Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatethreat

openSUSE 2026-2116-1 Moderate CSYNC2 Temp Directory Issue

An update that solves one vulnerability can now be installed.. # Security update for csync2 Announcement ID: SUSE-SU-2026:2116-1 Release Date: 2026-05-29T15:29:09Z Rating: moderate References: * bsc#1262472 Cross-References: * CVE-2026-41051 CVSS scores: * CVE-2026-41051 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-41051 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2026-41051 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41051 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for csync2 fixes the following issue * CVE-2026-41051: uses insecure temporary directories when compiled with C99 or later (bsc#1262472). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2026-2116=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2026-2116=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2026-2116=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-2116=1 * SUSE Linux Enterprise High Availability Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-HA-15-SP7-2026-2116=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * csync2-debuginfo-2.0+git.1600444747.83b3644-150300.3.6.1 * csync2-2.0+git.1600444747.83b3644-150300.3.6.1 * csync2-debugsource-2.0+git.1600444747.83b3644-150300.3.6.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * csync2-debuginfo-2.0+git.1600444747.83b3644-150300.3.6.1 * csync2-2.0+git.1600444747.83b3644-150300.3.6.1 * csync2-debugsource-2.0+git.1600444747.83b3644-150300.3.6.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * csync2-debuginfo-2.0+git.1600444747.83b3644-150300.3.6.1 * csync2-2.0+git.1600444747.83b3644-150300.3.6.1 * csync2-debugsource-2.0+git.1600444747.83b3644-150300.3.6.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * csync2-debuginfo-2.0+git.1600444747.83b3644-150300.3.6.1 * csync2-2.0+git.1600444747.83b3644-150300.3.6.1 * csync2-debugsource-2.0+git.1600444747.83b3644-150300.3.6.1 * SUSE Linux Enterprise High Availability Extension 15 SP7 (aarch64 ppc64le s390x x86_64) * csync2-debuginfo-2.0+git.1600444747.83b3644-150300.3.6.1 * csync2-2.0+git.1600444747.83b3644-150300.3.6.1 * csync2-debugsource-2.0+git.1600444747.83b3644-150300.3.6.1 ## References: *https://www.suse.com/security/cve/CVE-2026-41051.html * https://bugzilla.suse.com/show_bug.cgi?id=1262472 . Update for csync2 addresses a temporary directory security issue, improving protection against potential exploits.. csync2 update, SUSE security advisory, temporary directory risk. . Severity: moderate. LinuxSecurity.com Team

Calendar 2 May 29, 2026 moderate SuSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderatetemporary directory

