Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 24 articles for you...
99
security advisorybuffer overflowremote exploitSlackware 15.0 telnet Important Buffer Overflow Vuln 2026-059-02
New telnet packages are available for Slackware 15.0 and -current to fix a security issue.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] telnet (SSA:2026-059-02) New telnet packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/telnet-0.17-i586-7_slack15.0.txz: Rebuilt. This update fixes a security issue: The nextitem() function in telnetd/utility.c has no bounds checking in the SB (suboption) case. The for(;;) loop scans past nfrontp into uncontrolled memory. This can be exploited by an unauthenticated remote attacker to execute arbitrary code on the server running telnetd. Please note that while telnet itself is a useful utility for network testing, telnetd is a legacy application which should generally not be used. If it is used, it should be used only on isolated networks where there is no expectation of security. Thanks to r1w1s1. For more information, see: https://www.cve.org/CVERecord?id=CVE-2020-10188 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/telnet-0.17-i586-7_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/telnet-0.17-x86_64-7_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/telnet-0.17-i686-8.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/telnet-0.17-x86_64-8.txz MD5signatures: +-------------+ Slackware 15.0 package: 10eb364f2d249ba78d42246d930b3508 telnet-0.17-i586-7_slack15.0.txz Slackware x86_64 15.0 package: ba5efc35508d71ba7b4a6ddddeb6437d telnet-0.17-x86_64-7_slack15.0.txz Slackware -current package: 4ec614b7b2b62d09c7fcd3d06f0534ad n/telnet-0.17-i686-8.txz Slackware x86_64 -current package: 919b8efee781d7ab4b5587d8e0457368 n/telnet-0.17-x86_64-8.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg telnet-0.17-i586-7_slack15.0.txz +-----+ . New telnet packages released for Slackware to address a critical bug allowing remote code execution through telnetd.. Slackware telnet security advisory patch buffer overflow. . Severity: Important. LinuxSecurity.com Team
Feb 28, 2026
•Important
Slackware
172
security advisoryaccess issueUbuntuUbuntu 20.04 LTS Inetutils Important Access Issue CVE-2026-24061
Inetutils could allow unintended access to network services.. ========================================================================== Ubuntu Security Notice USN-7992-2 February 18, 2026 inetutils vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Inetutils could allow unintended access to network services. Software Description: - inetutils: Collection of common network programs Details: USN-7992-1 fixed vulnerabilities in telnetd in Inetutils. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Kyu Neushwaistein discovered that telnetd in Inetutils incorrectly handled certain environment variables. A remote attacker could use this issue to bypass authentication and open a session as an administrator. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS inetutils-telnetd 2:1.9.4-11ubuntu0.2+esm3 Available with Ubuntu Pro Ubuntu 18.04 LTS inetutils-telnetd 2:1.9.4-3ubuntu0.1+esm4 Available with Ubuntu Pro Ubuntu 16.04 LTS inetutils-telnetd 2:1.9.4-1ubuntu0.1~esm5 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7992-2 https://ubuntu.com/security/notices/USN-7992-1 CVE-2026-24061 . Inetutils fixes important access issue in Ubuntu releases, allowing correction of unintended network service access.. Inetutils Ubuntu Telnet Network Services Access Fix. . Severity: Important. LinuxSecurity.com Team
Feb 18, 2026
•Important
Ubuntu
87
security advisorydebianimportantDebian 12: DSA-5945-1 important: konsole telnet code execution
Dennis Dast discovered that the Konsole terminal emulator insecurely handled the telnet URI scheme, which could result in the execution of arbitrary code in some configurations. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5945-1
Jun 20, 2025
•Important
Debian
100
security advisoryremote accessimportantSUSE: 2022:3783-1 Critical: Addressing Telnet NULL Pointer Vulnerability
