Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantSUSE

SUSE: 2025:02035-1 important: ignition memory consumption fix

* bsc#1239192 Cross-References: * CVE-2025-22868 . # Security update for ignition Announcement ID: SUSE-SU-2025:02035-1 Release Date: 2025-06-20T09:03:57Z Rating: important References: * bsc#1239192 Cross-References: * CVE-2025-22868 CVSS scores: * CVE-2025-22868 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22868 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issues: * CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (bsc#1239192). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-2035=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * ignition-2.14.0-150300.4.13.1 * ignition-dracut-grub2-2.14.0-150300.4.13.1 * ignition-debuginfo-2.14.0-150300.4.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22868.html * https://bugzilla.suse.com/show_bug.cgi?id=1239192 . This essential improvement resolves a resource consumption issue within the Ignition application for SUSE Linux, leading to greater reliability.. important update, SUSE Linux security, ignition application fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 20, 2025 Important SuSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderatememory consumption

openSUSE: 2025:0103-1 moderate: cadvisor Advisory Security Update

An update that fixes two vulnerabilities is now available. . openSUSE Security Update: Security update for cadvisor ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0103-1 Rating: moderate References: #1222192 #1239291 Cross-References: CVE-2022-27664 CVE-2025-22868 CVSS scores: CVE-2022-27664 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-22868 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for cadvisor fixes the following issues: - update to 0.52.1: * Make resctrl optional/pluggable - update to 0.52.0: * bump containerd related deps: api v1.8.0; errdefs v1.0.0; ttrpc v1.2.6 * chore: Update Prometheus libraries * bump runc to v1.2.4 * Add Pressure Stall Information Metrics * Switch to opencontainers/cgroups repository (includes update from golang 1.22 to 1.24) * Bump to newer opencontainers/image-spec @ v1.1.1 - update to 0.49.2: * Cp fix test * Revert "reduce_logs_for_kubelet_use_crio" - CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (boo#1239291) - Update to version 0.49.1: * build docker - add --provenance=false flag * Remove s390x support * Disable libipmctl in build * Ugrade base image to 1.22 and alpine 3.18 * fix type of C.malloc in cgo * Bump runc to v1.1.12 * Bump to bullseye * Remove section about canary image * Add note about WebUI auth * Remove mentions of accelerator from the docs * reduce_logs_for_kubelet_use_crio * upgrade actions/checkout and actions/setup-go and actions/upload-artifact * build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /cmd * add cadvisor and crio upstream changes * Avoid using container/podman in manager.go * container: skip checking for files in non-existent directories. * Adjust the log level of Initialize Plugins * add ignored device * fix: variable naming * build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 in /cmd * manager: require higher verbosity level for container info misses * Information should be logged on increased verbosity only * Running do mod tidy * Running go mod tidy * Running go mod tidy * container/libcontainer: Improve limits file parsing perf * container/libcontainer: Add limit parsing benchmark * build(deps): bump github.com/cyphar/filepath-securejoin in /cmd * build(deps): bump github.com/cyphar/filepath-securejoin * Set verbosity after flag definition * fix: error message typo * vendor: bump runc to 1.1.9 * Switch to use busybox from registry.k8s.io * Bump golang ci lint to v1.54.1 * Bump github.com/docker/docker in /cmd * Bump github.com/docker/docker * Bump github.com/docker/distribution in /cmd * Bump github.com/docker/distribution * Update genproto dependency to isolated submodule * remove the check for the existence of NFS files, which will cause unnecessary requests. * reduce inotify watch * fix performance degradation of NFS * fix: fix type issue * fix: fix cgo memory leak * ft: export memory kernel usage * sysinfo: Ignore "hidden" sysfs device entries * Increasing required verbosity level * Patch to fix issue 2341 * podman support: Enable Podman support. * podman support: Create Podman handler. * podman support: Changes in Docker handler. * unit test: machine_swap_bytes * Add documentation for machine_swap_bytes metric * Add a machine_swap_bytes metric * fix: add space trimmingfor label allowlist * Upgrade to blang/semver/v4 v4.0.0 * docs(deploy/k8s): remote build for kustomize * Update dependencies * Change filepaths to detect online CPUs * Update actions/checkout to v3 * Fix flags typo * Updating location of kubernetes/pause image * Using t.TempDir() in tests * Unit test: MachineInfo Clone() method * Bugfix: MachineInfo Clone() - clone SwapCapacity * Optimize network metrics collection * Removing calls to deprecates io/ioutil package * Updating minimum Go version to 1.19 * Request the pid of another container if current pid is not longer valid * Restructure * Add CRI-O client timeout setting * Set containerd grpc.MaxCallRecvMsgSize to 16MB * Fix asset build * feat(logging): add verbosity to non-NUMA node warning * add nerdctl to ignoredDevices * nvm: Change the "no NVM devices" log. * nvm: Fix typo. * Fix CVE-2022-27664 (#3248) * resctrl: Reduce size and mode files check (#3264) * readme: Update Creatone contributor info. (#3265) * Fix comment to refer to correct client * build: bump golang to 1.20 * ci: Update golang ci-lint to v1.51.2 * build: Update shebang to python3 * Revert "dockerfile: Fix typo in go build tags." * Decreasing verbosity level for "Cannot read vendor id correctly, set empty" * dockerfile: Fix typo in go build tags. * deps: Move from cloud.google.com/go/compute -> cloud.google.com/go * use memory.min for reservation memory instead of high * Mark GOPATH as git safe.directory to fix CI build * switch to gomodule/redigo from garyburd/redigo * update go.mod/sum both in root and cmd/ * Drop accelerator metrics and nvidia integration * Add s390x support for docker image * typo in MachineInfo spec for SwapCapacity * add support for swap in machine/info Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installationmethods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2025-103=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): cadvisor-0.52.1-bp156.3.3.1 References: https://www.suse.com/security/cve/CVE-2022-27664.html https://www.suse.com/security/cve/CVE-2025-22868.html https://bugzilla.suse.com/1222192 https://bugzilla.suse.com/1239291 . An openSUSE update for cadvisor addresses two moderate issues with memory consumption and token parsing vulnerabilities.. update, security, fixes, vulnerabilities, opensuse. . LinuxSecurity.com Team

Calendar 2 Mar 24, 2025 OpenSUSE
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here