, CVE-2023-52618, CVE-2023-52619, CVE-2023-52621, CVE-2023-52622, CVE-2023-52623, CVE-2023-52626, CVE-2023-52627, CVE-2023-52632, CVE-2023-52633, CVE-2023-52635, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2024-2201, CVE-2024-23849, CVE-2024-24860, CVE-2024-26582, CVE-2024-26583, CVE-2024-26584, CVE-2024-26585, CVE-2024-26586, CVE-2024-26592, CVE-2024-26594, CVE-2024-26595, CVE-2024-26598, CVE-2024-26607, CVE-2024-26608, CVE-2024-26610, CVE-2024-26612, CVE-2024-26614, CVE-2024-26615, CVE-2024-26616, CVE-2024-26618, CVE-2024-26620, CVE-2024-26623, CVE-2024-26625, CVE-2024-26627, CVE-2024-26629, CVE-2024-26631, CVE-2024-26632, CVE-2024-26633, CVE-2024-26634, CVE-2024-26635, CVE-2024-26636, CVE-2024-26638, CVE-2024-26640, CVE-2024-26641, CVE-2024-26644, CVE-2024-26645, CVE-2024-26646, CVE-2024-26647, CVE-2024-26649, CVE-2024-26650, CVE-2024-26668, CVE-2024-26669, CVE-2024-26670, CVE-2024-26671, CVE-2024-26673, CVE-2024-26808 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-6.5/6.5.0-1022.23 . Urgent security update released for Linux kernel on Ubuntu 22.04 LTS, targeting various vulnerabilities and enhancing overall system reliability.. Linux Kernel Updates, Ubuntu Security Advisory, OEM System Security, System Vulnerability Management. . Severity: Critical. LinuxSecurity.com Team
May 07, 2024
•Critical
Ubuntu
172
security advisoryupdatecross-site scriptingUbuntu 20.04 LTS: USN-6751-1 Severe: Zabbix XSS Attack Mitigation
Zabbix could allow reflected cross-site scripting (XSS) attacks.. ========================================================================== Ubuntu Security Notice USN-6751-1 April 25, 2024 zabbix vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS (Available with Ubuntu Pro) - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: Zabbix could allow reflected cross-site scripting (XSS) attacks. Software Description: - zabbix: Open-source monitoring software tool for diverse IT components Details: It was discovered that Zabbix incorrectly handled input data in the discovery and graphs pages. A remote authenticated attacker could possibly use this issue to perform reflected cross-site scripting (XSS) attacks. (CVE-2022-35229, CVE-2022-35230) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS (Available with Ubuntu Pro): zabbix-agent 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-frontend-php 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-java-gateway 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-proxy-mysql 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-proxy-pgsql 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-proxy-sqlite3 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-server-mysql 1:4.0.17+dfsg-1ubuntu0.1~esm1 zabbix-server-pgsql 1:4.0.17+dfsg-1ubuntu0.1~esm1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): zabbix-agent 1:3.0.12+dfsg-1ubuntu0.1~esm3 zabbix-frontend-php 1:3.0.12+dfsg-1ubuntu0.1~esm3 zabbix-java-gateway 1:3.0.12+dfsg-1ubuntu0.1~esm3 zabbix-proxy-mysql 1:3.0.12+dfsg-1ubuntu0.1~esm3 zabbix-proxy-pgsql 1:3.0.12+dfsg-1ubuntu0.1~esm3 zabbix-proxy-sqlite3 1:3.0.12+dfsg-1ubuntu0.1~esm3 zabbix-server-mysql 1:3.0.12+dfsg-1ubuntu0.1~esm3 zabbix-server-pgsql 1:3.0.12+dfsg-1ubuntu0.1~esm3 Ubuntu 16.04 LTS (Available with Ubuntu Pro): zabbix-agent 1:2.4.7+dfsg-2ubuntu2.1+esm3 zabbix-frontend-php 1:2.4.7+dfsg-2ubuntu2.1+esm3 zabbix-java-gateway 1:2.4.7+dfsg-2ubuntu2.1+esm3 zabbix-proxy-mysql 1:2.4.7+dfsg-2ubuntu2.1+esm3 zabbix-proxy-pgsql 1:2.4.7+dfsg-2ubuntu2.1+esm3 zabbix-proxy-sqlite3 1:2.4.7+dfsg-2ubuntu2.1+esm3 zabbix-server-mysql 1:2.4.7+dfsg-2ubuntu2.1+esm3 zabbix-server-pgsql 1:2.4.7+dfsg-2ubuntu2.1+esm3 Ubuntu 14.04 LTS (Available with Ubuntu Pro): zabbix-agent 1:2.2.2+dfsg-1ubuntu1+esm5 zabbix-frontend-php 1:2.2.2+dfsg-1ubuntu1+esm5 zabbix-java-gateway 1:2.2.2+dfsg-1ubuntu1+esm5 zabbix-proxy-mysql 1:2.2.2+dfsg-1ubuntu1+esm5 zabbix-proxy-pgsql 1:2.2.2+dfsg-1ubuntu1+esm5 zabbix-proxy-sqlite3 1:2.2.2+dfsg-1ubuntu1+esm5 zabbix-server-mysql 1:2.2.2+dfsg-1ubuntu1+esm5 zabbix-server-pgsql 1:2.2.2+dfsg-1ubuntu1+esm5 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6751-1 CVE-2022-35229, CVE-2022-35230 . Discover Zabbix vulnerabilities impacting Ubuntu 20.04 LTS with updates to mitigate XSS attacks in USN-6751-1.. Zabbix Updates, Security Notice, Ubuntu Vulnerabilities, XSS Attacks, System Update. . Severity: Critical. LinuxSecurity.comTeam
Apr 25, 2024
•Critical
Ubuntu
100
security advisorycriticalsoftware updateSUSE: 2024:0247-2 critical alert: severe issue fix for rear23a
* bsc#1218728 Cross-References: * CVE-2024-23301 . # Security update for rear23a Announcement ID: SUSE-SU-2024:0247-1 Rating: important References: * bsc#1218728 Cross-References: * CVE-2024-23301 CVSS scores: * CVE-2024-23301 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23301 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for rear23a fixes the following issues: * CVE-2024-23301: Fixed ReaR creates world-readable initrd with GRUB_RESCUE=Y. (bsc#1218728) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-247=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-247=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-247=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-247=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-247=1 ## Package List: * openSUSE Leap 15.3 (ppc64le x86_64 i586) * rear23a-2.3.a-150300.21.3.1 * openSUSE Leap 15.5 (ppc64le x86_64) * rear23a-2.3.a-150300.21.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (ppc64le x86_64) * rear23a-2.3.a-150300.21.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (ppc64le x86_64) * rear23a-2.3.a-150300.21.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (ppc64le x86_64) * rear23a-2.3.a-150300.21.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23301.html * https://bugzilla.suse.com/show_bug.cgi?id=1218728 . Important security flaw fixed in rear23a, impacting several SUSE releases. Please update immediately to protect your infrastructures.. SUSE Security Update,rear23a Patch,Critical Threat Mitigation,system maintenance. . Severity: Critical. LinuxSecurity.com Team
Jan 26, 2024
•Critical
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!