Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
100
security advisorymoderateupdateSUSE: Stalld Moderate DoS Issue CVE-2024-54159 Advisory 2025:20468-1
* bsc#1230327 Cross-References: * CVE-2024-54159 . # Security update for stalld Announcement ID: SUSE-SU-2025:20468-1 Release Date: 2025-07-04T09:23:33Z Rating: moderate References: * bsc#1230327 Cross-References: * CVE-2024-54159 CVSS scores: * CVE-2024-54159 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for stalld fixes the following issues: Update to 1.19.8. Check https://gitlab.com/rt-linux-tools/stalld/-/releases for the full list of changes. Changes since 1.19.6: * Address CVE-2024-54159, which is a DoS issue with the way throttlectl.sh uses temp files (bsc#1230327) * Fix a compilation issue with a prototype mis-match in stalld.h and utils.c for cleanup_regex() * Workaround missing sched_getattr() export from glibc * Fix a problem with parsing /sys/kernel/debug/sched/debug on aarch64 * Place the original scheduling values in a root-owned directory in /run/stalld, not into the public /tmp directory (bsc#1230327). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-169=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * stalld-debugsource-1.19.8-slfo.1.1_1.1 * stalld-1.19.8-slfo.1.1_1.1 * stalld-debuginfo-1.19.8-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-54159.html * https://bugzilla.suse.com/show_bug.cgi?id=1230327 . SUSE has issued a significant security notice regarding a moderate denial-of-service vulnerability in stalld. Essential patches can now be accessed.. SUSE Linux Micro, security update, stalld patch. . LinuxSecurity.com Team
Jul 16, 2025
SuSE
89
security advisorydenial of servicesecurity issueFedora 40: 2025-e717eae403 high: stalld denial of service
Add code to deal with sched_setattr() not being exported in glibc 2.41 Address CVE-2024-54159 denial of services via symlink attack. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-e717eae403 2025-02-09 01:30:07.778486+00:00 -------------------------------------------------------------------------------- Name : stalld Product : Fedora 40 Version : 1.19.8 Release : 1.fc40 URL : Summary : Daemon that finds starving tasks and gives them a temporary boost Description : The stalld program monitors the set of system threads, looking for threads that are ready-to-run but have not been given processor time for some threshold period. When a starving thread is found, it is given a temporary boost using the SCHED_DEADLINE policy. The default is to allow 10 microseconds of runtime for 1 second of clock time. -------------------------------------------------------------------------------- Update Information: Add code to deal with sched_setattr() not being exported in glibc 2.41 Address CVE-2024-54159 denial of services via symlink attack -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2025 Clark Williams - 1.19.8 - Added glibc41 fix to source tree, removed patch - stalld.h: fix prototype mis-match with cleanup_regex() * Tue Jan 21 2025 Clark Williams - 1.19.7 - stalld.c: use a more reasonable size for reading /proc/stat - systemd/Makefile: remove typo in uninstall line - Makefile: change modes on throttled and stalld - throttlectl: clean up throttling script due to reported CVE-2024-54159 * Sun Jan 19 2025 Fedora Release Engineering - 1.19.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2329809 - CVE-2024-54159 stalld: denial of service [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2329809 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-e717eae403' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 09, 2025
•Important
Fedora
89
security advisorydenial of serviceFedoraFedora 41: Advisory FEDORA-2025-3dc53b7f76 - stalld Denial of Service
Add code to deal with sched_setattr() not being exported in glibc 2.41 Address CVE-2024-54159 denial of services via symlink attack. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-3dc53b7f76 2025-02-08 02:15:29.327890+00:00 -------------------------------------------------------------------------------- Name : stalld Product : Fedora 41 Version : 1.19.8 Release : 1.fc41 URL : Summary : Daemon that finds starving tasks and gives them a temporary boost Description : The stalld program monitors the set of system threads, looking for threads that are ready-to-run but have not been given processor time for some threshold period. When a starving thread is found, it is given a temporary boost using the SCHED_DEADLINE policy. The default is to allow 10 microseconds of runtime for 1 second of clock time. -------------------------------------------------------------------------------- Update Information: Add code to deal with sched_setattr() not being exported in glibc 2.41 Address CVE-2024-54159 denial of services via symlink attack -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 28 2025 Clark Williams - 1.19.8 - Added glibc41 fix to source tree, removed patch - stalld.h: fix prototype mis-match with cleanup_regex() * Tue Jan 21 2025 Clark Williams - 1.19.7 - stalld.c: use a more reasonable size for reading /proc/stat - systemd/Makefile: remove typo in uninstall line - Makefile: change modes on throttled and stalld - throttlectl: clean up throttling script due to reported CVE-2024-54159 * Sun Jan 19 2025 Fedora Release Engineering - 1.19.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2329810 - CVE-2024-54159 stalld: denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2329810 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-3dc53b7f76' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 08, 2025
