Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
203
security advisorypatchimportantMageia 9 usbmuxd Local Privilege Escalation Vulnerability MGASA-2026-0039
MGASA-2026-0039 - Updated usbmuxd packages fix security vulnerability. MGASA-2026-0039 - Updated usbmuxd packages fix security vulnerability Publication date: 16 Feb 2026 URL: https://advisories.mageia.org/MGASA-2026-0039.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-66004 Description: Local privilege escalation in usbmuxd from arbitrary local user to usbmux. (CVE-2025-66004) References: - https://bugs.mageia.org/show_bug.cgi?id=35118 - https://lists.debian.org/debian-security-announce/2026/msg00034.html - https://www.cve.org/CVERecord?id=CVE-2025-66004 SRPMS: - 9/core/usbmuxd-1.1.1-3.1.mga9 . Updated usbmuxd packages in Mageia address local privilege escalation vulnerability CVE-2025-66004.. usbmuxd security, Mageia update, privilege escalation, CVE-2025-66004. . Severity: Important. LinuxSecurity.com Team
Feb 16, 2026
•Important
Mageia
87
security advisorydebianpath traversalDebian usbmuxd DSA-6125-1 Path Traversal Risk CVE-2025-66004
A path traversal vulnerability was discovered in usbmuxd, a multiplexor daemon used to coordinate USB connections from and to Apple devices (iPhone, iPad, iPod). Exploiting this vulnerability enables an unprivileged user to create and delete files named `*.plist` (and, in some cases, arbitrarily named) as the user. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6125-1
Feb 09, 2026
•Important
Debian
202
security advisorymoderatelocal privilege escalationopenSUSE: usbmuxd Local Privilege Escalation Risk - CVE-2025-66004
An update that solves one vulnerability can now be installed.. # Security update for usbmuxd Announcement ID: SUSE-SU-2026:0042-1 Release Date: 2026-01-06T10:35:00Z Rating: moderate References: * bsc#1254302 Cross-References: * CVE-2025-66004 CVSS scores: * CVE-2025-66004 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L * CVE-2025-66004 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L * CVE-2025-66004 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-66004 ( NVD ): 5.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for usbmuxd fixes the following issues: * CVE-2025-66004: Fixed LPE from nobody to usbmux (bsc#1254302) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-42=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-42=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-42=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-42=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x) * usbmuxd-1.1.1-150400.3.3.1 * usbmuxd-debugsource-1.1.1-150400.3.3.1 *usbmuxd-debuginfo-1.1.1-150400.3.3.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * usbmuxd-1.1.1-150400.3.3.1 * usbmuxd-debugsource-1.1.1-150400.3.3.1 * usbmuxd-debuginfo-1.1.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * usbmuxd-1.1.1-150400.3.3.1 * usbmuxd-debugsource-1.1.1-150400.3.3.1 * usbmuxd-debuginfo-1.1.1-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * usbmuxd-32bit-debuginfo-1.1.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * usbmuxd-64bit-debuginfo-1.1.1-150400.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * usbmuxd-1.1.1-150400.3.3.1 * usbmuxd-debugsource-1.1.1-150400.3.3.1 * usbmuxd-debuginfo-1.1.1-150400.3.3.1 * openSUSE Leap 15.6 (x86_64) * usbmuxd-32bit-debuginfo-1.1.1-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-66004.html * https://bugzilla.suse.com/show_bug.cgi?id=1254302 . A security advisory for openSUSE addresses a moderate local privilege escalation issue in usbmuxd, detail included.. usbmuxd security update, openSUSE usbmuxd, linux security advisory. . LinuxSecurity.com Team
Jan 06, 2026
OpenSUSE
100
security advisorymoderatelocal privilege escalationopenSUSE usbmuxd Moderate Local Privilege Escalation Vuln 2026-0042-1