openSUSE Leap 15.2: 2020:1209-1 Moderate: Hylafax+ Security Update

An update that fixes two vulnerabilities is now available.. openSUSE Security Update: Security update for hylafax+ ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1209-1 Rating: moderate References: #1173519 #1173521 Cross-References: CVE-2020-15396 CVE-2020-15397 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for hylafax+ fixes the following issues: Hylafax was updated to upstream version 7.0.3. Security issues fixed: - CVE-2020-15396: Secure temporary directory creation for faxsetup, faxaddmodem, and probemodem (boo#1173521). - CVE-2020-15397: Sourcing of files into binaries from user writeable directories (boo#1173519). Non-security issues fixed: * add UseSSLFax feature in sendfax, sendfax.conf, hyla.conf, and JobControl (31 Jul 2020) * be more resilient in listening for the Phase C carrier (30 Jul 2020) * make sure to return to command mode if HDLC receive times out (29 Jul 2020) * make faxmail ignore boundaries on parts other than multiparts (29 Jul 2020) * don't attempt to write zero bytes of data to a TIFF (29 Jul 2020) * don't ever respond to CRP with CRP (28 Jul 2020) * reset frame counter when a sender retransmits PPS for a previously confirmed ECM block (26 Jul 2020) * scrutinize PPM before concluding that the sender missed our MCF (23 Jul 2020) * fix modem recovery after SSL Fax failure (22, 26 Jul 2020) * ignore echo of PPR, RTN, CRP (10, 13, 21 Jul 2020) * attempt to handle NSF/CSI/DIS in Class 1 sending Phase D (6 Jul 2020) * run scripts directly rather than invoking them via a shell for security hardening (3-5 Jul 2020) * add senderFumblesECM feature (3 Jul 2020) * add support for PIN/PIP/PRI-Q/PPS-PRI-Q signals, addsenderConfusesPIN feature, and utilize PIN for rare conditions where it may be helpful (2, 6, 13-14 Jul 2020) * add senderConfusesRTN feature (25-26 Jun 2020) * add MissedPageHandling feature (24 Jun 2020) * use and handle CFR in Phase D to retransmit Phase C (16, 23 Jun 2020) * cope with hearing echo of RR, CTC during Class 1 sending (15-17 Jun 2020) * fix listening for retransmission of MPS/EOP/EOM if it was received corrupt on the first attempt (15 Jun 2020) * don't use CRP when receiving PPS/PPM as some senders think we are sending MCF (12 Jun 2020) * add BR_SSLFAX to show SSL Fax in notify and faxinfo output (1 Jun 2020) * have faxinfo put units on non-standard page dimensions (28 May 2020) * improve error messages for JobHost connection errors (22 May 2020) * fix perpetual blocking of jobs when a job preparation fails, attempt to fix similar blocking problems for bad jobs in batches, and add "unblock" faxconfig feature (21 May 2020) * ignore TCF if we're receiving an SSL Fax (31 Jan 2020) * fixes for build on FreeBSD 12.1 (31 Jan - 3 Feb 2020) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-1209=1 Package List: - openSUSE Leap 15.2 (x86_64): hylafax+-7.0.3-lp152.3.6.1 hylafax+-client-7.0.3-lp152.3.6.1 hylafax+-client-debuginfo-7.0.3-lp152.3.6.1 hylafax+-debuginfo-7.0.3-lp152.3.6.1 hylafax+-debugsource-7.0.3-lp152.3.6.1 libfaxutil7_0_3-7.0.3-lp152.3.6.1 libfaxutil7_0_3-debuginfo-7.0.3-lp152.3.6.1 References: https://www.suse.com/security/cve/CVE-2020-15396.html https://www.suse.com/security/cve/CVE-2020-15397.html https://bugzilla.suse.com/1173519 https://bugzilla.suse.com/1173521 -- . Crucial openSUSE patch addresses severalvulnerabilities within hylafax+, improving file handling protocols and directory organization methods.. openSUSE Security Update,hylafax+,moderate security issues,temporary directory security,file sourcing fixes. . LinuxSecurity.com Team

Calendar 2 Aug 14, 2020 OpenSUSE
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity fixtemporary directory

Fedora 22: 2015-8dd01b09a9 Moderate: Arts IPC Hijacking Issue

Security fix for CVE-2015-7543 in arts (the legacy aRts sound server): A temporary directory was being created insecurely using mktemp and mkdir, allowing an attacker to hijack the temporary directory and thus the inter- process communication (IPC). This update fixes the temporary directory creation to use the safe mkdtemp function instead.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-8dd01b09a9 2015-12-30 17:33:17.150916 -------------------------------------------------------------------------------- Name : arts Product : Fedora 22 Version : 1.5.10 Release : 30.fc22 URL : https://kde.org/ Summary : aRts (analog realtime synthesizer) - the KDE sound system Description : arts (analog real-time synthesizer) is the sound system of KDE 3. The principle of arts is to create/process sound using small modules which do certain tasks. These may be create a waveform (oscillators), play samples, filter data, add signals, perform effects like delay/flanger/chorus, or output the data to the soundcard. By connecting all those small modules together, you can perform complex tasks like simulating a mixer, generating an instrument or things like playing a wave file with some effects. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2015-7543 in arts (the legacy aRts sound server): A temporary directory was being created insecurely using mktemp and mkdir, allowing an attacker to hijack the temporary directory and thus the inter- process communication (IPC). This update fixes the temporary directory creation to use the safe mkdtemp function instead. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1280543 - CVE-2015-7543 arts,kdelibs3: Use of mktemp(3) allows attacker to hijack the IPC https://bugzilla.redhat.com/show_bug.cgi?id=1280543 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update arts' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Patch addresses vulnerable temp directory configurations in the audio service, preventing IPC exploitation. Critical security notification!. Fedora Update, Arts Security, IPC Hijacking Fix, Temporary Directory Issues. . LinuxSecurity.com Team

Calendar 2 Dec 30, 2015 Fedora
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryDebianmoderate severity

