Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatbug fix

Red Hat: RHSA-2019:1910-01 Moderate: Docker Symlink Exchange Attacks

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: docker security and bug fix update Advisory ID: RHSA-2019:1910-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://access.redhat.com/errata/RHSA-2019:1910 Issue date: 2019-07-29 CVE Names: CVE-2018-15664 ==================================================================== 1. Summary: An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux 7 Extras - aarch64, ppc64le, s390x, x86_64 3. Description: Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere. Security Fix(es): * docker: symlink-exchange race attacks in docker cp (CVE-2018-15664) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * slowness of system shutdown when containers are being stopped - dockerd is unable to communicate with rhel-push-plugin (BZ#1714032) * journald Log() in dockerd causes nil pointer dereference when PutMessage() is called before reading msg.Source (BZ#1720363) * regression: docker cp: Rel: can't make /..../a relative to a (BZ#1723491) * Regression:docker cp: can no longer pull image files (BZ#1727488) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1714722 - CVE-2018-15664 docker: symlink-exchange race attacks in docker cp 1723491 - regression: docker cp: Rel: can't make /..../a relative to a 6. Package List: Red Hat Enterprise Linux 7Extras: Source: docker-1.13.1-102.git7f2769b.el7.src.rpm aarch64: docker-1.13.1-102.git7f2769b.el7.aarch64.rpm docker-client-1.13.1-102.git7f2769b.el7.aarch64.rpm docker-common-1.13.1-102.git7f2769b.el7.aarch64.rpm docker-debuginfo-1.13.1-102.git7f2769b.el7.aarch64.rpm docker-logrotate-1.13.1-102.git7f2769b.el7.aarch64.rpm docker-lvm-plugin-1.13.1-102.git7f2769b.el7.aarch64.rpm docker-novolume-plugin-1.13.1-102.git7f2769b.el7.aarch64.rpm docker-rhel-push-plugin-1.13.1-102.git7f2769b.el7.aarch64.rpm docker-v1.10-migrator-1.13.1-102.git7f2769b.el7.aarch64.rpm ppc64le: docker-1.13.1-102.git7f2769b.el7.ppc64le.rpm docker-client-1.13.1-102.git7f2769b.el7.ppc64le.rpm docker-common-1.13.1-102.git7f2769b.el7.ppc64le.rpm docker-debuginfo-1.13.1-102.git7f2769b.el7.ppc64le.rpm docker-logrotate-1.13.1-102.git7f2769b.el7.ppc64le.rpm docker-lvm-plugin-1.13.1-102.git7f2769b.el7.ppc64le.rpm docker-novolume-plugin-1.13.1-102.git7f2769b.el7.ppc64le.rpm docker-rhel-push-plugin-1.13.1-102.git7f2769b.el7.ppc64le.rpm docker-v1.10-migrator-1.13.1-102.git7f2769b.el7.ppc64le.rpm s390x: docker-1.13.1-102.git7f2769b.el7.s390x.rpm docker-client-1.13.1-102.git7f2769b.el7.s390x.rpm docker-common-1.13.1-102.git7f2769b.el7.s390x.rpm docker-debuginfo-1.13.1-102.git7f2769b.el7.s390x.rpm docker-logrotate-1.13.1-102.git7f2769b.el7.s390x.rpm docker-lvm-plugin-1.13.1-102.git7f2769b.el7.s390x.rpm docker-novolume-plugin-1.13.1-102.git7f2769b.el7.s390x.rpm docker-rhel-push-plugin-1.13.1-102.git7f2769b.el7.s390x.rpm docker-v1.10-migrator-1.13.1-102.git7f2769b.el7.s390x.rpm x86_64: docker-1.13.1-102.git7f2769b.el7.x86_64.rpm docker-client-1.13.1-102.git7f2769b.el7.x86_64.rpm docker-common-1.13.1-102.git7f2769b.el7.x86_64.rpm docker-debuginfo-1.13.1-102.git7f2769b.el7.x86_64.rpm docker-logrotate-1.13.1-102.git7f2769b.el7.x86_64.rpm docker-lvm-plugin-1.13.1-102.git7f2769b.el7.x86_64.rpm docker-novolume-plugin-1.13.1-102.git7f2769b.el7.x86_64.rpm docker-rhel-push-plugin-1.13.1-102.git7f2769b.el7.x86_64.rpm docker-v1.10-migrator-1.13.1-102.git7f2769b.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-15664 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXT8cSNzjgjWX9erEAQi2JA/+K/QqdrRTCRF3b2ZJJEV7sGFQKXMBlTV8 EZG9KgjOVqlEDbfKAGy8Zebs2N81dWdfPguSK1k0xYHSPmEo4uhHUbOnd0lIrVpY kaRcpE4PtNsV9sqjoO6Lomols33J8/q/sz2xpQA740SgQ3MBcYzztqbfSrXrNuyf kGWZubHuABqnsJ2HHlqPZCiiw1OcC+fRKjxjHKfGyqBBGwlcfCn33YJCm2tJGvVE nGVm70JuYVChY/9rgos8SK96wEo8jCIVNJ7X6ppfGeX6mmK5wVT7MhDSJihe9IwI frkXj1l+dYfcYO/mDubwEdIU6/WLqlmjni+AapKtLMrQzuH+d1kegFW3xsE6Cb72 vt2cmAMdJlAw9VUXPLrlZdSdJxniS4GnTlfFkw7FA+349EmMB8I5RoqNju16+hos Vfr8RW3KQ8uESnLM9hi1gCBrk11qyXKVmnKeyPZq0yX8vKCgwcRZmUDTTgZx0rVg wvWEjQcpnCM2JSMhYrWd4XyMesX3y4CnZpXd9b12mKV8GZzkWNw5A/APKzMVZtvH 101LluOy18xL+2ShyMmQIVWfrnaXVKUyuY4V+lq5XQlVPQrD7aHglkLbttd+GFvh kb2ImsTOLm6lzOule1BWk181bcPkJlgBOxlRb2OveY3wqAQBnrqrvcdw45PiNkag EYW5YpeNnu8=P8/C -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora released a patch for Podman, tackling privilege escalation vulnerabilities and delivering performance enhancements.. docker security update, Red Hat Enterprise, containerization fix. . LinuxSecurity.com Team

