Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
89
security advisoryfedoraupdateFedora 43 incus 6.23 Dependency Removed Advisory 2026-094b7621cf
Remove incus dependency from incus-agent. Update to 6.23. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-094b7621cf 2026-04-20 00:44:47.956847+00:00 -------------------------------------------------------------------------------- Name : incus Product : Fedora 43 Version : 6.23 Release : 3.fc43 URL : https://linuxcontainers.org/incus Summary : Powerful system container and virtual machine manager Description : Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon. -------------------------------------------------------------------------------- Update Information: Remove incus dependency from incus-agent. Update to 6.23 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 9 2026 Carl George - 6.23-3 - Remove incus dependency from incus-agent rhbz#2456888 * Mon Apr 6 2026 Reto Gantenbein - 6.23-2 - Fix static builds of vendored dependencies (RHBZ 2419661) * Mon Apr 6 2026 Reto Gantenbein - 6.23-1 - Update to 6.23 * Mon Mar 30 2026 Neal Gompa - 6.19.1-4 - Drop selinux subpackage in favor of container-selinux * Tue Feb 3 2026 Maxwell G - 6.19.1-3 - Rebuild for https://fedoraproject.org/wiki/Changes/golang1.26 * Fri Jan 16 2026 Fedora Release Engineering - 6.19.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2412713 - CVE-2025-58183 incus: Unbounded allocation when parsing GNU sparse map [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2412713 [ 2 ] Bug #2419345 - incus-6.23.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2419345 [ 3 ] Bug #2419661 - incus-agent must bestatically linked for VM exec to work https://bugzilla.redhat.com/show_bug.cgi?id=2419661 [ 4 ] Bug #2432455 - CVE-2026-23954 incus: container image templating arbitrary host file read and write [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2432455 [ 5 ] Bug #2432457 - CVE-2026-23953 incus: container environment configuration newline injection [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2432457 [ 6 ] Bug #2436657 - Incus VMs do not boot due to unknown audio driver https://bugzilla.redhat.com/show_bug.cgi?id=2436657 [ 7 ] Bug #2441179 - CVE-2025-69725 incus: Go-chi/chi: Open Redirect vulnerability allows redirection to malicious websites [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2441179 [ 8 ] Bug #2452042 - CVE-2026-33542 incus: Incus: Image cache poisoning due to insufficient image fingerprint validation [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2452042 [ 9 ] Bug #2452044 - CVE-2026-33897 incus: Incus: Arbitrary file read/write as root via pongo2 template chroot bypass [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2452044 [ 10 ] Bug #2452046 - CVE-2026-33711 incus: Incus: Local privilege escalation or denial of service via predictable temporary file paths [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2452046 [ 11 ] Bug #2452048 - CVE-2026-33743 incus: Incus: Denial of Service via specially crafted storage bucket backup [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2452048 [ 12 ] Bug #2452106 - CVE-2026-33945 incus: Incus: Privilege escalation and denial of service via path traversal in systemd credential configuration [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2452106 [ 13 ] Bug #2456888 - Installing incus-agent installs the entire incus stack https://bugzilla.redhat.com/show_bug.cgi?id=2456888 -------------------------------------------------------------------------------- This update canbe installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-094b7621cf' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 20, 2026
•Informational
Fedora
87
security advisorydebianprivilege escalationDebian DSA-6213-1 LXD Important Privilege Escalation Fix
Multiple security issues were discovered in LXD, a system container and virtual machine manager, which could result in restriction bypass or privilege escalation. For the oldstable distribution (bookworm), these problems have been fixed in version 5.0.2-5+deb12u5.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6213-1
Apr 15, 2026
•Important
Debian
87
security advisorylocal privilege escalationdebianDebian DSA-6057-1 LXD Important Local Privilege Escalation CVE-2025-64507
It was discovered that LXD, a system container and virtual machine manager, is prone to a local privilege escalation vulnerability if unprivileged users are allowed to access LXD through lxd-user. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-6057-1
Nov 13, 2025
•Important
Debian
87
security advisorylocal privilege escalationdebianDebian: Incus Important Privilege Escalation CVE-2025-64507 DSA-6051-1
It was discovered that Incus, a system container and virtual machine manager, is prone to a local privilege escalation vulnerability unprivileged users are allowed access to Incus through incus-user. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-6051-1
Nov 10, 2025
•Important
Debian
89
security advisoryupdateFedoraFedora 41: incus update 2025-5fce1e4f70 critical: DoS issues fixed
Rebase to Incus 6.12 to fix a variety of issues. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-5fce1e4f70 2025-05-07 03:58:50.599123+00:00 -------------------------------------------------------------------------------- Name : incus Product : Fedora 41 Version : 6.12 Release : 1.fc41 URL : https://linuxcontainers.org/incus Summary : Powerful system container and virtual machine manager Description : Container hypervisor based on LXC Incus offers a REST API to remotely manage containers over the network, using an image based work-flow and with support for live migration. This package contains the Incus daemon. -------------------------------------------------------------------------------- Update Information: Rebase to Incus 6.12 to fix a variety of issues -------------------------------------------------------------------------------- ChangeLog: * Mon May 5 2025 Reto Gantenbein - 6.12-1 - Update to incus-6.12 * Fri Jan 17 2025 Fedora Release Engineering - 6.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2292123 - incus changes the mode of /run/incus back to 0700 https://bugzilla.redhat.com/show_bug.cgi?id=2292123 [ 2 ] Bug #2340645 - incus: FTBFS in Fedora rawhide/f42 https://bugzilla.redhat.com/show_bug.cgi?id=2340645 [ 3 ] Bug #2341879 - incus-6.12.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2341879 [ 4 ] Bug #2347480 - CVE-2025-27144 incus: Go JOSE's Parsing Vulnerable to Denial of Service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2347480 [ 5 ] Bug #2350832 - CVE-2025-22869 incus: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2350832 [ 6 ] Bug #2352303 - CVE-2025-22870incus: HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2352303 [ 7 ] Bug #2354445 - CVE-2025-30204 incus: jwt-go allows excessive memory allocation during header parsing [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2354445 [ 8 ] Bug #2360678 - Incus version in Fedora 42 is incompatible with released QEMU version https://bugzilla.redhat.com/show_bug.cgi?id=2360678 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-5fce1e4f70' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 07, 2025
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!