Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 66 articles for you...
172

Ubuntu 20.04 Samba Serious DoS RCE Vulnerability USN-8306-2 Advisory

Several security issues were fixed in Samba.. ========================================================================== Ubuntu Security Notice USN-8306-2 June 10, 2026 samba vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Samba. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: USN-8306-1 fixed vulnerabilities in Samba. This update provides the corresponding updates for CVE-2026-3238, CVE-2026-4408, and CVE-2026-4480 in Ubuntu 20.04 LTS. Original advisory details: Asim Viladi Oglu Manizada discovered that Samba incorrectly handled access checks on reparse point operations. An attacker could possibly use this issue to modify reparse point extended attributes on files that should have been read-only. This issue only affected Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-1933) Pavel Kohout discovered that Samba's vfs_worm module did not properly block file overwrites. An attacker could possibly use this issue to overwrite files that should have remained immutable. (CVE-2026-2340) Arad Inbar, Nir Somech, and Ben Grinberg discovered that Samba incorrectly handled certificate auto-enrolment group policies over HTTP without verification. A machine-in-the-middle attacker could possibly use this issue to install a malicious CA certificate. This issue only affected Ubuntu 24.04 LTS, Ubuntu 25.10, and Ubuntu 26.04 LTS. (CVE-2026-3012) Arad Inbar, Erez Cohen, Nir Somech, and Ben Grinberg discovered that Samba's Active Directory Domain Controller WINS server could be made to crash under certain circumstances. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2026-3238) Ron Ben Yizhak discovered that Samba's DCE/RPC SAMR server incorrectly handled a non-default password check script configuration. A remote attacker could possibly use this issueto execute arbitrary code. (CVE-2026-4408) Ron Ben Yizhak discovered that Samba's printing subsystem incorrectly handled a non-default print command configuration. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2026-4480) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS ctdb 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro libnss-winbind 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro libpam-winbind 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro libsmbclient 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro libsmbclient-dev 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro libwbclient-dev 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro libwbclient0 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro python3-samba 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro registry-tools 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro samba 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro samba-common 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro samba-common-bin 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro samba-dev 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro samba-dsdb-modules 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro samba-libs 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro samba-vfs-modules 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro smbclient 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro winbind 2:4.15.13+dfsg-0ubuntu0.20.04.8+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8306-2 https://ubuntu.com/security/notices/USN-8306-1 CVE-2026-3238, CVE-2026-4408, CVE-2026-4480 . Multiple security issues in Samba for Ubuntu 20.04 require immediate updates to prevent exploitation and system compromise.. Ubuntu Samba security update issues vulnerabilities patch. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 10, 2026 Critical Ubuntu
87

Debian Bookworm: DSA-5940-1 critical: modsecurity-apache DoS issue

Several vulnerabilities were discovered in modsecurity-apache, an Apache module to tighten the Web application security, which may result in denial of service (high memory consumption). . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5940-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso June 08, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : modsecurity-apache CVE ID : CVE-2025-47947 CVE-2025-48866 Debian Bug : 1106286 1107196 Several vulnerabilities were discovered in modsecurity-apache, an Apache module to tighten the Web application security, which may result in denial of service (high memory consumption). For the stable distribution (bookworm), these problems have been fixed in version 2.9.7-1+deb12u1. We recommend that you upgrade your modsecurity-apache packages. For the detailed security status of modsecurity-apache please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/modsecurity-apache Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Security vulnerabilities related to denial of service have been addressed in modsecurity-apache. Upgrade to version 2.9.7-1+deb12u1 to maintain optimal security levels.. modsecurity apache, debian security advisory, denial of service fix, update recommendation. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 08, 2025 Critical Debian
197

Debian 11: DLA-4189-1 critical: web.py SQL injection issue

PostgreSQL SQL injection has been fixed in web.py, a Web framework for Python applications. For Debian 11 bullseye, this problem has been fixed in version . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4189-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Adrian Bunk May 29, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : webpy Version : 1:0.61-1+deb11u1 CVE ID : CVE-2025-3818 Debian Bug : 1103780 PostgreSQL SQL injection has been fixed in web.py, a Web framework for Python applications. For Debian 11 bullseye, this problem has been fixed in version 1:0.61-1+deb11u1. We recommend that you upgrade your webpy packages. For the detailed security status of webpy please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/webpy Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian 11's Web.py patch tackles critical PostgreSQL SQL injection risk. Update immediately for improved protection.. Debian Security, web框架, SQL注入解决方案, 更新建议. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 29, 2025 Critical Debian LTS
89