•Important
Fedora
89
security advisoryFedoraapplication securityFedora 38: FEDORA-2024-a047b1ca2d Critical: Stalld Service Startup Fix
address issues found in Static Application Security testing Fix a service startup issue Fix file open issue when kernel lockdown is in effect. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-a047b1ca2d 2024-05-04 02:18:44.166352 -------------------------------------------------------------------------------- Name : stalld Product : Fedora 38 Version : 1.19.2 Release : 1.fc38 URL : Summary : Daemon that finds starving tasks and gives them a temporary boost Description : The stalld program monitors the set of system threads, looking for threads that are ready-to-run but have not been given processor time for some threshold period. When a starving thread is found, it is given a temporary boost using the SCHED_DEADLINE policy. The default is to allow 10 microseconds of runtime for 1 second of clock time. -------------------------------------------------------------------------------- Update Information: address issues found in Static Application Security testing Fix a service startup issue Fix file open issue when kernel lockdown is in effect -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 24 2024 Clark Williams - 1.19.2 - Make fill_process_comm() open comm file as READ_ONLY - throttlectl.sh: use legal value for exit on fail - stalld: free malloc'd buffer on function exit - throttling.c: null terminate input buffer - stalld.conf: Fix stalld service start fail - Conditionalize BPF and queue_track build per architecture - clean up Makefile install logic and add .bz2 to .gitignore - modify Makefiles so install works with relative paths - rename 'redhat' to 'systemd' and remove redhat packaging logic - update SPDX tags to non-deprecated values - stalld: Add -a/--affinity option - Adding SPDX license info to each file - man/stalld.8: change starving threshold to match code - utils: Fix freeing of invalidpointer - add bpftool as BuildRequires -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-a047b1ca2d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 04, 2024
•Critical
Fedora
219
security advisoryupdatebug fixRocky Linux 8: RLBA-2021:3063 Moderate Severity: Systemd Patch Included
stalld bug fix and enhancement update. \{'type': 'BugFix', 'shortCode': 'RL', 'name': 'RLBA-2021:3062', 'synopsis': 'stalld bug fix and enhancement update', 'severity': 'UnknownSeverity', 'topic': 'An update for stalld is now available for Rocky Linux 8.', 'description': 'stalld package provides a mechanism used to prevent the starvation of operating system threads in a Linux system.\nBug fix(es):', 'solution': None, 'affectedProducts': ['Rocky Linux 8'], 'fixes': [], 'cves': ['Red Hat:::https://sso.redhat.com/auth/realms/redhat-external/protocol/saml?SAMLRequest=fZLBT8IwFMb%2Fld16Gp1zA2kYyQIxIUFjQD14MWV9kyZdO%2FveBP3r7UAUL1x6eP3e9%2FveaycoG9OKsqOtXcF7B0hRiQietLMzZ7FrwK%2FBf%2BgKnlbLgm2JWhScy6oCxIEHtZU0qFzDldtZ46RC3nvyWltp9BewqCTyetMRHP20ffsxXFgF%2B4JdsWgeuEHfQ%2F8QiO7cX4aM3IM0DfJjOYY9gQ8Y3npHrnLmgGbRYl6w17RW4yyVSSxH2SbOKlXHNzIc4wxG%2BXA4VnlSByliF4IgSUsFS5M0j5M8TvPHJBXXmcjSFxY9g8dDsnSQsGjfGIuiBxWs81Y4iRqFlQ2goEqsy7ulCEIhT2s8b2kv95zmYNNJrxaHdH7aWV1rUPHviif8%2FHpyfMT7YLeYPzijq8%2BoNMbtZmFdBAUj34V3uHW%2BkXQ5QF%2FRKq4PUtH2gyOBJcanR%2Bb%2FvzL9Bg%3D%3D&RelayState=https%3A%2F%2Faccess.redhat.com%2Ferrata%2FRHBA-2021%3A3062%3A%3A%3ARHBA-2021%3A3062&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=oEhSbUI%2B3LdPKS5oILKOe8B8gxwkjzi60H83naBtOCdHHUOHBLTys0ZVymM5nxB2fs8r4eVm2pjuAHDLGrfu9ag8WWV9LBRrLDOw%2BJD4X5dSXHUFKij0XRVvnoHa7Fp5yUGNL2b%2Bm3uiABuqnxb0a5VbAv%2By47w7NaDQu5%2BSJDD%2BhtpqFm%2FcmL3qrpsIbuEl%2B3QiGeKWcBRlpZ1iveCNl1IKmcMzUKwfofDFlfrKjzoYlwr7xZ4KKUskKifeJNuKttoswgmCQp%2FQhXzADDBMw9vATlwCGSvUzwaLs65FypNw%2FM%2BCTbdl%2FgozWmIJF1jAnp9mk%2Fsb1lSvHPcH%2FmGmMNwXw6VixvfikJMkvSOTzOZtKXOinguJ8QgDr%2BS%2BFRgR3dqILrpC0GbeceJVc7OhPoU4bz29LOMBnajLUBFJqOT04vDABm%2F9pbkChEWeXz064mtg408FqbEEbaEsSNoP6a4Q%2FVE8dwR54C6wLdqzHuqCp9vkVhf9sWAE9b3XiZDVfez6TqCE3GIzujMtvIYvePqraJBODtBnfd%2FGdF7xMoBCa8jrQyyA1v%2BZru2QIXdAdNgnRftvNnYrZ94V3yrv%2BBzD6d0gLF2r8%2BdD5M8VQPGh8qucpW8s3jLk978w3PjsemxWc6S4%2FRVpsiE6zQznFMOypN203PZB0XQ5Co5z%2Fs0%3D'], 'references': [], 'publishedAt': '2021-08-12T21:10:07.838611Z','rpms': ['stalld-1.10-1.el8_4.aarch64.rpm', 'stalld-1.10-1.el8_4.src.rpm', 'stalld-1.10-1.el8_4.x86_64.rpm', 'stalld-debuginfo-1.10-1.el8_4.aarch64.rpm', 'stalld-debuginfo-1.10-1.el8_4.x86_64.rpm', 'stalld-debugsource-1.10-1.el8_4.aarch64.rpm', 'stalld-debugsource-1.10-1.el8_4.x86_64.rpm']}\. The latest update for stalld rectifies a critical bug and introduces enhancements for Rocky Linux, optimizing thread handling efficiency.. stalld enhancement, Rocky Linux update, thread management fix. . LinuxSecurity.com Team
Sep 02, 2022
Rocky Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!