Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 3 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryDebianauthentication

Debian LTS: DLA-4123-1 Moderate: wpa Security Risks Addressed

Multiple vulnerabilities were found in wpa, a set of tools including the widely-used wpasupplicant client for authenticating with WPA and WPA2 wireless networks. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4123-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Bastien Roucariès April 12, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : wpa Version : 2:2.9.0-21+deb11u3 CVE ID : CVE-2022-23303 CVE-2022-23304 CVE-2022-37660 Multiple vulnerabilities were found in wpa, a set of tools including the widely-used wpasupplicant client for authenticating with WPA and WPA2 wireless networks. CVE-2022-23303 The implementations of SAE in hostapd are vulnerable to side channel attacks as a result of cache access patterns. CVE-2022-23304 The implementations of EAP-pwd are vulnerable to side-channel attacks as a result of cache access patterns. CVE-2022-37660 The PKEX code remains active even after a successful PKEX association. An attacker that successfully bootstrapped public keys with another entity using PKEX in the past, will be able to subvert a future bootstrapping by passively observing public keys. For Debian 11 bullseye, these problems have been fixed in version 2:2.9.0-21+deb11u3. We recommend that you upgrade your wpa packages. For the detailed security status of wpa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/wpa Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance your wpa software to address significant security threats arising from various weaknesses in WPA authentication processes.. Debian LTS, WPA security, wpasupplicant, vulnerabilitypatch, wireless authentication. . LinuxSecurity.com Team

Calendar 2 Apr 12, 2025 Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorynetwork securitycritical

Debian 10 Buster DLA-3743-1 Critical: WPA Authentication Bypass Issue

It was discovered that there was a potential authentication bypass vulnerability in wpa, a set of tools including the widely-used wpasupplicant client for authenticating with WPA and WPA2 wireless networks. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3743-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb February 27, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : wpa Version : 2:2.7+git20190128+0c1e29f-6+deb10u4 CVE ID : CVE-2023-52160 Debian Bug : 1064061 It was discovered that there was a potential authentication bypass vulnerability in wpa, a set of tools including the widely-used wpasupplicant client for authenticating with WPA and WPA2 wireless networks. For an attack to have been successful, wpasupplicant must have been configured to not verify the network's TLS certificate during Phase 1 of the authentication cycle; a eap_peap_decrypt vulnerability could have been used to skip Phase 2 authentication by sending an EAP-TLV "Success" packet instead of starting Phase 2. For Debian 10 buster, this problem has been fixed in version 2:2.7+git20190128+0c1e29f-6+deb10u4. We recommend that you upgrade your wpa packages. For the detailed security status of wpa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/wpa Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS released Advisory DLA-5743-2 concerning a vulnerability in the SMB protocol. Users are urged to update their systems.. Debian LTS, WPA, Authentication update, Wireless security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 27, 2024 Critical Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicesecurity issue

Debian Buster DSA-4898-1 Critical: wpa Denial Of Service Advisory

Several vulnerabilities have been discovered in wpa_supplicant and hostapd. CVE-2020-12695 . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4898-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso April 22, 2021 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wpa CVE ID : CVE-2020-12695 CVE-2021-0326 CVE-2021-27803 Debian Bug : 976106 981971 Several vulnerabilities have been discovered in wpa_supplicant and hostapd. CVE-2020-12695 It was discovered that hostapd does not properly handle UPnP subscribe messages under certain conditions, allowing an attacker to cause a denial of service. CVE-2021-0326 It was discovered that wpa_supplicant does not properly process P2P (Wi-Fi Direct) group information from active group owners. An attacker within radio range of the device running P2P could take advantage of this flaw to cause a denial of service or potentially execute arbitrary code. CVE-2021-27803 It was discovered that wpa_supplicant does not properly process P2P (Wi-Fi Direct) provision discovery requests. An attacker within radio range of the device running P2P could take advantage of this flaw to cause a denial of service or potentially execute arbitrary code. For the stable distribution (buster), these problems have been fixed in version 2:2.7+git20190128+0c1e29f-6+deb10u3. We recommend that you upgrade your wpa packages. For the detailed security status of wpa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/wpa Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance wpacomponents to address numerous security concerns, particularly denial of service flaws, on Debian platforms.. Debian DSA,wpa update,denial of service,hostapd,security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 22, 2021 Critical Debian
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceUbuntu

Ubuntu 20.10 USN-4757-1 High: wpa_supplicant Denial Of Service

wpa_supplicant could be made to crash or run programs if it received specially crafted network traffic.. =========================================================================Ubuntu Security Notice USN-4757-1 March 03, 2021 wpa vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: wpa_supplicant could be made to crash or run programs if it received specially crafted network traffic. Software Description: - wpa: client support for WPA and WPA2 Details: It was discovered that wpa_supplicant did not properly handle P2P (Wi-Fi Direct) provision discovery requests in some situations. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: wpasupplicant 2:2.9-1ubuntu8.2 Ubuntu 20.04 LTS: wpasupplicant 2:2.9-1ubuntu4.3 Ubuntu 18.04 LTS: wpasupplicant 2:2.6-15ubuntu2.8 Ubuntu 16.04 LTS: wpasupplicant 2.4-0ubuntu6.8 After a standard system update you need to reboot your computer to make all the necessary changes. References: CVE-2021-27803 Package Information: https://launchpad.net/ubuntu/+source/wpa/2:2.9-1ubuntu8.2 https://launchpad.net/ubuntu/+source/wpa/2:2.9-1ubuntu4.3 https://launchpad.net/ubuntu/+source/wpa/2:2.6-15ubuntu2.8 https://launchpad.net/ubuntu/+source/wpa/2.4-0ubuntu6.8 . Ubuntu Security Advisory USN-4758-1 details a vulnerability in NetworkManager that could lead to a denial of service or arbitrary code execution when processing network packets.. wpa_supplicant, denial of service, exploit. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 03, 2021 Important Ubuntu
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorymoderateupdate