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for telnet ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3783-1 Rating: important References: #1203759 Cross-References: CVE-2022-39028 CVSS scores: CVE-2022-39028 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-39028 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Module for Legacy Software 15-SP3 SUSE Linux Enterprise Module for Legacy Software 15-SP4 SUSE Linux Enterprise Server SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSELinux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server for SAP 15-SP1 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.1 SUSE Manager Retail Branch Server 4.2 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.1 SUSE Manager Server 4.2 SUSE Manager Server 4.3 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for telnet fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in telnetd (bsc#1203759). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-3783=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3783=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3783=1 - SUSE Manager Retail Branch Server 4.1: zypper in -tpatch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3783=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3783=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3783=1 - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3783=1 - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-3783=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3783=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3783=1 - SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3783=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3783=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2022-3783=1 - SUSE Linux Enterprise Module for Legacy Software 15-SP4: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-3783=1 - SUSE Linux Enterprise Module for Legacy Software 15-SP3: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-3783=1 - SUSE Linux Enterprise Module for Basesystem 15-SP4: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3783=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3783=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3783=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3783=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patchSUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3783=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3783=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3783=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3783=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-3783=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-3783=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Manager Server 4.1 (ppc64le s390x x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Manager Proxy 4.1 (x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64): telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64): telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 - SUSE Linux Enterprise High Performance Computing15-ESPOS (aarch64 x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 - SUSE Enterprise Storage 7 (aarch64 x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 - SUSE CaaS Platform 4.0 (x86_64): telnet-1.2-150000.3.6.1 telnet-debuginfo-1.2-150000.3.6.1 telnet-debugsource-1.2-150000.3.6.1 telnet-server-1.2-150000.3.6.1 telnet-server-debuginfo-1.2-150000.3.6.1 References: https://www.suse.com/security/cve/CVE-2022-39028.html https://bugzilla.suse.com/1203759 . SUSE Security Alert: Resolution for Telnet vulnerability CVE-2022-39029 classified as critical. Ensure your systems are secured!. SUSE Telnet Update, CVE-2022-39028 Fix, Important Security Patch, Software Security Management. . Severity: Important. LinuxSecurity.com Team
Oct 26, 2022
•Important
SuSE
100
security advisorypatchimportantSUSE: 2022:3735-1 Critical: Telnet NULL Pointer Security Advisory
