Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
100
security advisorySuSEimportantSUSE Linux Micro 6.0 virtiofsd Key Stack Overflow Resolution 2026-20723-1
An update that solves one vulnerability can now be installed.. # Security update for virtiofsd Announcement ID: SUSE-SU-2026:20723-1 Release Date: 2026-03-12T09:58:13Z Rating: important References: * bsc#1257912 Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( NVD ): 6.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for virtiofsd fixes the following issue: * CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257912). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-618=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * virtiofsd-debuginfo-1.10.1-2.1 * virtiofsd-1.10.1-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25727.html * https://bugzilla.suse.com/show_bug.cgi?id=1257912 . SUSE's important advisory details a fix for virtiofsd addressing a critical parsing issue to mitigate stack exhaustion risks.. SUSE update, virtiofsd security, stack exhaustion risk, important advisory, parsing issue. . Severity: Important. LinuxSecurity.com Team
Mar 19, 2026
•Important
SuSE
100
security advisorySuSEimportantSUSE Linux Micro 6.1 virtiofsd Stack Exhaustion Fix - SUSE-SU-2026-20661-1
An update that solves one vulnerability can now be installed.. # Security update for virtiofsd Announcement ID: SUSE-SU-2026:20661-1 Release Date: 2026-03-10T18:41:43Z Rating: important References: * bsc#1257912 Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( NVD ): 6.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for virtiofsd fixes the following issue: * CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257912). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-436=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * virtiofsd-1.10.1-slfo.1.1_2.1 * virtiofsd-debugsource-1.10.1-slfo.1.1_2.1 * virtiofsd-debuginfo-1.10.1-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25727.html * https://bugzilla.suse.com/show_bug.cgi?id=1257912 . Address stack exhaustion in virtiofsd with important SUSE update. Install using zypper or YaST.. SUSE Linux Micro, virtiofsd patch, stack exhaustion fix, CVE-2026, important security update. . Severity: Important. LinuxSecurity.com Team
Mar 18, 2026
•Important
SuSE
100
security advisorySuSEimportantSUSE Linux Micro virtiofsd Important Stack Exhaustion Threat CVE-2026-25727
An update that solves one vulnerability can now be installed.. # Security update for virtiofsd Announcement ID: SUSE-SU-2026:20684-1 Release Date: 2026-03-05T14:24:28Z Rating: important References: * bsc#1257912 Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( NVD ): 6.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for virtiofsd fixes the following issue: * CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257912). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-359=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * virtiofsd-1.12.0-160000.3.1 * virtiofsd-debuginfo-1.12.0-160000.3.1 * virtiofsd-debugsource-1.12.0-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25727.html * https://bugzilla.suse.com/show_bug.cgi?id=1257912 . An important update for virtiofsd addresses a stack exhaustion issue with CVE-2026-25727 for SUSE users.. SUSE Update, Virtiofsd Security, Stack Exhaustion Fix, CVE-2026-25727. . Severity: Important. LinuxSecurity.com Team
Mar 18, 2026
•Important
SuSE
202
security advisorymoderatedenial of serviceopenSUSE Tumbleweed Virtiofsd Moderate Security Update 2026-10308-1
An update that solves one vulnerability can now be installed.. # virtiofsd-1.13.2-2.1 on GA media Announcement ID: openSUSE-SU-2026:10308-1 Rating: moderate Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the virtiofsd-1.13.2-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * virtiofsd 1.13.2-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25727.html . Security update for virtiofsd-1.13.2-2.1 in openSUSE Tumbleweed addresses moderate severity threats effectively.. openSUSE virtiofsd update security patch moderate. . LinuxSecurity.com Team
Mar 09, 2026
OpenSUSE
100
security advisorySuSEDoSSUSE 15 SP6 virtiofsd Key Update Mitigates DoS Vulnerability CVE-2026-25727