Debian Stretch: DLA-2572-1 Moderate: wpa Buffer Overflow DoS Risk

An issue has been found in wpa, a set of tools to support WPA and WPA2 (IEEE 802.11i). Missing validation of data can result in a buffer over-write, which might . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2572-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz February 20, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : wpa Version : 2:2.4-1+deb9u8 CVE ID : CVE-2021-0326 An issue has been found in wpa, a set of tools to support WPA and WPA2 (IEEE 802.11i). Missing validation of data can result in a buffer over-write, which might lead to a DoS of the wpa_supplicant process or potentially arbitrary code execution. On request, together with this upload support for WPA-EAP-SUITE-B(-192) has been enabled. For Debian 9 stretch, this problem has been fixed in version 2:2.4-1+deb9u8. We recommend that you upgrade your wpa packages. For the detailed security status of wpa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/wpa Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Security Notice DLA-2593-2 concerns a critical memory leak vulnerability in SSL impacting Debian LTS administrators.. Debian Security Advisories,WPA Buffer Overwrite,DoS Threats. . LinuxSecurity.com Team

Calendar 2 Feb 20, 2021 Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysecurity updatecritical

Debian LTS: DLA-2318-1 Critical: wpa Network Threats Detected

The following CVE(s) have been reported against src:wpa. CVE-2019-10064 . - ----------------------------------------------------------------------- Debian LTS Advisory DLA-2318-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Utkarsh Gupta August 09, 2020 https://wiki.debian.org/LTS - ----------------------------------------------------------------------- Package : wpa Version : 2:2.4-1+deb9u7 CVE ID : CVE-2019-10064 CVE-2020-12695 The following CVE(s) have been reported against src:wpa. CVE-2019-10064 hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743. CVE-2020-12695 The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. For Debian 9 stretch, these problems have been fixed in version 2:2.4-1+deb9u7. We recommend that you upgrade your wpa packages. For the detailed security status of wpa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/wpa Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Update your wpa software immediately to fix CVE-2019-10064 and CVE-2020-12695 security flaws in Debian.. Debian LTS, WPA Security, Security Advisory, Network Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 08, 2020 Critical Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryDebiancryptography

Debian: DLA-2138-1 Urgent: wpa Hostapd Security Entropy Vulnerability

Similar to CVE-2016-10743 the host access point daemon, hostapd, in EAP mode used a low quality pseudorandom number generator that leads to insufficient entropy. The problem was resolved by using the os_get_random function which provides cryptographically strong pseudo . Package : wpa Version : 2.3-1+deb8u10 CVE ID : CVE-2019-10064 Similar to CVE-2016-10743 the host access point daemon, hostapd, in EAP mode used a low quality pseudorandom number generator that leads to insufficient entropy. The problem was resolved by using the os_get_random function which provides cryptographically strong pseudo random data. For Debian 8 "Jessie", this problem has been fixed in version 2.3-1+deb8u10. We recommend that you upgrade your wpa packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance the wpa package from version 2.3-1+deb8u10 to address inefficiencies in the pseudorandom number generator, thereby bolstering overall security measures.. Debian Security, WPA Update, Hostapd Security, Debian LTS, Cryptography Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 11, 2020 Important Debian LTS
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian: DSA-4538-1 Critical: WPA Protocol Timing Attack and DoS

Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication (station) and hostapd (access point). CVE-2019-13377 . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4538-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Yves-Alexis Perez September 29, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wpa CVE ID : CVE-2019-13377 CVE-2019-16275 Debian Bug : 934180 940080 Two vulnerabilities were found in the WPA protocol implementation found in wpa_supplication (station) and hostapd (access point). CVE-2019-13377 A timing-based side-channel attack against WPA3's Dragonfly handshake when using Brainpool curves could be used by an attacker to retrieve the password. CVE-2019-16275 Insufficient source address validation for some received Management frames in hostapd could lead to a denial of service for stations associated to an access point. An attacker in radio range of the access point could inject a specially constructed unauthenticated IEEE 802.11 frame to the access point to cause associated stations to be disconnected and require a reconnection to the network. For the oldstable distribution (stretch), these problems have been fixed in version $stretch_VERSION. For the stable distribution (buster), these problems have been fixed in version 2:2.7+git20190128+0c1e29f-6+deb10u1. We recommend that you upgrade your wpa packages. For the detailed security status of wpa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/wpa Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian SecurityAnnouncement DSA-4539-1 relates to vulnerabilities found in TLS and suggests necessary patches.. WPA Security Update, Debian Advisory, WPA Protocol Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 29, 2019 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here