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for telnet ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3735-1 Rating: important References: #1203759 Cross-References: CVE-2022-39028 CVSS scores: CVE-2022-39028 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-39028 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for telnet fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in telnetd (bsc#1203759). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-3735=1 - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2022-3735=1 - SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-3735=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-3735=1 - SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-3735=1 - SUSE Linux Enterprise Server 12-SP3-BCL: zypperin -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-3735=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-3735=1 Package List: - SUSE OpenStack Cloud Crowbar 9 (x86_64): telnet-1.2-167.10.1 telnet-debuginfo-1.2-167.10.1 telnet-debugsource-1.2-167.10.1 telnet-server-1.2-167.10.1 telnet-server-debuginfo-1.2-167.10.1 - SUSE OpenStack Cloud 9 (x86_64): telnet-1.2-167.10.1 telnet-debuginfo-1.2-167.10.1 telnet-debugsource-1.2-167.10.1 telnet-server-1.2-167.10.1 telnet-server-debuginfo-1.2-167.10.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64): telnet-1.2-167.10.1 telnet-debuginfo-1.2-167.10.1 telnet-debugsource-1.2-167.10.1 telnet-server-1.2-167.10.1 telnet-server-debuginfo-1.2-167.10.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): telnet-1.2-167.10.1 telnet-debuginfo-1.2-167.10.1 telnet-debugsource-1.2-167.10.1 telnet-server-1.2-167.10.1 telnet-server-debuginfo-1.2-167.10.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64): telnet-1.2-167.10.1 telnet-debuginfo-1.2-167.10.1 telnet-debugsource-1.2-167.10.1 telnet-server-1.2-167.10.1 telnet-server-debuginfo-1.2-167.10.1 - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): telnet-1.2-167.10.1 telnet-debuginfo-1.2-167.10.1 telnet-debugsource-1.2-167.10.1 telnet-server-1.2-167.10.1 telnet-server-debuginfo-1.2-167.10.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): telnet-1.2-167.10.1 telnet-debuginfo-1.2-167.10.1 telnet-debugsource-1.2-167.10.1 telnet-server-1.2-167.10.1 telnet-server-debuginfo-1.2-167.10.1 References: https://www.suse.com/security/cve/CVE-2022-39028.html https://bugzilla.suse.com/1203759 . SUSE Security Patch tackles a critical FTP vulnerability involving a NULL reference error,significantly bolstering overall system security.. SUSE Security Update, Telnet Security, Patch Management, Linux Administration. . Severity: Important. LinuxSecurity.com Team
Oct 26, 2022
•Important
SuSE
98
security advisorysoftware updateremote code executionRed Hat: RHSA-2022-0158-02 Important: Telnet Remote Code Execution
An update for telnet is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: telnet security update Advisory ID: RHSA-2022:0158-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0158 Issue date: 2022-01-18 CVE Names: CVE-2020-10188 ==================================================================== 1. Summary: An update for telnet is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.7) - ppc64le, x86_64 Red Hat Enterprise Linux Server TUS (v. 7.7) - x86_64 3. Description: Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. Security Fix(es): * telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code (CVE-2020-10188) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on howto apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1811673 - CVE-2020-10188 telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.7): Source: telnet-0.17-65.el7_7.src.rpm x86_64: telnet-0.17-65.el7_7.x86_64.rpm telnet-debuginfo-0.17-65.el7_7.x86_64.rpm telnet-server-0.17-65.el7_7.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.7): Source: telnet-0.17-65.el7_7.src.rpm ppc64le: telnet-0.17-65.el7_7.ppc64le.rpm telnet-debuginfo-0.17-65.el7_7.ppc64le.rpm telnet-server-0.17-65.el7_7.ppc64le.rpm x86_64: telnet-0.17-65.el7_7.x86_64.rpm telnet-debuginfo-0.17-65.el7_7.x86_64.rpm telnet-server-0.17-65.el7_7.