Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorydenial of serviceremote exploit

Arch Linux: ASA-202107-12 Critical: Spice Code Execution Risk

The package spice before version 0.15.0-1 is vulnerable to multiple issues including arbitrary code execution and denial of service. . Arch Linux Security Advisory ASA-202107-12 ========================================= Severity: Critical Date : 2021-07-06 CVE-ID : CVE-2020-14355 CVE-2021-20201 Package : spice Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1239 Summary ====== The package spice before version 0.15.0-1 is vulnerable to multiple issues including arbitrary code execution and denial of service. Resolution ========= Upgrade to 0.15.0-1. # pacman -Syu "spice> =0.15.0-1" The problems have been fixed upstream in version 0.15.0. Workaround ========= None. Description ========== - CVE-2020-14355 (arbitrary code execution) Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system. More specifically, these flaws reside in the spice-common shared code between the client and server of SPICE. In other words, both the client (spice-gtk) and server are affected by these flaws. A malicious client or server could send specially crafted messages which could result in a process crash or potential code execution scenario. The issues have been fixed in spice (server) version 0.14.90 and spice-gtk (client) version 0.39. - CVE-2021-20201 (denial of service) An issue was discovered in SPICE server before version 0.15.0. There is a vulnerability which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection. Impact ===== A remote attacker could execute arbitrary code on the SPICE server using crafted messages, or cause high CPU consumption by performing manyrenegotiations. References ========= https://bugs.archlinux.org/task/68166 https://www.openwall.com/lists/oss-security/2020/10/06/10 https://gitlab.freedesktop.org/spice/spice-common/-/commit/762e0abae36033ccde658fd52d3235887b60862d https://gitlab.freedesktop.org/spice/spice-common/-/commit/404d74782c8b5e57d146c5bf3118bb41bf3378e4 https://gitlab.freedesktop.org/spice/spice-common/-/commit/ef1b6ff7b82e15d759e5415b8e35b92bb1a4c206 https://gitlab.freedesktop.org/spice/spice-common/-/commit/b24fe6b66b86e601c725d30f00c37e684b6395b6 https://gitlab.freedesktop.org/spice/spice/-/commit/4f71d0cdb79d2f61da49d439a5b72e3ce0070313 https://gitlab.freedesktop.org/spice/spice-gtk/-/commit/df0d3f9d95fe8235b95fa291feb746ba5e3bd6aa https://bugzilla.redhat.com/show_bug.cgi?id=1921846 https://gitlab.freedesktop.org/spice/spice/-/issues/49 https://gitlab.freedesktop.org/spice/spice/-/merge_requests/150 https://gitlab.freedesktop.org/spice/spice/-/commit/95a0cfac8a1c8eff50f05e65df945da3bb501fc9 https://gitlab.freedesktop.org/spice/spice/-/commit/ca5bbc5692e052159bce1a75f55dc60b36078749 https://security.archlinux.org/CVE-2020-14355 https://security.archlinux.org/CVE-2021-20201 . Critical vulnerabilities in the spice package for Arch Linux necessitate immediate updates to avert potential arbitrary code execution risks.. spice threats, Arch Linux security, code execution, DoS risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 09, 2021 Critical ArchLinux
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorycritical severityarbitrary execution

ArchLinux: 201902-4 Critical: Spice Arbitrary Code Execution

The package spice before version 0.14.0-3 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-201902-4 ======================================== Severity: Critical Date : 2019-02-11 CVE-ID : CVE-2019-3813 Package : spice Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-866 Summary ====== The package spice before version 0.14.0-3 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 0.14.0-3. # pacman -Syu "spice> =0.14.0-3" The problem has been fixed upstream but no release is available yet. Workaround ========= None. Description ========== Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers. Impact ===== A remote, unauthenticated attacker might be able to crash the server, or even execute arbitrary code on said server. References ========= https://gitlab.freedesktop.org/spice/spice/-/commit/a4a16ac42d2f19a17e36556546aa94d5cd83745f https://access.redhat.com/errata/RHSA-2019:0231 https://security.archlinux.org/CVE-2019-3813 . Arch Linux Security Advisory ASA-201902-4 ======================================== Severity: Critica. package, spice, version, vulnerable, arbitrary, execution, linux. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 12, 2019 Critical ArchLinux
Banner 4 1028x280 1708121825 1771600306
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisoryhigh severityarbitrary execution

Arch Linux: ASA-201708-12 High Severity: Spice Arbitrary Code Execution

The package spice before version 0.12.8+8+ga957a90b-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-201708-12 ========================================= Severity: High Date : 2017-08-14 CVE-ID : CVE-2017-7506 Package : spice Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-349 Summary ====== The package spice before version 0.12.8+8+ga957a90b-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 0.12.8+8+ga957a90b-1. # pacman -Syu "spice> =0.12.8+8+ga957a90b-1" The problem has been fixed upstream but no release is available yet. Workaround ========= None. Description ========== Two security issues have been found in spice

Calendar 2 Aug 15, 2017 ArchLinux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here