Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 25 articles for you...
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorysecurity issueprivilege escalation

Ubuntu Linux 20.04 RLSA-2023-22578 major sudo Permission Rise Issue

Important: sudo security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:11521", "synopsis": "Important: sudo security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for sudo.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.\n\nSecurity Fix(es):\n\n* sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2454714", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2454714", "description": ""}], "cves": [{"name": "CVE-2026-35535", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35535", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.4", "cwe": "CWE-272"}], "references": [], "publishedAt": "2026-04-30T18:00:45.302131Z", "rpms": {"Rocky Linux 8": {"nvras": ["sudo-0:1.9.5p2-1.el8_10.5.aarch64.rpm", "sudo-0:1.9.5p2-1.el8_10.5.src.rpm", "sudo-0:1.9.5p2-1.el8_10.5.x86_64.rpm", "sudo-debuginfo-0:1.9.5p2-1.el8_10.5.aarch64.rpm", "sudo-debuginfo-0:1.9.5p2-1.el8_10.5.x86_64.rpm", "sudo-debugsource-0:1.9.5p2-1.el8_10.5.aarch64.rpm", "sudo-debugsource-0:1.9.5p2-1.el8_10.5.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important sudo security update for Rocky Linux addresses privilege escalation threat. Explore solutions and impact details.. Rocky Linuxsudo security update, privilege escalation fix, important security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 30, 2026 Important Rocky Linux
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryDoSimportant

SUSE: 2024:0877-1 Important: Sudo Fix Level Important - DoS Threat

* bsc#1221134 * bsc#1221151 Cross-References: * CVE-2023-42465 . # Security update for sudo Announcement ID: SUSE-SU-2024:0877-1 Rating: important References: * bsc#1221134 * bsc#1221151 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: * CVE-2023-42465: Fixed issues introduced by first patches (bsc#1221151, bsc#1221134). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-877=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-877=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-877=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-877=1 * SUSE Linux Enterprise Micro 5.3 zypper in -tpatch SUSE-SLE-Micro-5.3-2024-877=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-877=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-877=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-877=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-877=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-877=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-877=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-877=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-877=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-877=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-877=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-test-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * sudo-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * sudo-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sudo-1.9.9-150400.4.36.1 *sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sudo-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sudo-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sudo-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) *sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Manager Proxy 4.3 (x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1221134 * https://bugzilla.suse.com/show_bug.cgi?id=1221151 . Important security patch released for the sudo utility. Please adhere to the provided update guidelines to reduce potential vulnerabilities.. SUSE Security Update,Sudo Patch,OpenSUSE Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 13, 2024 Important SuSE
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hat Enterprise Linuxsecurity impact

