Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 111 articles for you...
89

Fedora 39: FEDORA-2024-272860364f critical: tcpdump denial of service

Fix for CVE-2024-2397. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-272860364f 2024-05-14 03:27:20.127686 -------------------------------------------------------------------------------- Name : tcpdump Product : Fedora 39 Version : 4.99.4 Release : 4.fc39 URL : http://www.tcpdump.org Summary : A network traffic monitoring tool Description : Tcpdump is a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Install tcpdump if you need a program to monitor network traffic. -------------------------------------------------------------------------------- Update Information: Fix for CVE-2024-2397 -------------------------------------------------------------------------------- ChangeLog: * Sun May 5 2024 Michal Ruprich - 14:4.99.4-4 - Resolves: #2274793 - Crafted .pcap file may lead to Denial of Service -------------------------------------------------------------------------------- References: [ 1 ] Bug #2274793 - TRIAGE CVE-2024-2397 tcpdump: Crafted .pcap file may lead to Denial of Service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2274793 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-272860364f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Essential security patch for Fedora tcpdump resolving Denial of Service issue, CVE-2024-2398 remedy is part of this update.. Fedora Tcpdump Security Update, Denial of Service Fix, CVE-2024-2397 Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 14, 2024 Critical Fedora
89

Fedora 40: FEDORA-2024-e375e28b45 Critical: Tcpdump Denial of Service

Fix for CVE-2024-2397. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-e375e28b45 2024-05-11 01:29:32.567772 -------------------------------------------------------------------------------- Name : tcpdump Product : Fedora 40 Version : 4.99.4 Release : 7.fc40 URL : http://www.tcpdump.org Summary : A network traffic monitoring tool Description : Tcpdump is a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Install tcpdump if you need a program to monitor network traffic. -------------------------------------------------------------------------------- Update Information: Fix for CVE-2024-2397 -------------------------------------------------------------------------------- ChangeLog: * Sun May 5 2024 Michal Ruprich - 14:4.99.4-7 - Resolves: #2274793 - Crafted .pcap file may lead to Denial of Service -------------------------------------------------------------------------------- References: [ 1 ] Bug #2274793 - TRIAGE CVE-2024-2397 tcpdump: Crafted .pcap file may lead to Denial of Service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2274793 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-e375e28b45' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Tcpdump enhancement for Fedora 40 rectifies CVE-2024-2397, addressing Denial of Service flaw.. Fedora Security Update,tcpdump tool,network monitoring updates,security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 11, 2024 Critical Fedora
217

Oracle Linux 8 ELSA-2024-0770 Important: Nginx Security Patch

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-0769 https://linux.oracle.com/errata/ELSA-2024-0769.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: tcpdump-4.9.3-3.el8_9.1.x86_64.rpm aarch64: tcpdump-4.9.3-3.el8_9.1.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//tcpdump-4.9.3-3.el8_9.1.src.rpm Related CVEs: CVE-2021-41043 Description of changes: [14:4.9.3-3.1] - tcpslice: use-after-free in extract_slice() (CVE-2021-41043) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 8 has undergone a significant security enhancement for tcpdump to rectify a use-after-free vulnerability, bolstering system defense.. Oracle Linux,tcpdump,Security Update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Feb 14, 2024 Important Oracle
89

Fedora 36 2023-de10e674ae Critical: tcpdump OOB Write Threat

New versions of libpcap and tcpdump. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-de10e674ae 2023-04-28 02:22:23.220524 --------------------------------------------------------------------------------Name : tcpdump Product : Fedora 36 Version : 4.99.4 Release : 1.fc36 URL : https://www.tcpdump.org/ Summary : A network traffic monitoring tool Description : Tcpdump is a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Install tcpdump if you need a program to monitor network traffic. --------------------------------------------------------------------------------Update Information: New versions of libpcap and tcpdump --------------------------------------------------------------------------------ChangeLog: * Wed Apr 12 2023 Michal Ruprich - 14:4.99.4-1 - New version 4.99.4 --------------------------------------------------------------------------------References: [ 1 ] Bug #2185319 - libpcap-1.10.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2185319 [ 2 ] Bug #2185321 - tcpdump-4.99.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2185321 [ 3 ] Bug #2185499 - CVE-2023-1801 tcpdump: OOB write in SMB decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2185499 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-de10e674ae' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the FedoraProject can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Utilize tcpdump for observing network packets on Fedora 36, showcasing upgraded libpcap features and significant security optimizations.. tcpdump Update, libpcap Improvements, Fedora Security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 28, 2023 Critical Fedora
89

