Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE libyang Important Buffer Overflow Advisory 2026-2381-1

Calendar White Jun 12, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE HPLIP Severe Code Execution Denial of Service 2026-2380-1

Calendar White Jun 12, 2026
Critical
Suse Large Esm H900
SuSE

openSUSE HPLIP Critical Escalation DoS Advisory SUSE-2026-2380-1

Calendar White Jun 12, 2026
Critical
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.2 python-Pygments Low Denial of Service CVE-2026-4539

Calendar White Jun 12, 2026
Low
Ubuntu Large Esm H900
Ubuntu

Ubuntu 16.04 LTS GStreamer Base Plugins Critical DoS CVE-2026-2921

Calendar White Jun 12, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 12 Linux Base Update Brings Important Security Fix DLA-4628-1

Calendar White Jun 12, 2026
Informational
Debianlts Large Esm H800
Debian LTS

Debian 12 Kernel-Wedge Update for Linux 6.12 DLA-4627-1

Calendar White Jun 12, 2026
Informational
Opensuse Large Esm H900
openSUSE

openSUSE NetworkManager-libreswan Important Security Update CVE-2024-9050

Calendar White Jun 12, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Rclone Critical Security Update CVE-2026-25680 CVE-2026-25681

Calendar White Jun 12, 2026
Critical
Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":556,"type":"x","order":1,"pct":78.75,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.25,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.82,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.18,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag%201security advisorycode executionadvisory

Mageia 9: 2024-0186 Critical: stb Library Integer Overflow

stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in `start_decoder`. The root cause is a potential integer overflow in `sizeof(char*) * (f-> comment_list_length)` which may make `setup_malloc` allocate less memory than required. Since there is . MGASA-2024-0186 - Updated stb packages fix security vulnerabilities Publication date: 21 May 2024 URL: https://advisories.mageia.org/MGASA-2024-0186.html Type: security Affected Mageia releases: 9 CVE: CVE-2023-45681, CVE-2023-47212 stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory write past an allocated heap buffer in `start_decoder`. The root cause is a potential integer overflow in `sizeof(char*) * (f-> comment_list_length)` which may make `setup_malloc` allocate less memory than required. Since there is another integer overflow an attacker may overflow it too to force `setup_malloc` to return 0 and make the exploit more reliable. This issue may lead to code execution. References: - https://bugs.mageia.org/show_bug.cgi?id=33205 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/2MHQQXX27ACLLYUQHWSL3DVCOGUK5ZA4/ - https://www.cve.org/CVERecord?id=CVE-2023-45681 - https://www.cve.org/CVERecord?id=CVE-2023-47212 SRPMS: - 9/core/stb-0-0.git20230129.4.1.mga9 . Mageia 9 enhancements for libstb focus on resolving serious integer overflow vulnerabilities that could result in arbitrary code execution.. stb vorbis security, Mageia 9 advisory, integer overflow patch, memory safety fix. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 21, 2024 Critical Mageia
89
Ls Advisories Fedora Esm H240
Price Tag%201security advisorybuffer overflowFedora

Fedora 40: 2024-05-11 Moderate Security Advisory For stb Buffer Overflow

Security fix for CVE-2023-45681 / CVE-2023-47212. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-8f4d69d2ec 2024-05-11 01:29:32.567673 -------------------------------------------------------------------------------- Name : stb Product : Fedora 40 Version : 0^20240213gitae721c5 Release : 6.fc40 URL : https://github.com/nothings/stb Summary : Single-file public domain libraries for C/C++ Description : Single-file public domain libraries for C/C++. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-45681 / CVE-2023-47212 -------------------------------------------------------------------------------- ChangeLog: * Thu May 2 2024 Benjamin A. Beasley - 0^20240213gitae721c5-6 - Patch for GHSL-2023-171/CVE-2023-45681/CVE-2023-47212 * Wed Apr 3 2024 Benjamin A. Beasley - 0^20240213gitae721c5-5 - Fix a description to use American English orthography -------------------------------------------------------------------------------- References: [ 1 ] Bug #2278401 - CVE-2023-47212 stb: stb_vorbis.c comment heap-based buffer overflow vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=2278401 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-8f4d69d2ec' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 40 introduces critical security patches addressing vulnerabilities related to memory overflows along with an overview of the most recent software iterations.. Fedora 40 Security, stb Library Fixes, Buffer Overflow Update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 11, 2024 Important Fedora
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag%201security advisoryFedoraDoS

Fedora 34: 2022-29327a4b98 Critical: stb DoS and Memory Issues

Security fix for CVE-2022-28041, CVE-2022-28042, CVE-2022-28048. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-29327a4b98 2022-04-28 05:53:41.577472 --------------------------------------------------------------------------------Name : stb Product : Fedora 34 Version : 0^20210910gitaf1a5bc Release : 0.2.fc34 URL : https://github.com/nothings/stb Summary : Single-file public domain libraries for C/C++ Description : Single-file public domain libraries for C/C++. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2022-28041, CVE-2022-28042, CVE-2022-28048 --------------------------------------------------------------------------------ChangeLog: * Wed Apr 20 2022 Benjamin A. Beasley 0^20210910gitaf1a5bc-0.2 - Security fix for CVE-2022-28041 (fix RHBZ#2077020, fix RBHZ#2077019) * Wed Apr 20 2022 Benjamin A. Beasley 0^20210910gitaf1a5bc-0.1 - Switch to modern snapshot versioning * Wed Apr 20 2022 Benjamin A. Beasley 0-0.9 - Stop numbering patches * Wed Apr 20 2022 Benjamin A. Beasley 0-0.8 - Apply a patch for warnings in stb_herringbone_wang_tile --------------------------------------------------------------------------------References: [ 1 ] Bug #2077019 - CVE-2022-28041 stb: integer overflow in stbi__jpeg_decode_block_prog_dc() can lead to DoS https://bugzilla.redhat.com/show_bug.cgi?id=2077019 [ 2 ] Bug #2077022 - CVE-2022-28042 stb: use-after-free in stbi__jpeg_huff_decode() https://bugzilla.redhat.com/show_bug.cgi?id=2077022 [ 3 ] Bug #2077028 - CVE-2022-28048 stb: integer shift of invalid size in stbi__jpeg_decode_block_prog_ac() https://bugzilla.redhat.com/show_bug.cgi?id=2077028 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2022-29327a4b98' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Critical security patch for Fedora 34: stb tackling integer overflow vulnerabilities resulting in Denial of Service. Essential updates provided.. Fedora Security Update, stb Library, Memory Management, DoS Mitigation, C/C++ Libraries. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 28, 2022 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":556,"type":"x","order":1,"pct":78.75,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.25,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.82,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.18,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here