Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
219
security advisorysecurity updatelowUbuntu 22.04 RLSA-2023-5025 GDB Vulnerability Fix with Minimal Impact
Low: libarchive security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:3018", "synopsis": "Low: libarchive security update", "severity": "SEVERITY_LOW", "topic": "An update is available for libarchive.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers.\n\nSecurity Fix(es):\n\n* libarchive: NULL pointer dereference in archive_write.c (CVE-2022-36227)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2144972", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2144972", "description": ""}], "cves": [{"name": "CVE-2022-36227", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2022-36227", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.9", "cwe": "CWE-476"}], "references": [], "publishedAt": "2026-03-20T00:02:50.766829Z", "rpms": {"Rocky Linux 8": {"nvras": ["bsdtar-0:3.3.3-5.el8.aarch64.rpm", "bsdtar-0:3.3.3-5.el8.x86_64.rpm", "bsdtar-debuginfo-0:3.3.3-5.el8.aarch64.rpm", "bsdtar-debuginfo-0:3.3.3-5.el8.x86_64.rpm", "libarchive-0:3.3.3-5.el8.aarch64.rpm", "libarchive-0:3.3.3-5.el8.i686.rpm", "libarchive-0:3.3.3-5.el8.x86_64.rpm","libarchive-debuginfo-0:3.3.3-5.el8.aarch64.rpm", "libarchive-debuginfo-0:3.3.3-5.el8.i686.rpm", "libarchive-debuginfo-0:3.3.3-5.el8.x86_64.rpm", "libarchive-debugsource-0:3.3.3-5.el8.aarch64.rpm", "libarchive-debugsource-0:3.3.3-5.el8.i686.rpm", "libarchive-debugsource-0:3.3.3-5.el8.x86_64.rpm", "libarchive-devel-0:3.3.3-5.el8.aarch64.rpm", "libarchive-devel-0:3.3.3-5.el8.i686.rpm", "libarchive-devel-0:3.3.3-5.el8.x86_64.rpm", "libarchive-0:3.3.3-5.el8.src.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Libarchive on Rocky Linux 8 receives a low severity security update patching CVE-2022-36227 to prevent uninitialized pointer access.. Rocky Linux, libarchive, security patch, CVE-2022. . Severity: Low. LinuxSecurity.com Team
Mar 20, 2026
•Low
Rocky Linux
197
security advisorydebianimportantDebian 11 zvbi Important Integer Overflow Advisory DLA-4449-1 CVE-2025-2173
Several issues have been found in zvbi, a Vertical Blanking Interval decoder. CVE-2025-2173 is related to an uninitialized pointer in src/conv.c:: vbi_strndup_iconv_ucs2() The other issues are related to integer overflows in several functions. Debian LTS Advisory DLA-4449-1
Jan 24, 2026
•Important
Debian LTS
197
security advisoryhigh severitydebianDebian 10 Buster DLA-3626-1 High: krb5 Uninitialized Pointer Threat
Potential freeing of an uninitialized pointer in kadm_rpc_xdr.c was fixed in krb5, the MIT implementation of the Kerberos network authentication protocol. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3626-1
Oct 22, 2023
Debian LTS
99
security advisorycriticalsoftware updateDebian 11.5: 2023-203-02 Urgent: apache2 Memory Corruption Issue
New krb5 packages are available for Slackware 15.0 and -current to fix a security issue. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] krb5 (SSA:2023-193-01) New krb5 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/krb5-1.19.2-i586-4_slack15.0.txz: Rebuilt. Fix potential uninitialized pointer free in kadm5 XDR parsing. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-36054 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/krb5-1.19.2-i586-4_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/krb5-1.19.2-x86_64-4_slack15.0.txz Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 15.0 package: 4465be12bc6e7621c3d3f75b4bb7a5f7 krb5-1.19.2-i586-4_slack15.0.txz Slackware x86_64 15.0 package: 195a6e73d906d75daa19810d9bc9b287 krb5-1.19.2-x86_64-4_slack15.0.txz Slackware -current package: a645dacefa4fd226674e04b02e789680 n/krb5-1.21.1-i586-1.txz Slackware x86_64 -current package: eaedfa23f813969a8f1f39acb78b0e41 n/krb5-1.21.1-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg krb5-1.19.2-i586-4_slack15.0.txz +-----+ . Updated krb5 packages for Slackware address a significant security vulnerability stemming from uninitialized pointer deallocation in kadm5 XDR interpretation.. SlackwareSecurity Update, krb5 Package, Software Patch. . Severity: Critical. LinuxSecurity.com Team