Fedora 40: valkey 2025-59ebc165fc critical: buffer limits for clients

Valkey 8.0.3 - Released Wed 23 Apr 2025 Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible. Bug fixes Optimize RDB load performance and fix cluster mode resizing on replica side. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-59ebc165fc 2025-05-03 01:10:16.988278+00:00 -------------------------------------------------------------------------------- Name : valkey Product : Fedora 40 Version : 8.0.3 Release : 1.fc40 URL : https://valkey.io Summary : A persistent key-value database Description : Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also. -------------------------------------------------------------------------------- Update Information: Valkey 8.0.3 - Released Wed 23 Apr 2025 Upgrade urgency SECURITY: This release includes security fixes we recommend you apply as soon as possible. Bug fixes Optimize RDB load performance and fix cluster mode resizing onreplica side (#1199) Fix memory leak in forgotten node ping ext code path (#1574) Fix cluster info sent stats for message with light header (#1563) Fix module LatencyAddSample still work when latency-monitor-threshold is 0 (#1541) Fix potential crash in radix tree recompression of huge keys (#1722) Fix error "SSL routines::bad length" when connTLSWrite is called second time with smaller buffer (#1737) Fix temp file leak druing replication error handling (#1721) Fix ACL LOAD crash on replica since the primary client don't has a user (#1842) Fix RANDOMKEY infinite loop during CLIENT PAUSE (#1850) fix: add samples to stream object consumer trees (#1825) Fix cluster slot stats assertion during promotion of replica (#1950) Fix panic in primary when blocking shutdown after previous block with timeout (#1948) Ignore stale gossip packets that arrive out of order (#1777) Fix incorrect lag reported in XINFO GROUPS (#1952) Avoid shard id update of replica if not matching with primary shard id (#573) Security fixes CVE-2025-21605 Limit output buffer for unauthenticated clients (#1993) -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 24 2025 Remi Collet - 8.0.3-1 - update to 8.0.3 fixes CVE-2025-21605 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-59ebc165fc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. Tounsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Critical updates for Valkey version 8.0.3 on Fedora 40, enhancing security, performance, and reliability. Ensure you implement these patches swiftly!. Valkey security patch, Fedora update, key-value database security, security fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 03, 2025 Critical Fedora
87

Debian DSA-5770-1: Critical Expat DoS and Code Execute Risks

Shang-Hung Wan discovered multiple vulnerabilities in the Expat XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5770-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff September 17, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : expat CVE ID : CVE-2024-45490 CVE-2024-45491 CVE-2024-45492 Shang-Hung Wan discovered multiple vulnerabilities in the Expat XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code. For the stable distribution (bookworm), these problems have been fixed in version 2.5.0-1+deb12u1. We recommend that you upgrade your expat packages. For the detailed security status of expat please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/expat Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Multiple security vulnerabilities found in the Expat XML library could lead to denial of service or arbitrary code execution. Debian users should update their systems.. expat security,debian updates,xml parsing risk. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Sep 17, 2024 Critical Debian
197

Debian Buster DLA-3773-1 Critical: FreeIPA Command Injection DoS Threat

It was discovered that there was a command-line injection issue in the FreeIPA identity, authentication and audit framework. A specially crafted HTTP request could have lead to a Denial of Service (DoS) attack and/or data exposure. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3773-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb March 25, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : freeipa Version : 4.7.2-3+deb10u1 CVE ID : CVE-2024-1481 Debian Bug : 1065106 It was discovered that there was a command-line injection issue in the FreeIPA identity, authentication and audit framework. A specially crafted HTTP request could have lead to a Denial of Service (DoS) attack and/or data exposure. For Debian 10 buster, this problem has been fixed in version 4.7.2-3+deb10u1. We recommend that you upgrade your freeipa packages. For the detailed security status of freeipa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/freeipa Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS: Advisory DLA-3774-1 addresses vulnerabilities in Samba that compromise system integrity. Immediate upgrade suggested for protection!. Debian LTS, FreeIPA, Command Injection, DoS Threat, Security Update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Mar 25, 2024 Critical Debian LTS
87

Debian 11/12: DSA-5580-1 moderate: webkit2gtk DoS issue

The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-42883 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5580-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Alberto Garcia December 18, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : webkit2gtk CVE ID : CVE-2023-42883 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2023-42883 The Zoom Offensive Security Team discovered that processing a SVG image may lead to a denial-of-service. For the oldstable distribution (bullseye), this problem has been fixed in version 2.42.4-1~deb11u1. For the stable distribution (bookworm), this problem has been fixed in version 2.42.4-1~deb12u1. We recommend that you upgrade your webkit2gtk packages. For the detailed security status of webkit2gtk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/webkit2gtk Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Bulletin DSA-5580-1 addresses CVE-2023-42883 affecting webkit2gtk; updates to stable releases are recommended.. Debian Security, webkit2gtk, Denial Of Service, security patches. . LinuxSecurity.com Team

Calendar%202 Dec 18, 2023 Debian
87

Debian DSA-5486-1 Critical: Thunderbird Vulnerability Mitigation

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5485-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff August 30, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : firefox-esr CVE ID : CVE-2023-4573 CVE-2023-4574 CVE-2023-4575 CVE-2023-4581 CVE-2023-4584 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code. For the oldstable distribution (bullseye), these problems have been fixed in version 102.15.0esr-1~deb11u1. For the stable distribution (bookworm), these problems have been fixed in version 102.15.0esr-1~deb12u1. We recommend that you upgrade your firefox-esr packages. For the detailed security status of firefox-esr please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/firefox-esr Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance your firefox-esr installation to safeguard against unauthorized code execution vulnerabilities in Debian. Urgent patches are out for all users.. firefox-esr update,debian security,execution code fix,mozilla updates. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Aug 30, 2023 Critical Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200