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.7): Source: telnet-0.17-65.el7_7.src.rpm x86_64: telnet-0.17-65.el7_7.x86_64.rpm telnet-debuginfo-0.17-65.el7_7.x86_64.rpm telnet-server-0.17-65.el7_7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10188 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYeaujdzjgjWX9erEAQh0OQ//QWcGBoyd/LZDkQDsecBycQdfleB7T1k6 WFr0s9+FmswY3ktsVqdsAjAccOx1jgpoxljybLrf3Ocr6bZuZyfM3S2AooTrx/hc Gvd3wAo+Ivb3CuDzsBb6w7jW2GdF2m8HyDcSDYgnAIgMyc8c4kFRRBcexkj9Wr/q sF5orQHJ1vhDLk2Ie5/iSyNmqmbxtvQKPFNwmRQKnfTVB8vKPYxZQgEqSwTWxIQs WkJo09ixkWmp0SQWMETqCcayj7tlelZUn8TV5rd0RjDQ0JbBsPnUf9ngEo7RB77I paX4NrPehHkDZ9bEfkGswek+p+0nahfNIDGImYkjIlE5XyxBJQ2wohYioRqD9+2S z/NLnHkdbNQjeqgfsQvPfJ7QZwDUIAAA7BwTJUXK03viyLcDcFStCV+vP+nCdBVj 0a5V5YiGDIv3o1j8PN7ezytNw0//i7tei78jYOe6DFJms6USKjyS23mmKkF7Xbtx mxuMLXRQgfRrQYZQ+ayD00VwKYN3eQqWKWwF8/Nt1njTF2Sy1JLRLklMQW6DPD6T pR8gQL6D9UeilTu+brOvdH8o4f0F4HBJPleNnPn+mKsE2EA/tflGdJFA2nHt/NOi C3HXGBmw8xpoBrAUxV9aovfKRLO71bgnQMH54RIFf9y4yMJC/nj4euapBajH0twi RjdtVdCFVjs=FWn0 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jan 18, 2022
•Important
Red Hat
98
security advisorysecurity updateRed HatRed Hat Enterprise Linux 7.6 RHSA-2022:0011-01 Important Telnet Update
An update for telnet is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: telnet security update Advisory ID: RHSA-2022:0011-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0011 Issue date: 2022-01-04 CVE Names: CVE-2020-10188 ==================================================================== 1. Summary: An update for telnet is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.6) - ppc64le, x86_64 Red Hat Enterprise Linux Server TUS (v. 7.6) - x86_64 3. Description: Telnet is a popular protocol for logging in to remote systems over the Internet. The telnet-server packages include a telnet service that supports remote logins into the host machine. The telnet service is disabled by default. Security Fix(es): * telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code (CVE-2020-10188) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on howto apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1811673 - CVE-2020-10188 telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.6): Source: telnet-0.17-65.el7_6.src.rpm x86_64: telnet-0.17-65.el7_6.x86_64.rpm telnet-debuginfo-0.17-65.el7_6.x86_64.rpm telnet-server-0.17-65.el7_6.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.6): Source: telnet-0.17-65.el7_6.src.rpm ppc64le: telnet-0.17-65.el7_6.ppc64le.rpm telnet-debuginfo-0.17-65.el7_6.ppc64le.rpm telnet-server-0.17-65.el7_6.ppc64le.rpm x86_64: telnet-0.17-65.el7_6.x86_64.rpm telnet-debuginfo-0.17-65.el7_6.x86_64.rpm telnet-server-0.17-65.el7_6.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.6): Source: telnet-0.17-65.el7_6.src.rpm x86_64: telnet-0.17-65.el7_6.x86_64.rpm telnet-debuginfo-0.17-65.el7_6.x86_64.rpm telnet-server-0.17-65.el7_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-10188 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYdRdxNzjgjWX9erEAQjgZA//S9MzSEuQ9IsqUC3qYDEHHWOwXao+/TXz 7+UAzPXG5hPYYYx8ZHG1RYyAFFKwiE3+J9cYkxg29xrJFrSAh1eNFXSz3WPtbpQs ECVcMA8ibmWzlzwy2YbCNcfA+ljpLPmGwXB75TRoJWh9VM7lsP3T/pslsM3qreWt hnub7cYCFUmwim5bAvbedEYUdsApSk7AOC2pZG/BMZfb63l6Ki4w/pnH3l3yIffi JdTBrzQ6LjNnG3k9glswi00wnZlRAFL7lEb3LXiMkyRuF90ORvbBytZxyFnUyQTo jhi6xAbZSfh6dnd7CX29mJMCguoWmOsxQt42K4xXdM+aZr09OZsw51iJ7p7ATOJ0 +bYXGV0YpNVytGT/yZoh1DaMTXo22KOfZ31pO170jbwMnZMJAzZ+5aYu9jTN7EzM pggVVnwbYgVhILJAgA+6SuBCQffgaLUWHE5KBCcwY1JDsvmmYkJrg9S6iSBE7Ryr cIc9IfOUlSdkQZ7EkLNHIYG55n0NRs4FpIXKO6jTR++HA5fntP78udFJVWV6Aun3 BVFAArCHgEhJ9/qqFkoScscOFztVhmdRokrA5zKQH9Ahs1gfmmSRGIAmOlsmtazx nCgOeduqyc0noMkP7HK2PGaDUnK4HwyroLNOEjhAiz7+rPC9L5pAR6JXLgA4O5ne MwBnMPT8Rj8=OwWa -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jan 04, 2022
•Important
Red Hat
203
security advisorycriticalsoftware updateMageia: 2021-0243 Critical: Curl Telnet Data Disclosure
TELNET stack contents disclosure (CVE-2021-22898). References: - https://bugs.mageia.org/show_bug.cgi?id=28971 - https://curl.se/docs/CVE-2021-22898.html . MGASA-2021-0243 - Updated curl packages fix a security vulnerability Publication date: 08 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0243.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-22898 TELNET stack contents disclosure (CVE-2021-22898). References: - https://bugs.mageia.org/show_bug.cgi?id=28971 - https://curl.se/docs/CVE-2021-22898.html - https://lists.fedoraproject.org/archives/list/
Jun 08, 2021
•Critical
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!