Fedora 36: FEDORA-2023-de10e674ae Moderate libpcap Network Update

New versions of libpcap and tcpdump. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-de10e674ae 2023-04-28 02:22:23.220524 --------------------------------------------------------------------------------Name : libpcap Product : Fedora 36 Version : 1.10.4 Release : 1.fc36 URL : https://www.tcpdump.org/ Summary : A system-independent interface for user-level packet capture Description : Libpcap provides a portable framework for low-level network monitoring. Libpcap can provide network statistics collection, security monitoring and network debugging. Since almost every system vendor provides a different interface for packet capture, the libpcap authors created this system-independent API to ease in porting and to alleviate the need for several system-dependent packet capture modules in each application. Install libpcap if you need to do low-level network traffic monitoring on your network. --------------------------------------------------------------------------------Update Information: New versions of libpcap and tcpdump --------------------------------------------------------------------------------ChangeLog: * Wed Apr 12 2023 Michal Ruprich - 14:1.10.4-1 - New version 1.10.4 --------------------------------------------------------------------------------References: [ 1 ] Bug #2185319 - libpcap-1.10.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2185319 [ 2 ] Bug #2185321 - tcpdump-4.99.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2185321 [ 3 ] Bug #2185499 - CVE-2023-1801 tcpdump: OOB write in SMB decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2185499 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-de10e674ae' at the command line. For more information,refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Uncover the latest Fedora 36 enhancements, showcasing updated libpcap and tcpdump versions designed for enhanced network surveillance.. libpcap update,Fedora security,tcpdump features,network monitoring tool. . LinuxSecurity.com Team

Calendar%202 Apr 28, 2023 Fedora
203

Mageia 8 MGASA-2023-0154 Critical: Tcpdump Out-Of-Bounds Write Issue

The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet. (CVE-2023-1801) References: . MGASA-2023-0154 - Updated tcpdump packages fix security vulnerability Publication date: 24 Apr 2023 URL: https://advisories.mageia.org/MGASA-2023-0154.html Type: security Affected Mageia releases: 8 CVE: CVE-2023-1801 The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet. (CVE-2023-1801) References: - https://bugs.mageia.org/show_bug.cgi?id=31782 - - https://www.cve.org/CVERecord?id=CVE-2023-1801 SRPMS: - 8/core/tcpdump-4.99.2-1.1.mga8 . Mageia 2023-0155 addresses a vulnerability in Wireshark's DNS protocol handler that involves an improper input validation error. Discover the details!. Network Security, Tcpdump Update, Mageia Advisory, Security Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 24, 2023 Critical Mageia
89

Fedora 38 tcpdump Update 2023-33906c7c4a Critical: SMB Decoder

New versions of libpcap and tcpdump. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-33906c7c4a 2023-04-20 04:40:58.216661 --------------------------------------------------------------------------------Name : tcpdump Product : Fedora 38 Version : 4.99.4 Release : 1.fc38 URL : https://www.tcpdump.org/ Summary : A network traffic monitoring tool Description : Tcpdump is a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Install tcpdump if you need a program to monitor network traffic. --------------------------------------------------------------------------------Update Information: New versions of libpcap and tcpdump --------------------------------------------------------------------------------ChangeLog: * Wed Apr 12 2023 Michal Ruprich - 14:4.99.4-1 - New version 4.99.4 --------------------------------------------------------------------------------References: [ 1 ] Bug #2185319 - libpcap-1.10.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2185319 [ 2 ] Bug #2185321 - tcpdump-4.99.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2185321 [ 3 ] Bug #2185499 - CVE-2023-1801 tcpdump: OOB write in SMB decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2185499 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-33906c7c4a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the FedoraProject can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The latest Fedora 38 release features an enhanced version of the Tcpdump network analysis tool, boasting improved compatibility with libpcap and several critical security updates.. Tcpdump Update,Fedora Security,Network Monitoring Tool,LibPcap Update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 20, 2023 Critical Fedora
89

Fedora 38: 2023-33906c7c4a Critical: Libpcap Network Monitoring Update

New versions of libpcap and tcpdump. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-33906c7c4a 2023-04-20 04:40:58.216661 --------------------------------------------------------------------------------Name : libpcap Product : Fedora 38 Version : 1.10.4 Release : 1.fc38 URL : https://www.tcpdump.org/ Summary : A system-independent interface for user-level packet capture Description : Libpcap provides a portable framework for low-level network monitoring. Libpcap can provide network statistics collection, security monitoring and network debugging. Since almost every system vendor provides a different interface for packet capture, the libpcap authors created this system-independent API to ease in porting and to alleviate the need for several system-dependent packet capture modules in each application. Install libpcap if you need to do low-level network traffic monitoring on your network. --------------------------------------------------------------------------------Update Information: New versions of libpcap and tcpdump --------------------------------------------------------------------------------ChangeLog: * Wed Apr 12 2023 Michal Ruprich - 14:1.10.4-1 - New version 1.10.4 --------------------------------------------------------------------------------References: [ 1 ] Bug #2185319 - libpcap-1.10.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2185319 [ 2 ] Bug #2185321 - tcpdump-4.99.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2185321 [ 3 ] Bug #2185499 - CVE-2023-1801 tcpdump: OOB write in SMB decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2185499 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-33906c7c4a' at the command line. For more information,refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Ubuntu 22.04 unveils enhancements for OpenSSH and SFTP, improving secure file transfer capabilities for optimal security.. Fedora Update, libpcap upgrade, tcpdump enhancements. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 20, 2023 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200