Jul 12, 2023
•Critical
Slackware
203
security advisoryout-of-bounds readuninitialized pointerMageia 7 MGASA-2020-0128 Moderate: Fixes For Pure-FTPd Security Issues
Updated pure-ftpd packages fix security vulnerabilities: An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, . MGASA-2020-0128 - Updated pure-ftpd packages fix security vulnerabilities Publication date: 06 Mar 2020 URL: https://advisories.mageia.org/MGASA-2020-0128.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-9274, CVE-2019-9365, CVE-2019-20176 Updated pure-ftpd packages fix security vulnerabilities: An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c. (CVE-2019-9274). An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c (CVE-2019-9365). In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c (CVE-2019-20176). References: - https://bugs.mageia.org/show_bug.cgi?id=26229 - https://www.cve.org/CVERecord?id=CVE-2019-9274 - https://www.cve.org/CVERecord?id=CVE-2019-9365 - https://www.cve.org/CVERecord?id=CVE-2019-20176 SRPMS: - 7/core/pure-ftpd-1.0.47-7.mga7 . Recent updates to the pure-ftpd packages address several security vulnerabilities identified in Mageia. Key information is provided.. Mageia Security Update, Pure-FTPd Vulnerabilities, Mageia Advisory, Pure-FTPd Update, Security Fixes. . Severity: Important. LinuxSecurity.com Team
Mar 06, 2020
•Important
Mageia
197
security advisorysoftware updateDebianDebian 8 LTS: DLA-2123-1 Moderate: pure-ftpd Out-Of-Bounds Memory Issue
An uninitialized pointer vulnerability was discovered in pure-ftpd, a secure and efficient FTP server, which could result in an out-of-bounds memory read and potential information disclosure. . Package : pure-ftpd Version : 1.0.36-3.2+deb8u1 CVE ID : CVE-2020-9274 Debian Bug : 925666 An uninitialized pointer vulnerability was discovered in pure-ftpd, a secure and efficient FTP server, which could result in an out-of-bounds memory read and potential information disclosure. For Debian 8 "Jessie", this problem has been fixed in version 1.0.36-3.2+deb8u1. We recommend that you upgrade your pure-ftpd packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A dangling pointer in httpd might result in unauthorized memory access. Ensure you update for enhanced security!. pure-ftpd security, Debian LTS update, FTP server vulnerabilities, software update, information disclosure. . Severity: Important. LinuxSecurity.com Team
Feb 27, 2020
•Important
Debian LTS
200
security advisorycode executionsambaScientific Linux: SLSA-2015:0249-1 Critical Samba Security Risk
Critical: samba security update. Date: Mon, 23 Feb 2015 18:37:39 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Critical: samba on SL5.x i386 MIME-Version: 1.0 Synopsis: Critical: samba security update Advisory ID: SLSA-2015:0249-1 Issue Date: 2015-02-23 CVE Numbers: CVE-2015-0240 -- An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user). (CVE-2015-0240) After installing this update, the smb service will be restarted automatically. -- SL5 i386 samba3x-3.6.23-9.el5_11.i386.rpm samba3x-client-3.6.23-9.el5_11.i386.rpm samba3x-common-3.6.23-9.el5_11.i386.rpm samba3x-debuginfo-3.6.23-9.el5_11.i386.rpm samba3x-doc-3.6.23-9.el5_11.i386.rpm samba3x-domainjoin-gui-3.6.23-9.el5_11.i386.rpm samba3x-swat-3.6.23-9.el5_11.i386.rpm samba3x-winbind-3.6.23-9.el5_11.i386.rpm samba3x-winbind-devel-3.6.23-9.el5_11.i386.rpm - Scientific Linux Development Team . Essential Samba patch released to mitigate potential remote execution vulnerabilities in Scientific Linux.. Samba Security Update, Scientific Linux Critical Advisory, Uninitialized Pointer Issue, Code Execution Risk. . Severity: Critical. LinuxSecurity.com Team
Feb 23, 2015
•Critical
Scientific Linux
200
security advisoryupdatecriticalScientific Linux: CVE-2010-1322 Important: Critical Krb5 Remote Attack Risk
Important: krb5 security update. Date: Thu, 3 Mar 2011 15:33:58 -0600 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Important: krb5 on SL6.x i386/x86_64 Comments: To: "
Mar 03, 2011
•Important
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!