Red Hat Enterprise Linux 7.7: RHSA-2023-3276-01 Important: Sudo Update Fix

An update for sudo is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: sudo security update Advisory ID: RHSA-2023:3276-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:3276 Issue date: 2023-05-23 CVE Names: CVE-2023-22809 ==================================================================== 1. Summary: An update for sudo is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.7) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.7) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.7) - x86_64 3. Description: The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: arbitrary file write with privileges of the RunAs user (CVE-2023-22809) For more details about the security issue(s), includingthe impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2161142 - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.7): Source: sudo-1.8.23-4.el7_7.4.src.rpm x86_64: sudo-1.8.23-4.el7_7.4.x86_64.rpm sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.7): Source: sudo-1.8.23-4.el7_7.4.src.rpm ppc64le: sudo-1.8.23-4.el7_7.4.ppc64le.rpm sudo-debuginfo-1.8.23-4.el7_7.4.ppc64le.rpm x86_64: sudo-1.8.23-4.el7_7.4.x86_64.rpm sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.7): Source: sudo-1.8.23-4.el7_7.4.src.rpm x86_64: sudo-1.8.23-4.el7_7.4.x86_64.rpm sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.7): x86_64: sudo-debuginfo-1.8.23-4.el7_7.4.i686.rpm sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm sudo-devel-1.8.23-4.el7_7.4.i686.rpm sudo-devel-1.8.23-4.el7_7.4.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.7): ppc64le: sudo-debuginfo-1.8.23-4.el7_7.4.ppc64le.rpm sudo-devel-1.8.23-4.el7_7.4.ppc64le.rpm x86_64: sudo-debuginfo-1.8.23-4.el7_7.4.i686.rpm sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm sudo-devel-1.8.23-4.el7_7.4.i686.rpm sudo-devel-1.8.23-4.el7_7.4.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.7): x86_64: sudo-debuginfo-1.8.23-4.el7_7.4.i686.rpm sudo-debuginfo-1.8.23-4.el7_7.4.x86_64.rpm sudo-devel-1.8.23-4.el7_7.4.i686.rpm sudo-devel-1.8.23-4.el7_7.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2023-22809 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZG4WztzjgjWX9erEAQhvDA//a7zdxuDu2osHSQfgO7W3VrPSpvMcwQhT hCWJoZdTD1scqqa9ZgBhyhWDtWkQ/46TnUEa4+zuofVa8JfMg6DT/D7Rl6elpLaJ 1oOlJLk+mnRai8CxbTzMBwevfIHdF1jdFxQkmhetSHMS2z0Nw73NmwyXuwNv3AYg mU/3IuL9ZiSX8eJ8xMuFNZ+G4QQvshXo6oqvv3fbnJ2YHGc1ezjqqp7byLIrcNm2 Kq8lURZP1jBpvRedrPEOWqQfZN7NiE4AN5J5epcS1rlSSkzpYQhGxidJgjHnQK0M X18tkmRlHhLsIJK0dBK0gZJ6u72l2im1EwhMB1PweWUrGlyByfSed/2KHD1IPfxD TGwKqfFE7v4WMJULFxuS87QNp+lkz5xarUXS/Lv9t9IQkuaTorbWoEsPxXOUtz30 mIlJXwixHgY9JQ8z3ABrSi0GPzuhnr2XcE69n3RuT9fz5+AX/nOWVM/mQdP1jsYd 7Hk0WUR44dhvSNNmRmRik2q0m5WFn3hu+eo1dJ135iSYEZCNgGj26V8PKmithgz0 MUfcUa8wAHw3nNq7Ytf9YarmRHpbonQtObzbYuPvGd1jd8Or/gg3tLOJBNX5Prg+ EOErA+4dZ4kiOLj+L100j7/sqYgrJ0rdEGwQvQZkyh0kRdnwQ7JTVILJpkBXGtju 0MP32q3pLe8=drCU -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . An update from Red Hat highlights a critical sudo patch that resolves potential arbitrary file write vulnerabilities. Discover the steps to implement this update.. Red Hat Enterprise Linux,Sudo Security Update,Arbitrary Write Fix,Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 24, 2023 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysystem managementsecurity impact

Red Hat: RHSA-2023-3264 Important: Sudo Arbitrary File Write

An update for sudo is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: sudo security update Advisory ID: RHSA-2023:3264-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:3264 Issue date: 2023-05-23 CVE Names: CVE-2023-22809 ==================================================================== 1. Summary: An update for sudo is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 3. Description: The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: arbitrary file write with privileges of the RunAs user (CVE-2023-22809) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2161142 -CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.4): Source: sudo-1.8.19p2-12.el7_4.3.src.rpm x86_64: sudo-1.8.19p2-12.el7_4.3.x86_64.rpm sudo-debuginfo-1.8.19p2-12.el7_4.3.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.4): x86_64: sudo-debuginfo-1.8.19p2-12.el7_4.3.i686.rpm sudo-debuginfo-1.8.19p2-12.el7_4.3.x86_64.rpm sudo-devel-1.8.19p2-12.el7_4.3.i686.rpm sudo-devel-1.8.19p2-12.el7_4.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-22809 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZGzKfdzjgjWX9erEAQiBeQ/+PEHn6hqQPc0Lg5ZphXUxckaPoxwJWsYO VxVCY3egY8aGiRWH+YTqjfIvblYlcD1DzD3uLQvqi5fsutSKt85J4RioY4larQ02 rIOG+asAgzhP8DqOAlPzPB40Is8xts+bfh1s7wTm+4U7yGXrEEktyT6S9QAazc82 TEUCRi7rPqmQ/04E8U04NoH/VV2NkiH6rzVAtbkW8Zxu09VH0FXObfyPnpaMrxwY 7oCQJEt2bV17I9ad+W0iHUnZt7vzCK6yT2p8wHx2XIWC7lHRNwQW3iPNl6jMwRjy W9IYe0Fk2wmSDR8mphXhCtEYmAxqLs7kbdjoiRSBSw430HA6WKujVugcbi5Jbmhl 841XDJdWGR3VkN7zaqiyKOReExYVNQQX7LfSAqqAFEVRjz6X42k9hxQax2m23jNS 7YXxZWO8GZj/vGxxOv2AgSMUK1ZIcRlPieJtOg0Ji3SismZxE3crw6ykh9IiqYtz TbzEBdUH7LBVHZAlX/b/jsrriIGzwaK6ChbmQBKZSDKcI10a1YzsBhFlxy1h/ALh wLcW+e+GdU1JB2nDsTSjSyuP/EmEMJ/MIKaS0/03uOj3s66fo8SvMYmG/EYV6jVB VfqQMD6sV/5my7CP3zfAsIwpF4kY0IjG3FJOZvaXaApnxZAP/GSLOiDU+zjM357p bIIk4P/QBmU=zhNV -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . An important patch for sudo on CentOS addresses vulnerabilities and potential writing errors in files.. Red Hat Security, Sudo Update, Linux Enterprise, Important Advisory. . Severity: Important.LinuxSecurity.com Team

