Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoraglibc

Fedora 33 FEDORA-2021-f29b4643c7 Moderate Glibc Use-After-Free

This `glibc` update re-enables `valgrind` suppression support for string functions. It addresses `valgrind` false positives on the aarch64 architecture in particular. ---- This glibc update fixes a use-after-free in the `mq_notify` function (CVE-2021-33574).. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-f29b4643c7 2021-07-07 01:03:57.431634 --------------------------------------------------------------------------------Name : glibc Product : Fedora 33 Version : 2.32 Release : 8.fc33 URL : Summary : The GNU libc libraries Description : The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. --------------------------------------------------------------------------------Update Information: This `glibc` update re-enables `valgrind` suppression support for string functions. It addresses `valgrind` false positives on the aarch64 architecture in particular. ---- This glibc update fixes a use-after-free in the `mq_notify` function (CVE-2021-33574). --------------------------------------------------------------------------------ChangeLog: * Mon Jun 21 2021 Florian Weimer - 2.32-8 - Add valgrind support symbols to libc.so.6's symtab (#1965374) * Fri Jun 11 2021 Arjun Shankar - 2.32-7 - Auto-sync with upstream branch release/2.32/master, commit 16949aeaa078b5994a333980d7a6cd5705d5e1f7: - Fix use of __pthread_attr_copy in mq_notify (bug 27896) - Use __pthread_attr_copy in mq_notify (bug 27896) --------------------------------------------------------------------------------References: [ 1 ] Bug#1965374 - glibc: valgrind suppressions no longer active after debuginfo removal https://bugzilla.redhat.com/show_bug.cgi?id=1965374 [ 2 ] Bug #1965410 - CVE-2021-33574 glibc: mq_notify does not handle separately allocated thread attributes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1965410 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-f29b4643c7' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 33 receives a glibc update that resolves a critical use-after-free vulnerability while also restoring support for valgrind suppression.. glibc Update,Fedora Security,use-after-free Fix. . LinuxSecurity.com Team

Calendar 2 Jul 06, 2021 Fedora
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicecritical

Ubuntu 17.04 USN-3337-1 Critical Security Vulnerability in Valgrind

Valgrind could be made to crash or run programs if it opened a specially crafted file.. =========================================================================Ubuntu Security Notice USN-3337-1 June 21, 2017 valgrind vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Valgrind could be made to crash or run programs if it opened a specially crafted file. Software Description: - valgrind: instrumentation framework for building dynamic analysis tools Details: It was discovered that Valgrind incorrectly handled certain string operations. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-2226) It was discovered that Valgrind incorrectly handled parsing certain binaries. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause Valgrind to crash, resulting in a denial of service. (CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490, CVE-2016-4491, CVE-2016-4492, CVE-2016-4493, CVE-2016-6131) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: valgrind 1:3.12.0-1ubuntu1.1 Ubuntu 16.10: valgrind 1:3.12.0~svn20160714-1ubuntu2.1 Ubuntu 16.04 LTS: valgrind 1:3.11.0-1ubuntu4.2 Ubuntu 14.04 LTS: valgrind 1:3.10.1-1ubuntu3~14.5 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3337-1 CVE-2016-2226, CVE-2016-4487, CVE-2016-4488, CVE-2016-4489, CVE-2016-4490,CVE-2016-4491, CVE-2016-4492, CVE-2016-4493, CVE-2016-6131 Package Information: https://launchpad.net/ubuntu/+source/valgrind/1:3.12.0-1ubuntu1.1 https://launchpad.net/ubuntu/+source/valgrind/1:3.12.0~svn20160714-1ubuntu2.1 https://launchpad.net/ubuntu/+source/valgrind/1:3.11.0-1ubuntu4.2 https://launchpad.net/ubuntu/+source/valgrind/1:3.10.1-1ubuntu3~14.5 . Recent Valgrind flaws threaten Ubuntu environments, leading to potential system failures and unauthorized code runs; guidance for updates included.. Valgrind Security Advisory, Update Instructions, Denial of Service Threats. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 21, 2017 Critical Ubuntu
Banner 4 1028x280 1708121825 1771600306
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitygentoo

Gentoo: GLSA-202310-04 Critical: CustomScript Path Vulnerability

An untrusted search path vulnerability in Valgrind might result in the execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200902-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Valgrind: Untrusted search path Date: February 12, 2009 Bugs: #245317 ID: 200902-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= An untrusted search path vulnerability in Valgrind might result in the execution of arbitrary code. Background ========= Valgrind is an open-source memory debugger. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-util/valgrind < 3.4.0 > = 3.4.0 Description ========== Tavis Ormandy reported that Valgrind loads a .valgrindrc file in the current working directory, executing commands specified there. Impact ===== A local attacker could prepare a specially crafted .valgrindrc file and entice a user to run Valgrind from the directory containing that file, resulting in the execution of arbitrary code with the privileges of the user running Valgrind. Workaround ========= Do not run "valgrind" from untrusted working directories. Resolution ========= All Valgrind users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-util/valgrind-3.4.0" References ========= [ 1 ] CVE-2008-4865 https://www.cve.org/CVERecord?id=CVE-2008-4865 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo SecurityWebsite: https://security.gentoo.org/glsa/200902-03 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . The vulnerability in Valgrind's search path poses a risk of executing unauthorized code on Gentoo platforms. Urgent mitigation is advised!. Valgrind, Untrusted Path, Gentoo Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 12, 2009 Critical Gentoo
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here