Debian: DSA 544-1 Moderate: Webmin Symbolic Link Access Issue

Ludwig Nussel discovered a problem in webmin, a web-basedadministration toolkit. A temporary directory was used but withoutchecking for the previous owner. This could allow an attacker tocreate the directory and place dangerous symbolic links inside.. -------------------------------------------------------------------------- Debian Security Advisory DSA 544-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze September 14th, 2004 Debian -- Debian security FAQ -------------------------------------------------------------------------- Package : webmin Vulnerability : insecure temporary directory Problem-Type : root Debian-specific: no CVE ID : CAN-2004-0559 Ludwig Nussel discovered a problem in webmin, a web-based administration toolkit. A temporary directory was used but without checking for the previous owner. This could allow an attacker to create the directory and place dangerous symbolic links inside. For the stable distribution (woody) this problem has been fixed in version 0.94-7woody3. For the unstable distribution (sid) this problem has been fixed in version 1.160-1 of webmin and 1.090-1 of usermin. We recommend that you upgrade your webmin packages. Upgrade Instructions -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody -------------------------------- Source archives: Size/MD5 checksum: 1126 fc3cda806f5d94666cdc2cdac03e2c75 Size/MD5 checksum: 63028 64e3c4f454a1d576a4c52df29554309b Size/MD5 checksum: 4831737114c7ca2557c17faebb627a3de7acb97 Architecture independent components: Size/MD5 checksum: 223812 12f056498c3ace868c1964ef2d9594b1 Size/MD5 checksum: 182144 29ff6c45d83b13a482ef93d2ae8c7e3f Size/MD5 checksum: 32688 4482f474e97ca209348a86e51c02a92b Size/MD5 checksum: 27688 6375d52cdd6f79d7f2e1b2e2d5d9bd6c Size/MD5 checksum: 30790 157df9a37fa88cb7f4de6421c43d1f16 Size/MD5 checksum: 1250120 f5fd9854a550095c27ab1c88254804e4 Size/MD5 checksum: 26596 a4bc52ed84091eb648c399547b181ad3 Size/MD5 checksum: 96632 36f8e9ed58c3f3f67146c0f3e5074d29 Size/MD5 checksum: 54808 9e9119bc090c28d5119daec9bf654f62 Size/MD5 checksum: 27354 294e18b992f187865f85b2fc0d0abf80 Size/MD5 checksum: 21776 f58063b055e6e0b429f15f1c9c578d2f Size/MD5 checksum: 48056 1db1b493a9088de2134891d5f0a9d23c Size/MD5 checksum: 31468 65d7199bd25d1f62ff376c0ad7e78a97 Size/MD5 checksum: 103788 1920d9302034a175a6d3b00ca6f5dcf6 Size/MD5 checksum: 62498 ee4befa8d564ddb45b38643a62c61cfb Size/MD5 checksum: 119200 60eefbffc7c1a8a30807623b2fb078e4 Size/MD5 checksum: 62634 16ebd24ca1d45a7f3e76361fa5bda345 Size/MD5 checksum: 196726 4d671bfbd3e1e2c8d6b3f9c8ecf93e3a Size/MD5 checksum: 77564 f0b30ff5b2e01e9aa1e358f2a517e92a Size/MD5 checksum: 20840 8a7057272358f236075ae24aae4dfd9c Size/MD5 checksum: 38028 4a8ef1a18d7d526f061e2924b83e238d Size/MD5 checksum: 87994 bc7ec88cc7cf4556f8554d26b44063d3 Size/MD5 checksum: 35802 ec1761610e6a141705505abc407b5690 Size/MD5 checksum: 134254 bc70638898d2201d974cbeede4488a02 Size/MD5 checksum: 235266 362bdada21f7c9d6868b4b103593cb86 Size/MD5 checksum: 89332 500a31253b2c7aa207dda9a301b8c325 Size/MD5 checksum: 222044e6a595f8db937ded962582354a6a19f2 Size/MD5 checksum: 44286 2b20ed27175c52318c937c3e14b7b0e0 Size/MD5 checksum: 8524 3c50958c006ef46ccd1d6791dd6907d6 Size/MD5 checksum: 42984 cc008a5c0670c1e2ccb3b63f841ebef6 Size/MD5 checksum: 26804 746be5ce521801c283f2e926621942aa Size/MD5 checksum: 111026 7e02060c23b92d5edc175b6cfa7b2f1b Size/MD5 checksum: 31964 1e35a18332a9f6e753daee5e0157e362 Size/MD5 checksum: 509128 c24ae0eb379dcdfecb2b4ac2de7351fa Intel IA-32 architecture: Size/MD5 checksum: 29546 8fb9582004e9cdaa63fc97f0325ef2a8 These files will probably be moved into the stable distribution on its next update. --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Debian's advisory on Webmin reveals a security flaw in temporary directory usage allowing symbol link exploits.. Webmin Security, Debian Security Advisory, Temporary Directory Issue. . LinuxSecurity.com Team

Calendar 2 Sep 14, 2004 Debian
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here