Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
203
security advisorysecurity updateMageiaMageia 9 Erlang-Hex Core Critical Object Injection Flaw CVE-2026-0196
Security update. Publication date: 11 Jun 2026 URL: https://advisories.mageia.org/MGASA-2026-0196.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-21619 Description: Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm hex (mix_hex_api modules), erlang rebar3 (r3_hex_api modules) allows Object Injection, Excessive Allocation. This vulnerability is associated with program files src/hex_api.erl, src/mix_hex_api.erl, apps/rebar/src/vendored/r3_hex_api.erl and program routines hex_core:request/4, mix_hex_api:request/4, r3_hex_api:request/4. This issue affects hex_core: from 0.1.0 before 0.12.1; hex: from 2.3.0 before 2.3.2; rebar3: from 3.9.1 before 3.27.0. References: - https://bugs.mageia.org/show_bug.cgi?id=35187 - https://lists.fedoraproject.org/archives/list/
Jun 11, 2026
•Important
Mageia
89
security advisoryfedorabuffer overflowFedora 40: FEDORA-2025-6f77f6c77a critical: Rizin buffer overflow
CVE-2023-40022 rizin: Integer Overflow in C++ demangler logic CVE-2024-31669 rizin: Uncontrolled Resource Consumption via bin_pe_parse_imports CVE-2024-31670 rizin: buffer overflow via create_cache_bins CVE-2024-31668 rizin: improper neutralization of special elements via meta_set function. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-6f77f6c77a 2025-03-01 01:38:57.010399+00:00 -------------------------------------------------------------------------------- Name : rizin Product : Fedora 40 Version : 0.7.4 Release : 5.fc40 URL : https://rizin.re/ Summary : UNIX-like reverse engineering framework and command-line tool-set Description : Rizin is a free and open-source Reverse Engineering framework, providing a complete binary analysis experience with features like Disassembler, Hexadecimal editor, Emulation, Binary inspection, Debugger, and more. Rizin is a fork of radare2 with a focus on usability, working features and code cleanliness. -------------------------------------------------------------------------------- Update Information: CVE-2023-40022 rizin: Integer Overflow in C++ demangler logic CVE-2024-31669 rizin: Uncontrolled Resource Consumption via bin_pe_parse_imports CVE-2024-31670 rizin: buffer overflow via create_cache_bins CVE-2024-31668 rizin: improper neutralization of special elements via meta_set function CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code rizin 0.7.2 / cutter-re 2.3.4 (fix changelog) rizin 0.7.2 / cutter-re 2.3.4 -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 19 2025 Peter Oliver - 0.7.4-5 - Rebuild against tree-sitter-0.25.2-3.fc43 * Mon Feb 3 2025 Peter Oliver - 0.7.4-4 - Rebuild against tree-sitter-0.25.1-6.fc42 * Sat Jan 18 2025 Fedora Release Engineering - 0.7.4-3 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Tue Dec 31 2024 Michal Ambroz - 0.7.4-2 - bump to version 0.7.4 * Sun Sep 1 2024 Yaakov Selkowitz - 0.7.3-3 - Rebuilt for tree-sitter 0.23.0 * Fri Jul 19 2024 Fedora Release Engineering - 0.7.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2333933 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2333933 [ 2 ] Bug #2333934 - CVE-2024-53256 rizin: Rizin has a command injection via RzBinInfo bclass due legacy code [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2333934 [ 3 ] Bug #2340020 - cutter-re: FTBFS in Fedora rawhide/f42 https://bugzilla.redhat.com/show_bug.cgi?id=2340020 [ 4 ] Bug #2346253 - Non-responsive maintainer check for ret2libc https://bugzilla.redhat.com/show_bug.cgi?id=2346253 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6f77f6c77a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Mar 01, 2025
•Critical
Fedora
100
security advisoryremote exploitsecurity fixSUSE: 2022-2026-1 Important Advisory: Libtirpc Security Update
The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:2026-1 Container Tags : suse/sle15:15.1 , suse/sle15:15.1.6.2.668 Container Release : 6.2.668 Severity : important Type : security References : 1198752 1198925 1200800 1201680 CVE-2021-46828 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:2991-1 Released: Thu Sep 1 16:04:30 2022 Summary: Security update for libtirpc Type: security Severity: important References: 1198752,1200800,1201680,CVE-2021-46828 This update for libtirpc fixes the following issues: - CVE-2021-46828: Fixed an uncontrolled file descriptor consumption, which could be exploited by remote attackers to prevent applications using the library from accepting new connections (bsc#1201680). Non-security fixes: - Exclude ipv6 addresses in client protocol version 2 code (bsc#1200800) - Fix memory leak in params.r_addr assignement (bsc#1198752) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:2994-1 Released: Fri Sep 2 10:44:54 2022 Summary: Recommended update for lame, libass, libcdio-paranoia, libdc1394, libgsm, libva, libvdpau, libvorbis, libvpx, libwebp, openjpeg, opus, speex, twolame Type: recommended Severity: moderate References: 1198925 This update for lame, libass, libcdio-paranoia, libdc1394, libgsm, libva, libvdpau, libvorbis, libvpx, libwebp, openjpeg, opus, speex, twolame adds some missing 32bit libraries to some products. (bsc#1198925) No codechanges were done in this update. The following package changes have been done: -libtirpc-netconfig-1.0.2-150000.3.18.1 updated - libtirpc3-1.0.2-150000.3.18.1 updated - libusb-1_0-0-1.0.21-150000.3.5.1 updated . Crucial security patch released for suse/sle15 container, featuring essential updates like libtirpc to address significant vulnerabilities.. SUSE Container Update, libtirpc Security Fix, Remote Exploit Risks. . Severity: Important. LinuxSecurity.com Team
Sep 06, 2022
•Important
SuSE
197
security advisorydenial of servicedebianDebian: DLA-1968-1 Critical: Imagemagick Denial of Service Issues
Multiple vulnerabilities have been found in imagemagick, an image processing toolkit. CVE-2019-11470 . Package : imagemagick Version : 8:6.8.9.9-5+deb8u18 CVE ID : CVE-2019-11470 CVE-2019-14981 CVE-2019-15139 CVE-2019-15140 Multiple vulnerabilities have been found in imagemagick, an image processing toolkit. CVE-2019-11470 Uncontrolled resource consumption caused by insufficiently sanitized image size in ReadCINImage (coders/cin.c). This vulnerability might be leveraged by remote attackers to cause denial of service via a crafted Cineon image. CVE-2019-14981 Divide-by-zero vulnerability in MeanShiftImage (magick/feature.c). This vulnerability might be leveraged by remote attackers to cause denial of service via crafted image data. CVE-2019-15139 Out-of-bounds read in ReadXWDImage (coders/xwd.c). This vulnerability might be leveraged by remote attackers to cause denial of service via a crafted XWD (X Window System window dumping file) image file. CVE-2019-15140 Bound checking issue in ReadMATImage (coders/mat.c), potentially leading to use-after-free. This vulnerability might be leveraged by remote attackers to cause denial of service or any other unspecified impact via a crafted MAT image file. For Debian 8 "Jessie", these problems have been fixed in version 8:6.8.9.9-5+deb8u18. We recommend that you upgrade your imagemagick packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The newest ImageMagick patch for Debian addresses multiple vulnerabilities that might lead to remote denial of service issues. Users should upgrade soon to maintain security. imagemagick security, debian update, remote attack prevention, denial of service fix. . Severity: Critical. LinuxSecurity.com Team
Oct 21, 2019
•Critical
Debian LTS
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!