Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycritical riskarbitrary code execution

Ubuntu 10.04 LTS: Critical Sudo Path Vulnerability 956-1 Exploit Details

Evan Broder and Anders Kaseorg discovered that sudo did not properly sanitize its environment when configured to use secure_path (the default in Ubuntu). A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program that interpreted the PATH environment variable. [More...]. ==========================================================Ubuntu Security Notice USN-956-1 June 30, 2010 sudo vulnerability CVE-2010-1646 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: sudo 1.6.8p12-1ubuntu6.3 sudo-ldap 1.6.8p12-1ubuntu6.3 Ubuntu 8.04 LTS: sudo 1.6.9p10-1ubuntu3.8 sudo-ldap 1.6.9p10-1ubuntu3.8 Ubuntu 9.04: sudo 1.6.9p17-1ubuntu3.3 sudo-ldap 1.6.9p17-1ubuntu3.3 Ubuntu 9.10: sudo 1.7.0-1ubuntu2.4 sudo-ldap 1.7.0-1ubuntu2.4 Ubuntu 10.04 LTS: sudo 1.7.2p1-1ubuntu5.1 sudo-ldap 1.7.2p1-1ubuntu5.1 In general, a standard system update will make all the necessary changes. Details follow: Evan Broder and Anders Kaseorg discovered that sudo did not properly sanitize its environment when configured to use secure_path (the default in Ubuntu). A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program that interpreted the PATH environment variable. Updated packages for Ubuntu 6.06 LTS: Source archives: Size/MD5: 37216 36d4b120d354c87515638af637c67b0d Size/MD5: 618 fd85854200bf0fedfd8cfc2eea79f99f Size/MD5: 585643 b29893c06192df6230dd5f340f3badf5 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 177586 2cd655781c221cae8b6cad28940f5c0b Size/MD5: 189546 e56b9addd85551a900c7c41043790cc7 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 163104 b2f38f1ef9367319175c324686dd412c Size/MD5: 174564 e2b8a930e343743aeba947c596d1ede8 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 171814 ef22e4eb3671266eedfb8379f00976fa Size/MD5: 183978 713c3bb97173d3a9749d7a41b2a4a050 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 167838 4444228753a954e3467eced9ac5388cb Size/MD5: 180344 4387b62da168e7332b46e33fa322dd4d Updated packages for Ubuntu 8.04 LTS: Source archives: Size/MD5: 29555 823267afe725ef0ae810d4fc7700d6bd Size/MD5: 702 03f53a9efbb7700134b4148bfc19a561 Size/MD5: 579302 16db2a1213159a1fac8239eab58108f5 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 188554 4f9915f8178f0d76a869727e5b46f24c Size/MD5: 200236 3d0dcf5ef68f5e1f9386b124a2d5742c i386 architecture (x86 compatible Intel/AMD): Size/MD5: 176750 25768f74f7307dba01043312d5eb7762 Size/MD5: 187664 bb916ab875765dd99eba9854372bf07f lpia architecture (Low Power Intel Architecture): Size/MD5: 177924 7d937eb2ec4ca7383af5f45bf00f577a Size/MD5: 188644 808af9dcc20690a441ed35510748e749 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 188840 f00f19aaae04cc80d5fe1984d822fd2c Size/MD5: 202650 e55052d973d6c2fd2043defcc282c3f5 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 182768 6e0af3cc2bc1b5f892eaab248c7ad8ec Size/MD5: 1939020c1e237c1b994c2c82bfcf3f0ef7eaa5 Updated packages for Ubuntu 9.04: Source archives: Size/MD5: 26524 ec4d4eb3a0cad8e53158420c2b24e971 Size/MD5: 1098 2c73a1f6b6a18d8c201cbe3562f8e9c4 Size/MD5: 593534 60daf18f28e2c1eb7641c4408e244110 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 191512 cf450b2ede8d4e51dce2e8c373c7388b Size/MD5: 202506 a5eb0005ccfa19658f35cf731c132562 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 179656 3a1893071ae30a1432b65c9324d44d91 Size/MD5: 189098 dc1d5298fee0ce78e8848aeeff851120 lpia architecture (Low Power Intel Architecture): Size/MD5: 180712 0a9c3a5d3087bdb0e2338e42a9331038 Size/MD5: 189918 ce218336ad2636084f85c5021001751b powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 189010 422acec867c52e8e3f9bd56371078377 Size/MD5: 201504 282cc2ca98c0ae4321f272d78fd0a18d sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 184370 06d2468d2b1c299beb7e95da9cbc2772 Size/MD5: 194100 69979206fc67d3b70d1639c7cf40712d Updated packages for Ubuntu 9.10: Source archives: Size/MD5: 24804 80718336a92f5c63f38ee7d84c8ff170 Size/MD5: 1117 0a739ae85420fc8043bc66f03a743676 Size/MD5: 744311 5fd96bba35fe29b464f7aa6ad255f0a6 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 310494 5fb9286a8835453da39328a9ef46932a Size/MD5: 334170 235e0f65990362782228dece635dee16 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 297946 aa67fe2e4c89151c743a86404e473833 Size/MD5: 319482 e5518c7a600c3f3b316e52767ef8907d lpia architecture (Low Power Intel Architecture): Size/MD5: 298134 152bfbe937de0aa1a7bb3d181700d7bb Size/MD5: 319938 370ba3cd5d80883e7b8af93211756a20 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 306170 e48e9bcc46b849c75675a84a85b07368 Size/MD5: 329136 348631f216fbf1bdd7ee0249911fb4ff sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 301730 0fe061194552253d3e992c75062ff350 Size/MD5: 323868 304cae7b60bf4c7c77523cbb62fc9e6d Updated packages for Ubuntu 10.04: Source archives: Size/MD5: 25851 33f5906cd8e8582e00e8baa1e5d54856 Size/MD5: 1131 665431dec087634bbcad17f22921f418 Size/MD5: 771059 4449d466a774f5ce401c9c0e3866c026 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 326542 f751940841d09c48d1e87c768f7e9356 Size/MD5: 350420 88622f029bdf13205434aac8e647bd4f i386 architecture (x86 compatible Intel/AMD): Size/MD5: 312350 f833abff9e23e619bb97129e9b7b9257 Size/MD5: 334338 877a883d1c886abc15b1502f95e0532b powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 321274 30e33ca134b61a4e6e7952032d7e639c Size/MD5: 345158 ffff986a6af277e8035e840f922f3a16 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 318478 f77a189b478f46fd930754adee2e7b1d Size/MD5: 341708 4e38581147410e7ff4a61d6bbcd23bdd -- Jamie Strandboge | https://canonical.com/ . Severe sudo flaw in Ubuntu might let local adversaries run arbitrary code with root privileges if taken advantage of.. sudo Exploit, Ubuntu Security, Code Execution Risk, Attack Threat. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 30, 2010 Critical Ubuntu
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hat Linuxcritical