An update that solves one vulnerability can now be installed.. # Security update for usbmuxd Announcement ID: SUSE-SU-2026:0042-1 Release Date: 2026-01-06T10:35:00Z Rating: moderate References: * bsc#1254302 Cross-References: * CVE-2025-66004 CVSS scores: * CVE-2025-66004 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L * CVE-2025-66004 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L * CVE-2025-66004 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-66004 ( NVD ): 5.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for usbmuxd fixes the following issues: * CVE-2025-66004: Fixed LPE from nobody to usbmux (bsc#1254302) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-42=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-42=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-42=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-42=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x) * usbmuxd-1.1.1-150400.3.3.1 * usbmuxd-debugsource-1.1.1-150400.3.3.1 *usbmuxd-debuginfo-1.1.1-150400.3.3.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * usbmuxd-1.1.1-150400.3.3.1 * usbmuxd-debugsource-1.1.1-150400.3.3.1 * usbmuxd-debuginfo-1.1.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * usbmuxd-1.1.1-150400.3.3.1 * usbmuxd-debugsource-1.1.1-150400.3.3.1 * usbmuxd-debuginfo-1.1.1-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * usbmuxd-32bit-debuginfo-1.1.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * usbmuxd-64bit-debuginfo-1.1.1-150400.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * usbmuxd-1.1.1-150400.3.3.1 * usbmuxd-debugsource-1.1.1-150400.3.3.1 * usbmuxd-debuginfo-1.1.1-150400.3.3.1 * openSUSE Leap 15.6 (x86_64) * usbmuxd-32bit-debuginfo-1.1.1-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-66004.html * https://bugzilla.suse.com/show_bug.cgi?id=1254302 . A recent patch for usbmuxd resolves a notable vulnerability in SUSE systems, improving overall security and stability.. usbmuxd security update, local privilege escalation, SUSE Linux patches. . Severity: Important. LinuxSecurity.com Team
Jan 06, 2026
•Important
SuSE
197
security advisorydebianimportantDebian 11: usbmuxd Important File Deletion Threat DLA-4417-1 CVE-2025-66004
It was discovered that usbmuxd, USB multiplexor daemon for iPhone and iPod Touch devices, incorrectly handled certain paths received with the SavePairRecord command. A local attacker could possibly use this issue to delete and write files named *.plist in arbitrary locations. For Debian 11 bullseye, this problem has been fixed in version. Debian LTS Advisory DLA-4417-1
Dec 22, 2025
•Important
Debian LTS
100
security advisorymoderatesecurity issueSUSE: usbmuxd Moderate Local Privilege Escalation Vulnerability 2025:4435-1
An update that solves one vulnerability can now be installed.. # Security update for usbmuxd Announcement ID: SUSE-SU-2025:4435-1 Release Date: 2025-12-17T13:32:55Z Rating: moderate References: * bsc#1254302 Cross-References: * CVE-2025-66004 CVSS scores: * CVE-2025-66004 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L * CVE-2025-66004 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L * CVE-2025-66004 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-66004 ( NVD ): 5.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for usbmuxd fixes the following issues: * CVE-2025-66004: Fixed LPE from nobody to usbmux (bsc#1254302) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-4435=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * usbmuxd-debuginfo-1.1.0-14.3.1 * usbmuxd-1.1.0-14.3.1 * usbmuxd-debugsource-1.1.0-14.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-66004.html * https://bugzilla.suse.com/show_bug.cgi?id=1254302 . Update for SUSE usbmuxd resolves a moderate risk local privilege escalation issue, affecting multiple server products.. usbmuxd security,SUSE update,local privilege escalation,linux administration. . LinuxSecurity.comTeam
Dec 17, 2025
SuSE
172
security advisoryfile overwriteUbuntuUbuntu 25.10 usbmuxd Important File Overwrite CVE-2025-66004
