Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
172
security advisoryUbuntuimportantUbuntu 25.10: OpenVPN Important Access Risk USN-7898-1 CVE-2025-13086
OpenVPN could allow unintended access to network services.. ========================================================================== Ubuntu Security Notice USN-7898-1 November 27, 2025 openvpn vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS Summary: OpenVPN could allow unintended access to network services. Software Description: - openvpn: virtual private network software Details: Joshua Rogers discovered that OpenVPN incorrectly handled HMAC verification checks. A remote attacker could possibly use this issue to bypass source IP address validation. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 openvpn 2.6.14-2ubuntu1.1 Ubuntu 25.04 openvpn 2.6.14-0ubuntu0.25.04.3 Ubuntu 24.04 LTS openvpn 2.6.14-0ubuntu0.24.04.3 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7898-1 CVE-2025-13086 Package Information: https://launchpad.net/ubuntu/+source/openvpn/2.6.14-2ubuntu1.1 https://launchpad.net/ubuntu/+source/openvpn/2.6.14-0ubuntu0.25.04.3 https://launchpad.net/ubuntu/+source/openvpn/2.6.14-0ubuntu0.24.04.3 . OpenVPN update addresses unintended access risk in Ubuntu. Secure your system with recommended patches.. OpenVPN security Ubuntu update unintended access. . Severity: Important. LinuxSecurity.com Team
Nov 27, 2025
•Important
Ubuntu
203
security advisorysecurity updateproftpdMageia 9 MGASA-2025-0015 critical: proftpd unintended access issue
In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from mod_sql. (CVE-2024-48651) References: . MGASA-2025-0015 - Updated proftpd packages fix security vulnerability Publication date: 20 Jan 2025 URL: https://advisories.mageia.org/MGASA-2025-0015.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-48651 In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from mod_sql. (CVE-2024-48651) References: - https://bugs.mageia.org/show_bug.cgi?id=33922 - - https://www.cve.org/CVERecord?id=CVE-2024-48651 SRPMS: - 9/core/proftpd-1.3.8c-1.mga9 . Mageia has released security announcement MGASA-2025-0015 concerning proftpd which mitigates inadvertent GID access vulnerabilities through recent updates.. proftpd, security advisory, Mageia updates, unintended access, security fixes. . Severity: Critical. LinuxSecurity.com Team
Jan 20, 2025
•Critical
Mageia
87
security advisoryDebianproftpdDebian: DSA-5827-1 proftpd Security Advisory on Group Access Issue
Brian Ristuccia discovered that in ProFTPD, a powerful modular FTP/SFTP/FTPS server, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from mod_sql. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5827-1
Dec 10, 2024
•Critical
Debian
172
security advisoryhigh severityremote accessUbuntu 20.04 LTS USN-6156-1 High: SSSD Remote Access Issue
SSSD could allow unintended access to network services.. =========================================================================Ubuntu Security Notice USN-6156-1 June 12, 2023 sssd vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: SSSD could allow unintended access to network services. Software Description: - sssd: System Security Services Daemon Details: It was discovered that SSSD incorrrectly sanitized certificate data used in LDAP filters. When using this issue in combination with FreeIPA, a remote attacker could possibly use this issue to escalate privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: sssd 2.2.3-3ubuntu0.11 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6156-1 CVE-2022-4254 Package Information: https://launchpad.net/ubuntu/+source/sssd/2.2.3-3ubuntu0.11 . A critical flaw in SSSD on Ubuntu 20.04 may result in unauthorized access to network services, necessitating prompt action.. SSSD Vulnerability, Privilege Escalation, Network Services. . Severity: Important. LinuxSecurity.com Team
Jun 12, 2023
•Important
Ubuntu
172
security advisoryubuntunetwork threatUbuntu 16.04 LTS: USN-4571-1 Moderate: rack-cors Network Threat
rack-cors would allow unintended access to files over the network.. =========================================================================Ubuntu Security Notice USN-4571-1 October 05, 2020 ruby-rack-cors vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: rack-cors would allow unintended access to files over the network. Software Description: - ruby-rack-cors: provides support for Cross-Origin Resource Sharing (CORS) for Rack compatible web applications Details: It was discovered that rack-cors did not properly handle relative file paths. An attacker could use this vulnerability to access arbitrary files. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: ruby-rack-cors 0.4.0-1+deb9u2build0.16.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4571-1 CVE-2019-18978 Package Information: https://launchpad.net/ubuntu/+source/ruby-rack-cors/0.4.0-1+deb9u2build0.16.04.1 -- ubuntu-security-announce mailing list
