Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 29 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticalremote code execution

Debian 11: Sysstat Critical RCE Issues DLA-4336-1 CVE-2022-39377

An issue has been found in sysstat, a system performance tools for Linux. CVE-2022-39377 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4336-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz October 17, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : sysstat Version : 12.5.2-2+deb11u1 CVE ID : CVE-2022-39377 CVE-2023-33204 An issue has been found in sysstat, a system performance tools for Linux. CVE-2022-39377 On 32 bit systems, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). CVE-2023-33204 sysstat allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377 (see above). For Debian 11 bullseye, these problems have been fixed in version 12.5.2-2+deb11u1. We recommend that you upgrade your sysstat packages. For the detailed security status of sysstat please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/sysstat Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS updates sysstat fixing critical RCE issues; guidance on enhancing system performance tools security.. Debian LTS, sysstat, remote code execution, security advisory, system performance tools. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 17, 2025 Critical Debian LTS
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentooarbitrary code execution

Gentoo Linux: GLSA-202506-12 normal: sysstat arbitrary code execution

An integer overflow vulnerability has been found in sysstat which could result in arbitrary code execution.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202506-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: sysstat: Arbitrary Code Execution Date: June 15, 2025 Bugs: #907121 ID: 202506-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== An integer overflow vulnerability has been found in sysstat which could result in arbitrary code execution. Background ========== sysstat is a package containing a number of performance monitoring utilities for Linux, including sar, mpstat, iostat and sa tools. Affected packages ================= Package Vulnerable Unaffected ----------------- ------------ ------------ app-admin/sysstat < 12.6.2-r1 > = 12.6.2-r1 Description =========== A vulnerability has been discovered in sysstat. Please review the CVE identifier referenced below for details. This CVE improves on an incomplete fix for CVE-2022-39377. Impact ====== On 32 bit systems, an integer overflow can be triggered when displaying activity data files. Workaround ========== There is no known workaround at this time. Resolution ========== All sysstat users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-admin/sysstat-12.6.2-r1" References ========== [ 1 ] CVE-2023-33204 https://nvd.nist.gov/vuln/detail/CVE-2023-33204 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202506-12 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and securityof our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2025 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . A buffer overflow flaw in sysstat may permit unauthorized code execution. It is advised to perform an update to maintain system integrity.. sysstat integer overflow security patch Gentoo advisory. . LinuxSecurity.com Team

Calendar 2 Jun 15, 2025 Gentoo
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateupdate

openSUSE: 2025:0019-1 moderate: sysstat security update

An update that solves two vulnerabilities and has one security fix can now be installed.. # Security update for sysstat Announcement ID: SUSE-SU-2025:0019-1 Release Date: 2025-01-06T10:39:17Z Rating: moderate References: * bsc#1202473 * bsc#1205224 * bsc#1211507 Cross-References: * CVE-2022-39377 * CVE-2023-33204 CVSS scores: * CVE-2022-39377 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2022-39377 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-33204 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H * CVE-2023-33204 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for sysstat fixes the following issues: * CVE-2023-33204: Fixed a multiplication integer overflow in check_overflow in common.c (bsc#1211507) * CVE-2022-39377: Fixed arithmetic overflow in allocate_structures() (bsc#1205224) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2025-19=1 * openSUSE Leap 15.6 zypper in -t patchopenSUSE-SLE-15.6-2025-19=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-19=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-19=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-19=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-19=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-19=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-19=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-19=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-19=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-19=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-19=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * sysstat-isag-12.0.2-150000.3.37.1 * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux EnterpriseMicro 5.4 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * sysstat-isag-12.0.2-150000.3.37.1 * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 ## References: * https://www.suse.com/security/cve/CVE-2022-39377.html * https://www.suse.com/security/cve/CVE-2023-33204.html * https://bugzilla.suse.com/show_bug.cgi?id=1202473 * https://bugzilla.suse.com/show_bug.cgi?id=1205224 * https://bugzilla.suse.com/show_bug.cgi?id=1211507 . Important sysstat upgrade for openSUSE addresses various vulnerabilities. Keep your systems protected by applying this update.. OpenSUSE Sysstat Security Patch, Integer Overflow Update, Arithmetic Overflow Fix. . LinuxSecurity.com Team

Calendar 2 Jan 06, 2025 OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateupdate

SUSE: 2025:0019-1 moderate: sysstat integer overflows fix

* bsc#1202473 * bsc#1205224 * bsc#1211507 Cross-References: . # Security update for sysstat Announcement ID: SUSE-SU-2025:0019-1 Release Date: 2025-01-06T10:39:17Z Rating: moderate References: * bsc#1202473 * bsc#1205224 * bsc#1211507 Cross-References: * CVE-2022-39377 * CVE-2023-33204 CVSS scores: * CVE-2022-39377 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2022-39377 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-33204 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H * CVE-2023-33204 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for sysstat fixes the following issues: * CVE-2023-33204: Fixed a multiplication integer overflow in check_overflow in common.c (bsc#1211507) * CVE-2022-39377: Fixed arithmetic overflow in allocate_structures() (bsc#1205224) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2025-19=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-19=1 * SUSELinux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-19=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-19=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-19=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-19=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-19=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-19=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-19=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-19=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-19=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-19=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * sysstat-isag-12.0.2-150000.3.37.1 * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) *sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * sysstat-isag-12.0.2-150000.3.37.1 * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * sysstat-debuginfo-12.0.2-150000.3.37.1 * sysstat-debugsource-12.0.2-150000.3.37.1 * sysstat-12.0.2-150000.3.37.1 ## References: * https://www.suse.com/security/cve/CVE-2022-39377.html * https://www.suse.com/security/cve/CVE-2023-33204.html * https://bugzilla.suse.com/show_bug.cgi?id=1202473 * https://bugzilla.suse.com/show_bug.cgi?id=1205224 * https://bugzilla.suse.com/show_bug.cgi?id=1211507 . SUSE's latest sysstat security notice addresses significant vulnerabilities, enhancing overall stability and efficiency. Discover further details here.. sysstat security update, SUSE Linux enhancements, moderate security advisory. . LinuxSecurity.com Team

Calendar 2 Jan 06, 2025 SuSE
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatesysstat

SUSE 12 SP5: SUSE-SU-2025:0012-1 moderate: sysstat arithmetic overflow

* bsc#1205224 * bsc#1211507 Cross-References: * CVE-2022-39377 . # Security update for sysstat Announcement ID: SUSE-SU-2025:0012-1 Release Date: 2025-01-03T16:51:05Z Rating: moderate References: * bsc#1205224 * bsc#1211507 Cross-References: * CVE-2022-39377 * CVE-2023-33204 CVSS scores: * CVE-2022-39377 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2022-39377 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-33204 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H * CVE-2023-33204 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for sysstat fixes the following issues: * CVE-2023-33204: Fixed a multiplication integer overflow in check_overflow in common.c (bsc#1211507) * CVE-2022-39377: Fixed arithmetic overflow in allocate_structures() (bsc#1205224) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-12=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * sysstat-debugsource-12.0.2-20.23.1 * sysstat-12.0.2-20.23.1 * sysstat-debuginfo-12.0.2-20.23.1 * sysstat-isag-12.0.2-20.23.1 ## References: * https://www.suse.com/security/cve/CVE-2022-39377.html * https://www.suse.com/security/cve/CVE-2023-33204.html * https://bugzilla.suse.com/show_bug.cgi?id=1205224 * https://bugzilla.suse.com/show_bug.cgi?id=1211507 . The latest release of sysstat resolves urgentvulnerabilities, notably addressing arithmetic overflow concerns found in SUSE Enterprise Server.. sysstat security update, SUSE advisory, arithmetic overflow fix, critical threats. . LinuxSecurity.com Team

Calendar 2 Jan 03, 2025 SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 37: FEDORA-2023-4706cef256 Critical: Sysstat Arithmetic Overflow