An update that solves one vulnerability can now be installed.. # Security update for virtiofsd Announcement ID: SUSE-SU-2026:0816-1 Release Date: 2026-03-05T09:51:05Z Rating: important References: * bsc#1257912 Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( NVD ): 6.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for virtiofsd fixes the following issue: * CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257912). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-816=1 openSUSE-SLE-15.6-2026-816=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-816=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-816=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * virtiofsd-debugsource-1.10.1-150600.4.6.1 * virtiofsd-debuginfo-1.10.1-150600.4.6.1 * virtiofsd-1.10.1-150600.4.6.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390xx86_64) * virtiofsd-debuginfo-1.10.1-150600.4.6.1 * virtiofsd-1.10.1-150600.4.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * virtiofsd-debuginfo-1.10.1-150600.4.6.1 * virtiofsd-1.10.1-150600.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25727.html * https://bugzilla.suse.com/show_bug.cgi?id=1257912 . SUSE issues important update for virtiofsd to address parsing vulnerabilities affecting system stability. Act now!. virtiofsd SUSE security patch DoS buffer exhaustion. . Severity: Important. LinuxSecurity.com Team
Mar 05, 2026
•Important
SuSE
202
security advisoryimportantOpenSUSEopenSUSE Leap 15.6 SUSE-SU-2026-0816-1 virtiofsd Important Stack Exhaustion
An update that solves one vulnerability can now be installed.. # Security update for virtiofsd Announcement ID: SUSE-SU-2026:0816-1 Release Date: 2026-03-05T09:51:05Z Rating: important References: * bsc#1257912 Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( NVD ): 6.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for virtiofsd fixes the following issue: * CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257912). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-816=1 openSUSE-SLE-15.6-2026-816=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-816=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-816=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * virtiofsd-debugsource-1.10.1-150600.4.6.1 * virtiofsd-debuginfo-1.10.1-150600.4.6.1 * virtiofsd-1.10.1-150600.4.6.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390xx86_64) * virtiofsd-debuginfo-1.10.1-150600.4.6.1 * virtiofsd-1.10.1-150600.4.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * virtiofsd-debuginfo-1.10.1-150600.4.6.1 * virtiofsd-1.10.1-150600.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25727.html * https://bugzilla.suse.com/show_bug.cgi?id=1257912 . Update for openSUSE fixes important issue in virtiofsd related to stack exhaustion. Install to secure your system against threats.. openSUSE virtiofsd update important stack exhaustion CVE-2026-25727. . Severity: Important. LinuxSecurity.com Team
Mar 05, 2026
•Important
OpenSUSE
100
security advisorySuSEimportantSUSE virtiofsd Key Stack Overflow Resolution 2026-0819-2
An update that solves one vulnerability can now be installed.. # Security update for virtiofsd Announcement ID: SUSE-SU-2026:0819-1 Release Date: 2026-03-05T10:49:51Z Rating: important References: * bsc#1257912 Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( NVD ): 6.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for virtiofsd fixes the following issue: * CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257912). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-819=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * virtiofsd-debuginfo-1.12.0-150700.3.3.1 * virtiofsd-1.12.0-150700.3.3.1 * virtiofsd-debugsource-1.12.0-150700.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25727.html * https://bugzilla.suse.com/show_bug.cgi?id=1257912 . SUSE update addresses important issue in virtiofsd related to stack exhaustion from input parsing.. SUSE Linux Security,virtiofsd Update, Stack Exhaustion Issue, Input Parsing Vulnerability. . Severity: Important. LinuxSecurity.com Team
Mar 05, 2026
•Important
SuSE
89
security advisoryupdatecriticalFedora 38: 2024-f2305d485f Critical Update for virtiofsd - CVE-2023-50711
Update rust-vmm components and their consumers to address CVE-2023-50711. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-f2305d485f 2024-02-14 01:11:43.154092 -------------------------------------------------------------------------------- Name : virtiofsd Product : Fedora 38 Version : 1.10.1 Release : 1.fc38 URL : https://gitlab.com/virtio-fs/virtiofsd Summary : Virtio-fs vhost-user device daemon (Rust version) Description : Virtio-fs vhost-user device daemon (Rust version). -------------------------------------------------------------------------------- Update Information: Update rust-vmm components and their consumers to address CVE-2023-50711 -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 5 2024 Sergio Lopez - 1.10.1-1 - Update to version 1.10.1 * Sat Jan 27 2024 Fedora Release Engineering - 1.10.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Tue Jan 23 2024 Sergio Lopez - 1.10.0-1 - Update to version 1.10.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-f2305d485f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 14, 2024
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!