Oct 05, 2020
Ubuntu
172
security advisoryUbuntuauthentication issueUbuntu 14.04 ESM: USN-4015-2 Critical: Dbus Access Issue
DBus could allow unintended access to services.. =========================================================================Ubuntu Security Notice USN-4015-2 June 12, 2019 dbus vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: DBus could allow unintended access to services. Software Description: - dbus: simple interprocess messaging system Details: USN-4015-1 fixed a vulnerability in DBus. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Joe Vennix discovered that DBus incorrectly handled DBUS_COOKIE_SHA1 authentication. A local attacker could possibly use this issue to bypass authentication and connect to DBus servers with elevated privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: dbus 1.6.18-0ubuntu4.5+esm1 libdbus-1-3 1.6.18-0ubuntu4.5+esm1 Ubuntu 12.04 ESM: dbus 1.4.18-1ubuntu1.9 libdbus-1-3 1.4.18-1ubuntu1.9 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4015-2 https://ubuntu.com/security/notices/USN-4015-1 CVE-2019-12749 . A flaw in DBus permits unauthorized entry to services on various Ubuntu versions. Check the advisory for further insights.. DBus Vulnerability, Ubuntu Security Notice, Authentication Bypass, Software Update. . Severity: Critical. LinuxSecurity.com Team
Jun 12, 2019
•Critical
Ubuntu
172
security advisoryaccess issueubuntuUrgent Security Alert: Ubuntu 4001-1 Libseccomp Critical Access Issue
libseccomp could allow unintended access to system calls.. =========================================================================Ubuntu Security Notice USN-4001-1 May 30, 2019 libseccomp vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: libseccomp could allow unintended access to system calls. Software Description: - libseccomp: library for working with the Linux seccomp filter Details: Jann Horn discovered that libseccomp did not correctly generate 64-bit syscall argument comparisons with arithmetic operators (LT, GT, LE, GE). An attacker could use this to bypass intended access restrictions for argument-filtered system calls. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: libseccomp2 2.4.1-0ubuntu0.19.04.3 Ubuntu 18.10: libseccomp2 2.4.1-0ubuntu0.18.10.3 Ubuntu 18.04 LTS: libseccomp2 2.4.1-0ubuntu0.18.04.2 Ubuntu 16.04 LTS: libseccomp2 2.4.1-0ubuntu0.16.04.2 This update uses a new upstream release which includes additional bug fixes. In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4001-1 CVE-2019-9893 Package Information: https://launchpad.net/ubuntu/+source/libseccomp/2.4.1-0ubuntu0.19.04.3 https://launchpad.net/ubuntu/+source/libseccomp/2.4.1-0ubuntu0.18.10.3 https://launchpad.net/ubuntu/+source/libseccomp/2.4.1-0ubuntu0.18.04.2 https://launchpad.net/ubuntu/+source/libseccomp/2.4.1-0ubuntu0.16.04.2 . Ubuntu Security Notice USN-4001-1 highlights a libseccomp flaw that allows unintended access to system calls.. libseccomp, Ubuntu Security, System Call Access. . Severity: Critical. LinuxSecurity.com Team
May 30, 2019
•Critical
Ubuntu
172
security advisorycriticalremote accessUbuntu 18.04 LTS: USN-3856-1 Critical Remote Access Through GNOME Bluetooth
GNOME Bluetooth could allow unintended access to devices.. =========================================================================Ubuntu Security Notice USN-3856-1 January 14, 2019 gnome-bluetooth vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: GNOME Bluetooth could allow unintended access to devices. Software Description: - gnome-bluetooth: GNOME Bluetooth tools Details: Chris Marchesi discovered that BlueZ incorrectly handled disabling Bluetooth visibility. A remote attacker could possibly pair to devices, contrary to expectations. This update adds a workaround to GNOME Bluetooth to fix the issue. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: gnome-bluetooth 3.28.0-2ubuntu0.1 libgnome-bluetooth13 3.28.0-2ubuntu0.1 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3856-1 CVE-2018-10910 Package Information: https://launchpad.net/ubuntu/+source/gnome-bluetooth/3.28.0-2ubuntu0.1 . Remedy GNOME Bluetooth flaw in Ubuntu 18.04 LTS that allows unauthorized device connections. Apply the fix without delay.. GNOME Bluetooth, Ubuntu 18.04, Critical Threat, Security Fix. . Severity: Critical. LinuxSecurity.com Team
Jan 14, 2019
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!