Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentooprivilege escalation

Gentoo Linux GLSA 202310-15 High: USBView Privilege Escalation Risk

A vulnerability has been discovered in usbview where certain users can trigger a privilege escalation.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202310-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: USBView: root privilege escalation via insecure polkit settings Date: October 26, 2023 Bugs: #831756 ID: 202310-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in usbview where certain users can trigger a privilege escalation. Background ========== USBView is a tool to display the topology of devices on the USB bus. Affected packages ================= Package Vulnerable Unaffected ----------------- ------------ ------------ app-admin/usbview < 2.2 > = 2.2 Description =========== A vulnerability has been discovered in usbview. Please review the CVE identifier referenced below for details. Impact ====== USBView allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. Workaround ========== There is no known workaround at this time. Resolution ========== All USBView users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-admin/usbview-2.2" References ========== [ 1 ] CVE-2022-23220 https://nvd.nist.gov/vuln/detail/CVE-2022-23220 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202310-15 Concerns? ========= Security is a primary focus ofGentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . An update from Gentoo GLSA 202310-16 addresses a critical vulnerability in usbview that could grant unauthorized root privileges because of improper polkit configurations.. Gentoo Security, usbview Escalation, Linux Advisory, Privilege Management. . LinuxSecurity.com Team

Calendar 2 Oct 26, 2023 Gentoo
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderateupdate

Fedora 35: FEDORA-2022-421e65c5d4 Moderate: usbview Update 3.0

* Update to 3.0 (fixes (CVE-2022-23220) * Move to upstream desktop/polkit policy * Use %%license * Cleanup spec * Stop using debugfs unnecessarily. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-421e65c5d4 2022-02-01 01:11:23.956393 --------------------------------------------------------------------------------Name : usbview Product : Fedora 35 Version : 3.0 Release : 1.fc35 URL : http://www.kroah.com/linux-usb/ Summary : USB topology and device viewer Description : Display information about the topology of the devices connected to the USB bus on a Linux machine. It also displays detailed information on the individual devices. --------------------------------------------------------------------------------Update Information: * Update to 3.0 (fixes (CVE-2022-23220) * Move to upstream desktop/polkit policy * Use %%license * Cleanup spec * Stop using debugfs unnecessarily --------------------------------------------------------------------------------ChangeLog: * Sat Jan 22 2022 FeRD (Frank Dana> - 3.0-1 - New upstream release * Sat Jan 22 2022 Peter Robinson - 2.2-1 - Update to 2.2 (fixes (CVE-2022-23220) - Move to upstream desktop/polkit policy - Use %license - Cleanup spec * Sat Jan 22 2022 Fedora Release Engineering - 2.0-20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-421e65c5d4' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . New version of usbview for Fedora 35 released, fixing CVE-2022-23220 with optimizations and enhancements.. usb viewer, topology display, Fedora updates. . LinuxSecurity.com Team

Calendar 2 Jan 31, 2022 Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdatecritical

Fedora 34: FEDORA-2022-256142639c Critical: Usbview Software Fix

* Update to 3.0 (fixes (CVE-2022-23220) * Move to upstream desktop/polkit policy * Use %%license * Cleanup spec * Stop using debugfs unnecessarily. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-256142639c 2022-02-01 01:05:50.764911 --------------------------------------------------------------------------------Name : usbview Product : Fedora 34 Version : 3.0 Release : 1.fc34 URL : http://www.kroah.com/linux-usb/ Summary : USB topology and device viewer Description : Display information about the topology of the devices connected to the USB bus on a Linux machine. It also displays detailed information on the individual devices. --------------------------------------------------------------------------------Update Information: * Update to 3.0 (fixes (CVE-2022-23220) * Move to upstream desktop/polkit policy * Use %%license * Cleanup spec * Stop using debugfs unnecessarily --------------------------------------------------------------------------------ChangeLog: * Sat Jan 22 2022 FeRD (Frank Dana> - 3.0-1 - New upstream release * Sat Jan 22 2022 Peter Robinson - 2.2-1 - Update to 2.2 (fixes (CVE-2022-23220) - Move to upstream desktop/polkit policy - Use %license - Cleanup spec * Sat Jan 22 2022 Fedora Release Engineering - 2.0-20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Fri Jul 23 2021 Fedora Release Engineering - 2.0-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-256142639c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project canbe found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . The latest release of usbview 3.0 in Fedora 34 introduces significant improvements and resolves existing issues related to device interaction.. Fedora Usbview Update, Device Viewer, Usb Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 31, 2022 Critical Fedora
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian: DSA-5052-1 Critical: usbview Privilege Escalation

Matthias Gerstner reported that usbview, a USB device viewer, does not properly handle authorization in the PolicyKit policy configuration, which could result in root privilege escalation. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5052-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso January 21, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : usbview CVE ID : CVE-2022-23220 Matthias Gerstner reported that usbview, a USB device viewer, does not properly handle authorization in the PolicyKit policy configuration, which could result in root privilege escalation. For the oldstable distribution (buster), this problem has been fixed in version 2.0-21-g6fe2f4f-2+deb10u1. For the stable distribution (bullseye), this problem has been fixed in version 2.0-21-g6fe2f4f-2+deb11u1. We recommend that you upgrade your usbview packages. For the detailed security status of usbview please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/usbview Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . A notice regarding the usbview upgrade has been issued, which resolves a privilege escalation vulnerability identified by Matthias Gerstner within the Debian environment.. usbview Update, Privilege Escalation, Debian Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 21, 2022 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceubuntu

Ubuntu 21.10: USN-5249-1 Moderate: usbview Administrative Access

USBView could be made to crash or run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-5249-1 January 21, 2022 usbview vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: USBView could be made to crash or run programs as an administrator. Software Description: - usbview: USB device viewer Details: It was discovered that USBView allowed unprivileged users to run usbview as root. A local attacker could use this vulnerability to gain administrative privileges or cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: usbview 2.0-21-g6fe2f4f-2ubuntu0.21.10.3 Ubuntu 20.04 LTS: usbview 2.0-21-g6fe2f4f-2ubuntu0.20.04.1 Ubuntu 18.04 LTS: usbview 2.0-21-g6fe2f4f-1ubuntu1.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5249-1 CVE-2022-23220 Package Information: https://launchpad.net/ubuntu/+source/usbview/2.0-21-g6fe2f4f-2ubuntu0.21.10.3 https://launchpad.net/ubuntu/+source/usbview/2.0-21-g6fe2f4f-2ubuntu0.20.04.1 https://launchpad.net/ubuntu/+source/usbview/2.0-21-g6fe2f4f-1ubuntu1.1 . Advisory covers USBView vulnerability in Ubuntu, detailing its impact and necessary update instructions.. USBView Exploit, Ubuntu Security Notice, Administrative Privileges, DoS Attack. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 21, 2022 Important Ubuntu
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here