Red Hat Linux: RHSA-2002:011-06 Critical: Sudo Local Access Exploit

Versions of sudo prior to 1.6.4 would not clear the environment beforesending an email notification about unauthorized sudo attempts, making itpossible for an attacker to supply parameters to the mail program.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated sudo packages are available Advisory ID: RHSA-2002:011-06 Issue date: 2002-01-14 Updated on: 2002-01-15 Product: Red Hat Linux Keywords: sudo environment Cross references: Obsoletes: --------------------------------------------------------------------- 1. Topic: Updated sudo packages fixing a security problem are available. 2. Relevant releases/architectures: Red Hat Linux 7.0 - alpha, i386 Red Hat Linux 7.1 - alpha, i386, ia64 Red Hat Linux 7.2 - i386, ia64 3. Problem description: Versions of sudo prior to 1.6.4 would not clear the environment before sending an email notification about unauthorized sudo attempts, making it possible for an attacker to supply parameters to the mail program. In the worst case, this could lead to a local root exploit. Users of sudo are advised to upgrade to version 1.6.4 which is not vulnerable to this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start aninteractive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed ( for more info): 6. RPMs required: Red Hat Linux 7.0: SRPMS: alpha: i386: Red Hat Linux 7.1: SRPMS: alpha: i386: ia64: Red Hat Linux 7.2: SRPMS: i386: ia64: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- 68dfd955e1e8f39fe41a4b7639195f11 7.0/en/os/SRPMS/sudo-1.6.4-0.7x.2.src.rpm ff225f9d53084e29d0d558c8daea95b6 7.0/en/os/alpha/sudo-1.6.4-0.7x.2.alpha.rpm ca088e51c3dd8f172063b0f8d122a5e5 7.0/en/os/i386/sudo-1.6.4-0.7x.2.i386.rpm 68dfd955e1e8f39fe41a4b7639195f11 7.1/en/os/SRPMS/sudo-1.6.4-0.7x.2.src.rpm ff225f9d53084e29d0d558c8daea95b6 7.1/en/os/alpha/sudo-1.6.4-0.7x.2.alpha.rpm ca088e51c3dd8f172063b0f8d122a5e5 7.1/en/os/i386/sudo-1.6.4-0.7x.2.i386.rpm fedccbb28833f82f220ab148fb2cd42a 7.1/en/os/ia64/sudo-1.6.4-0.7x.2.ia64.rpm 68dfd955e1e8f39fe41a4b7639195f11 7.2/en/os/SRPMS/sudo-1.6.4-0.7x.2.src.rpm ca088e51c3dd8f172063b0f8d122a5e5 7.2/en/os/i386/sudo-1.6.4-0.7x.2.i386.rpm fedccbb28833f82f220ab148fb2cd42a 7.2/en/os/ia64/sudo-1.6.4-0.7x.2.ia64.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: Sudo Manual | Sudo Copyright(c) 2000, 2001, 2002 Red Hat, Inc. `. Recent enhancements to sudo components have been introduced to address local privilege escalation weaknesses resulting from illicit email notifications found in earlier iterations.. Red Hat Advisory,Sudo Exploit,Update Security,Local Access Rights,Root Privilege Escalation. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 15, 2002 Critical Red Hat
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here