Calendar 2 May 23, 2023 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycritical issuefedora

Fedora 38: 2023-11c9d868ca Critical Sudo Update For Double Free Issue

Security fix for CVE-2023-27320. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-11c9d868ca 2023-03-15 00:16:12.054737 --------------------------------------------------------------------------------Name : sudo Product : Fedora 38 Version : 1.9.13 Release : 1.p2.fc38 URL : Summary : Allows restricted root access for specified users Description : Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict what commands a user may run on a per-host basis, copious logging of each command (providing a clear audit trail of who did what), a configurable timeout of the sudo command, and the ability to use the same configuration file (sudoers) on many different machines. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2023-27320 --------------------------------------------------------------------------------ChangeLog: * Wed Mar 1 2023 Radovan Sroka - 1.9.13-1.p2 - Rebase to sudo 1.9.13p2 - sudo-1.9.13p2 is available Resolves: rhbz#2169840 - sudo: double free with per-command chroot sudoers rules Resolves: CVE-2023-27320 --------------------------------------------------------------------------------References: [ 1 ] Bug #2174218 - CVE-2023-27320 sudo: double free with per-command chroot sudoers rules https://bugzilla.redhat.com/show_bug.cgi?id=2174218 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-11c9d868ca' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Linux Mint 21.1 security bulletin emphasizes crucial openssl patch to address severe memory leak vulnerability impacting data encryption protocols.. Critical Sudo Update, Fedora 38, Double Free Issue, User Permissions, Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 15, 2023 Critical Fedora
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisoryimportant updatearbitrary access

Oracle Linux 9 ELSA-2023-0282 Important Sudo Update for Arbitrary Access

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-0282 https://linux.oracle.com/errata/ELSA-2023-0282.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: sudo-1.9.5p2-7.el9_1.1.x86_64.rpm sudo-python-plugin-1.9.5p2-7.el9_1.1.x86_64.rpm aarch64: sudo-1.9.5p2-7.el9_1.1.aarch64.rpm sudo-python-plugin-1.9.5p2-7.el9_1.1.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates//sudo-1.9.5p2-7.el9_1.1.src.rpm Related CVEs: CVE-2023-22809 Description of changes: [1.9.5p2-7.1] RHEL 9.1.0.Z ERRATUM - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user Resolves: rhbz#2161224 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Advisory ELSA-2023-0291 highlights a critical update for OpenSSH, addressing vulnerabilities that could lead to unauthorized access.. Oracle Linux Update, Sudo Security Patch, Linux Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 24, 2023 Important Oracle
Banner 2 1028x280 1708121730 1 1771599631
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisoryimportant updatesudo update

Oracle Linux 7: ELSA-2023-0291 Important: Sudo Arbitrary File Write

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-0291 https://linux.oracle.com/errata/ELSA-2023-0291.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: sudo-1.8.23-10.el7_9.3.x86_64.rpm sudo-devel-1.8.23-10.el7_9.3.i686.rpm sudo-devel-1.8.23-10.el7_9.3.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates//sudo-1.8.23-10.el7_9.3.src.rpm Related CVEs: CVE-2023-22809 Description of changes: [1.8.23-10.3] RHEL 7.9.Z ERRATUM - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user Resolves: rhbz#2161222 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . CentOS 7 undergoes crucial sudo patch improving file handling vulnerabilities. Check here for further information.. Oracle Linux Security Update, Sudo Update, ELSA 2023-0291, File Write Issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 24, 2023 Important Oracle
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatsystem management