Security fix for CVE-2023-33204. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-4706cef256 2023-07-20 05:17:50.037082 --------------------------------------------------------------------------------Name : sysstat Product : Fedora 37 Version : 12.6.2 Release : 2.fc37 URL : Summary : Collection of performance monitoring tools for Linux Description : The sysstat package contains the sar, sadf, mpstat, iostat, tapestat, pidstat, cifsiostat and sa tools for Linux. The sar command collects and reports system activity information. The information collected by sar can be saved in a file in a binary format for future inspection. The statistics reported by sar concern I/O transfer rates, paging activity, process-related activities, interrupts, network activity, memory and swap space utilization, CPU utilization, kernel activities and TTY statistics, among others. Both UP and SMP machines are fully supported. The sadf command may be used to display data collected by sar in various formats (CSV, PCP, XML, etc.). The iostat command reports CPU utilization and I/O statistics for disks. The tapestat command reports statistics for tapes connected to the system. The mpstat command reports global and per-processor statistics. The pidstat command reports statistics for Linux tasks (processes). The cifsiostat command reports I/O statistics for CIFS file systems. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2023-33204 --------------------------------------------------------------------------------ChangeLog: * Fri Jul 7 2023 psimovec - 12.6.2-2 - fix the arithmetic overflow in allocate_structures() that is still possible on some 32 bit systems (CVE-2023-33204) --------------------------------------------------------------------------------References: [ 1 ] Bug #2208270 - CVE-2023-33204 sysstat: check_overflow()function can work incorrectly that lead to an overflow https://bugzilla.redhat.com/show_bug.cgi?id=2208270 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-4706cef256' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The recent update to the Fedora sysstat package addresses CVE-2023-33204, providing essential security enhancements for tools used in system performance monitoring.. Fedora Update, Critical Fix, Sysstat Package. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 20, 2023 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycriticalinteger overflow

Mageia: MGASA-2023-0203 Critical: Sysstat Integer Overflow Issue

Multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. (CVE-2023-33204) References: . MGASA-2023-0203 - Updated sysstat packages fix security vulnerability Publication date: 19 Jun 2023 URL: https://advisories.mageia.org/MGASA-2023-0203.html Type: security Affected Mageia releases: 8 CVE: CVE-2023-33204 Multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. (CVE-2023-33204) References: - https://bugs.mageia.org/show_bug.cgi?id=32019 - https://lists.debian.org/debian-lts-announce/2023/05/msg00026.html - https://www.cve.org/CVERecord?id=CVE-2023-33204 SRPMS: - 8/core/sysstat-12.5.2-1.2.mga8 . Recent sysstat updates in Mageia resolve a serious integer overflow flaw linked to a previous CVE. Discover further details!. Mageia 8 security update, sysstat update, integer overflow issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 19, 2023 Critical Mageia
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicecritical

Ubuntu 23.04: USN-6145-1 Critical Security Advisory on Sysstat DoS Issue

Sysstat could be made to crash or run programs if it processed specially crafted data.. =========================================================================Ubuntu Security Notice USN-6145-1 June 07, 2023 sysstat vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: Sysstat could be made to crash or run programs if it processed specially crafted data. Software Description: - sysstat: system performance tools for Linux Details: It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only fixed for Ubuntu 16.04 LTS. (CVE-2022-39377) It was discovered that Sysstat incorrectly handled certain arithmetic multiplications in 64-bit systems, as a result of an incomplete fix for CVE-2022-39377. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-33204) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: sysstat 12.6.1-1ubuntu0.1 Ubuntu 22.10: sysstat 12.5.6-1ubuntu0.2 Ubuntu 22.04 LTS: sysstat 12.5.2-2ubuntu0.2 Ubuntu 20.04 LTS: sysstat 12.2.0-2ubuntu0.3 Ubuntu 18.04 LTS (Available with Ubuntu Pro): sysstat 11.6.1-1ubuntu0.2+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): sysstat 11.2.0-1ubuntu0.3+esm2 Ubuntu 14.04 LTS (Availablewith Ubuntu Pro): sysstat 10.2.0-1ubuntu0.1~esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6145-1 CVE-2022-39377, CVE-2023-33204 Package Information: https://launchpad.net/ubuntu/+source/sysstat/12.6.1-1ubuntu0.1 https://launchpad.net/ubuntu/+source/sysstat/12.5.6-1ubuntu0.2 https://launchpad.net/ubuntu/+source/sysstat/12.5.2-2ubuntu0.2 https://launchpad.net/ubuntu/+source/sysstat/12.2.0-2ubuntu0.3 . Explore the security notification USN-6145-1, which details vulnerabilities found in sysstat that may result in system crashes or unauthorized code execution.. Sysstat Issues, Ubuntu Security Update, Denial of Service, Code Execution Risk, System Performance Tools. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 07, 2023 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here