Calendar 2 Jul 29, 2019 Red Hat
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentooremote code execution

Gentoo: GLSA 202310-10 Normal: Vulnerability in Pip Security Fixed

Multiple vulnerabilities have been found in pip, which may allow remote attackers to execute arbitrary code or local attackers to conduct symlink attacks. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201309-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: pip: Multiple vulnerabilities Date: September 12, 2013 Bugs: #462616, #480202 ID: 201309-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in pip, which may allow remote attackers to execute arbitrary code or local attackers to conduct symlink attacks. Background ========= pip is a tool for installing and managing Python packages. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-python/pip < 1.3.1 > = 1.3.1 Description ========== Multiple vulnerabilities have been discovered in pip. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker could conduct a Man-in-the-Middle attack to cause pip to execute arbitrary code. A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. Workaround ========= There is no known workaround at this time. Resolution ========= All pip users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-python/pip-1.3.1" References ========= [ 1 ] CVE-2013-1629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1629 [ 2 ] CVE-2013-1888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1888 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201309-05 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . The Gentoo Linux Security Advisory GLSA 201309-05 outlines severe vulnerabilities in pip, the Python package installer, urging users to upgrade and apply patches to maintain security and system integrity. Gentoo Security,pip vulnerabilities,remote code execution,package management. . LinuxSecurity.com Team

Calendar 2 Sep 12, 2013 Gentoo
Banner 4 1028x280 1708121825 1771600306
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianlocal issue

Debian DSA-2542-1: Moderate Qemu-KVM Local Issues: Symlink Attacks

Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware. The Common Vulnerabilities and Exposures project identifies the following problems: . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2542-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Raphael Geissert September 08, 2012 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : qemu-kvm Vulnerability : multiple Problem type : local Debian-specific: no CVE ID : CVE-2012-2652 CVE-2012-3515 Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-2652: The snapshot mode of Qemu (-snapshot) incorrectly handles temporary files used to store the current state, making it vulnerable to symlink attacks (including arbitrary file overwriting and guest information disclosure) due to a race condition. CVE-2012-3515: Qemu does not properly handle VT100 escape sequences when emulating certain devices with a virtual console backend. An attacker within a guest with access to the vulnerable virtual console could overwrite memory of Qemu and escalate privileges to that of the qemu process. For the stable distribution (squeeze), these problems have been fixed in version 0.12.5+dfsg-5+squeeze9. For the testing distribution (wheezy), and the unstable distribution (sid), these problems will been fixed soon. We recommend that you upgrade your qemu-kvm packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Aseries of vulnerabilities within qemu-kvm resolved in Debian DSA-2542-1, targeting symlink exploitation and elevated privilege threats.. Debian Security Update,qemu-kvm Problems,Virtualization Security Issues,Local Vulnerability Fixes. . LinuxSecurity.com Team

Calendar 2 Sep 08, 2012 Debian
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity updaterace condition

openSUSE 11.3, 11.4 Important: ecryptfs-utils Race Condition Fixes

An update that contains security fixes can now be installed.. openSUSE Security Update: ecryptfs-utils: Update to fix various symlink race attacks ______________________________________________________________________________ Announcement ID: openSUSE-SU-2011:0902-1 Rating: important References: #709771 Affected Products: openSUSE 11.4 openSUSE 11.3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update of ecryptfs-utils fixes several security problems: - CVE-2011-1831 - Race condition when checking mountpoint during mount. - CVE-2011-1832 - Race condition when checking mountpoint during unmount. - CVE-2011-1833 - Race condition when checking source during mount. - CVE-2011-1834 - Improper mtab handling allowing corruption due to resource limits, signals, etc. - CVE-2011-1835 - Key poisoning in ecryptfs-setup-private due to insecure temp directory. - CVE-2011-1837 - Predictable lock counter name and associated races. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch ecryptfs-utils-4986 - openSUSE 11.3: zypper in -t patch ecryptfs-utils-4986 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586 x86_64): ecryptfs-utils-83-6.7.1 - openSUSE 11.4 (x86_64): ecryptfs-utils-32bit-83-6.7.1 - openSUSE 11.3 (i586 x86_64): ecryptfs-utils-83-3.3.1 - openSUSE 11.3 (x86_64): ecryptfs-utils-32bit-83-3.3.1 References: -- . Crucial OpenSUSE patch: ecryptfs-utils addresses various symlink race vulnerabilities along with additional security concerns.. OpenSUSE Security Update, ecryptfs-utils Patch, Race Condition Fixes. . Severity: Important.LinuxSecurity.com Team

Calendar 2 Aug 12, 2011 Important OpenSUSE
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here