Red Hat 8.2: RHSA-2023:0292-01 Important: Sudo Arbitrary File Write

An update for sudo is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: sudo security update Advisory ID: RHSA-2023:0292-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0292 Issue date: 2023-01-23 CVE Names: CVE-2023-22809 ==================================================================== 1. Summary: An update for sudo is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS AUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS E4S (v. 8.2) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS TUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64 3. Description: The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: arbitrary file write with privileges of the RunAs user (CVE-2023-22809) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the Referencessection. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2161142 - CVE-2023-22809 sudo: arbitrary file write with privileges of the RunAs user 6. Package List: Red Hat Enterprise Linux BaseOS AUS (v. 8.2): Source: sudo-1.8.29-5.el8_2.2.src.rpm aarch64: sudo-1.8.29-5.el8_2.2.aarch64.rpm sudo-debuginfo-1.8.29-5.el8_2.2.aarch64.rpm sudo-debugsource-1.8.29-5.el8_2.2.aarch64.rpm ppc64le: sudo-1.8.29-5.el8_2.2.ppc64le.rpm sudo-debuginfo-1.8.29-5.el8_2.2.ppc64le.rpm sudo-debugsource-1.8.29-5.el8_2.2.ppc64le.rpm s390x: sudo-1.8.29-5.el8_2.2.s390x.rpm sudo-debuginfo-1.8.29-5.el8_2.2.s390x.rpm sudo-debugsource-1.8.29-5.el8_2.2.s390x.rpm x86_64: sudo-1.8.29-5.el8_2.2.x86_64.rpm sudo-debuginfo-1.8.29-5.el8_2.2.x86_64.rpm sudo-debugsource-1.8.29-5.el8_2.2.x86_64.rpm Red Hat Enterprise Linux BaseOS E4S (v. 8.2): Source: sudo-1.8.29-5.el8_2.2.src.rpm aarch64: sudo-1.8.29-5.el8_2.2.aarch64.rpm sudo-debuginfo-1.8.29-5.el8_2.2.aarch64.rpm sudo-debugsource-1.8.29-5.el8_2.2.aarch64.rpm ppc64le: sudo-1.8.29-5.el8_2.2.ppc64le.rpm sudo-debuginfo-1.8.29-5.el8_2.2.ppc64le.rpm sudo-debugsource-1.8.29-5.el8_2.2.ppc64le.rpm s390x: sudo-1.8.29-5.el8_2.2.s390x.rpm sudo-debuginfo-1.8.29-5.el8_2.2.s390x.rpm sudo-debugsource-1.8.29-5.el8_2.2.s390x.rpm x86_64: sudo-1.8.29-5.el8_2.2.x86_64.rpm sudo-debuginfo-1.8.29-5.el8_2.2.x86_64.rpm sudo-debugsource-1.8.29-5.el8_2.2.x86_64.rpm Red Hat Enterprise Linux BaseOS TUS (v.8.2): Source: sudo-1.8.29-5.el8_2.2.src.rpm aarch64: sudo-1.8.29-5.el8_2.2.aarch64.rpm sudo-debuginfo-1.8.29-5.el8_2.2.aarch64.rpm sudo-debugsource-1.8.29-5.el8_2.2.aarch64.rpm ppc64le: sudo-1.8.29-5.el8_2.2.ppc64le.rpm sudo-debuginfo-1.8.29-5.el8_2.2.ppc64le.rpm sudo-debugsource-1.8.29-5.el8_2.2.ppc64le.rpm s390x: sudo-1.8.29-5.el8_2.2.s390x.rpm sudo-debuginfo-1.8.29-5.el8_2.2.s390x.rpm sudo-debugsource-1.8.29-5.el8_2.2.s390x.rpm x86_64: sudo-1.8.29-5.el8_2.2.x86_64.rpm sudo-debuginfo-1.8.29-5.el8_2.2.x86_64.rpm sudo-debugsource-1.8.29-5.el8_2.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-22809 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY85ixdzjgjWX9erEAQhmUQ//aQCgWRhe/K+O7GQakIJAZ03l8Co9UKcO BU7NRr0+SC4zK7+9dD/wLFoCMGHvKN3rOSXaDEZc2hGzjFziBF0uh9X0XBHTviWo maMkKH81jJltJf6Dn0F2i4WS0OW4Pe6UAPz1iZAqkgN4ofMs0DL+9+JaavgDcYIT QCJnml114XEXfjLOe9bKFPzLqLi2yo9ALF7HDk/GsT6BmWPm2v9l25tqdV9+/XNX RjgT/pGiKq2WISi8p1xz3/h79gcsO2ZuBR+DZJs9cSltmscnWoA1nTU0wzp72qkH ysR9BXhMkXd+WE2rNIpBxI0re0JI1sqyCpHT6u4gQ+Mh3FsSCtjD94gSPQ1YZeWO S9dTB7/Zvn+WncUgtljQgWQIXh6+2Yii4n2o1x0XTqjNCWXycONrPcV03gdvmu6u JxJCMDvBS+5gTnd/dTbvexWYELKHV3qRRH/c2aEfirmZynpYQfaQrNpFg2ibAHgL D65VKvF9LVsJSZz7IVxZLw8xgWMvpQ7EY+e7E6zN0Nxpzc//SbFqrh668Xg7h8+R ZxTH1e12VexAQDKfa/UR8TvLkjIMxc+qqgyuoaSSjnvDWqUV4v0PbKiBVAYN8dzL 84qp7p+SPf4Nk+ivslwWwZI6Ihtd09U1Yap2n61ueJF3n95MNZ6rQM08yUwdeWYA +pYhMpaMayk=U7Tr -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . An essential security patch for Red Hat Enterprise Linux 8.2 has been released, enhancing system integrity and administrative capabilities..RedHat, Enterprise Linux, sudo update, system management. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 23, 2023 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here