usbmuxd could be made to overwrite files.. ========================================================================== Ubuntu Security Notice USN-7929-1 December 15, 2025 usbmuxd vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: usbmuxd could be made to overwrite files. Software Description: - usbmuxd: USB multiplexor daemon for iPhone and iPod Touch devices Details: It was discovered that usbmuxd incorrectly handled certain paths received with the SavePairRecord command. A local attacker could possibly use this issue to delete and write files named *.plist in arbitrary locations. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 usbmuxd 1.1.1-6ubuntu0.25.10.1 Ubuntu 25.04 usbmuxd 1.1.1-6ubuntu0.25.04.1 Ubuntu 24.04 LTS usbmuxd 1.1.1-5~exp3ubuntu2.1 Ubuntu 22.04 LTS usbmuxd 1.1.1-2ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7929-1 CVE-2025-66004 Package Information: https://launchpad.net/ubuntu/+source/usbmuxd/1.1.1-6ubuntu0.25.10.1 https://launchpad.net/ubuntu/+source/usbmuxd/1.1.1-6ubuntu0.25.04.1 https://launchpad.net/ubuntu/+source/usbmuxd/1.1.1-5~exp3ubuntu2.1 https://launchpad.net/ubuntu/+source/usbmuxd/1.1.1-2ubuntu0.1 . The usbmuxd issue in Ubuntu could permit local file overwrite, highlighting the importance of timely updates.. usbmuxd update, Ubuntu security, local file overwrite. . Severity: Important. LinuxSecurity.com Team
Dec 15, 2025
•Important
Ubuntu
100
security advisorysecurity issueimportantSUSE: 2016:1640-1 Critical: OpenSSL, Network Vulnerability Patch
An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available.. SUSE Security Update: Security update for libimobiledevice, usbmuxd ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1639-1 Rating: important References: #982014 Cross-References: CVE-2016-5104 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: libimobiledevice, usbmuxd were updated to fix one security issue. This security issue was fixed: - CVE-2016-5104: Sockets listening on INADDR_ANY instead of only locally (982014). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-973=1 - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-973=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-973=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-973=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-973=1 - SUSE LinuxEnterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-973=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-973=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-973=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-tools-1.1.5-6.1 libimobiledevice-tools-debuginfo-1.1.5-6.1 - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-tools-1.1.5-6.1 libimobiledevice-tools-debuginfo-1.1.5-6.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-devel-1.1.5-6.1 libusbmuxd-devel-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-devel-1.1.5-6.1 libusbmuxd-devel-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice4-1.1.5-6.1 libimobiledevice4-debuginfo-1.1.5-6.1 libusbmuxd2-1.0.8-12.1 libusbmuxd2-debuginfo-1.0.8-12.1 usbmuxd-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice4-1.1.5-6.1 libimobiledevice4-debuginfo-1.1.5-6.1 libusbmuxd2-1.0.8-12.1 libusbmuxd2-debuginfo-1.0.8-12.1 usbmuxd-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 - SUSE Linux Enterprise Desktop 12-SP1(x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-tools-1.1.5-6.1 libimobiledevice-tools-debuginfo-1.1.5-6.1 libimobiledevice4-1.1.5-6.1 libimobiledevice4-debuginfo-1.1.5-6.1 libusbmuxd2-1.0.8-12.1 libusbmuxd2-debuginfo-1.0.8-12.1 usbmuxd-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-tools-1.1.5-6.1 libimobiledevice-tools-debuginfo-1.1.5-6.1 libimobiledevice4-1.1.5-6.1 libimobiledevice4-debuginfo-1.1.5-6.1 libusbmuxd2-1.0.8-12.1 libusbmuxd2-debuginfo-1.0.8-12.1 usbmuxd-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 References: https://www.suse.com/security/cve/CVE-2016-5104.html https://bugzilla.suse.com/982014 . SUSE Security Update addressing vulnerabilities in libimobiledevice and usbmuxd resolves a critical security concern impacting various distributions.. SUSE Linux Enterprise, Security Update, libimobiledevice, usbmuxd. . Severity: Important. LinuxSecurity.com Team
Jun 21, 2016
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!