Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 140 articles for you...
100

SUSE Linux Micro 6.2 Zlib Moderate Buffer Overflow Fix 2026-21013-1

An update that solves two vulnerabilities can now be installed.. # Security update for zlib Announcement ID: SUSE-SU-2026:21013-1 Release Date: 2026-04-09T11:25:32Z Rating: moderate References: * bsc#1216378 * bsc#1258392 Cross-References: * CVE-2023-45853 * CVE-2026-27171 CVSS scores: * CVE-2023-45853 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-45853 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-45853 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27171 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-27171 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-27171 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-27171 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for zlib fixes the following issues: * CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392) * CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-502=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * zlib-devel-1.2.13-160000.3.1 * libz1-1.2.13-160000.3.1 * zlib-debugsource-1.2.13-160000.3.1 * libz1-debuginfo-1.2.13-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45853.html * https://www.suse.com/security/cve/CVE-2026-27171.html *https://bugzilla.suse.com/show_bug.cgi?id=1216378 * https://bugzilla.suse.com/show_bug.cgi?id=1258392 . Update for zlib addresses two issues, including a buffer overflow and infinite loop vulnerability. Install recommended patch now.. SUSE Linux, zlib update, moderate severity, buffer overflow fix. . LinuxSecurity.com Team

Calendar%202 Apr 13, 2026 SuSE
203

Mageia 9 zlib Important CPU Consumption DoS Vulnerability MGASA-2026-0076

MGASA-2026-0076 - Updated zlib packages fix security vulnerability. MGASA-2026-0076 - Updated zlib packages fix security vulnerability Publication date: 31 Mar 2026 URL: https://advisories.mageia.org/MGASA-2026-0076.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-27171 Description: zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. (CVE-2026-27171) References: - https://bugs.mageia.org/show_bug.cgi?id=35291 - https://bugzilla.redhat.com/show_bug.cgi?id=2440530 - https://ubuntu.com/security/CVE-2026-27171 - https://security-tracker.debian.org/tracker/CVE-2026-27171 - https://www.cve.org/CVERecord?id=CVE-2026-27171 SRPMS: - 9/core/zlib-1.2.13-1.4.mga9 . Updated zlib packages for Mageia address critical security risks to prevent CPU consumption.. Mageia zlib security patch, CPU consumption vulnerability, security advisory Mageia, DoS vulnerability zlib. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 01, 2026 Important Mageia
100

SUSE Linux Micro Compression Error Leading to Indefinite Cycle Flaw

An update that solves two vulnerabilities can now be installed.. # Security update for zlib Announcement ID: SUSE-SU-2026:20709-1 Release Date: 2026-03-09T09:56:07Z Rating: moderate References: * bsc#1216378 * bsc#1258392 Cross-References: * CVE-2023-45853 * CVE-2026-27171 CVSS scores: * CVE-2023-45853 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-45853 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-45853 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27171 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-27171 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-27171 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-27171 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for zlib fixes the following issues: * CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392) * CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-610=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * libz1-1.2.13-7.1 * zlib-debugsource-1.2.13-7.1 * zlib-devel-1.2.13-7.1 * libz1-debuginfo-1.2.13-7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45853.html * https://www.suse.com/security/cve/CVE-2026-27171.html * https://bugzilla.suse.com/show_bug.cgi?id=1216378 *https://bugzilla.suse.com/show_bug.cgi?id=1258392 . Update for zlib fixes two vulnerabilities including heap-based buffer overflow and infinite loop for SUSE systems.. zlib update, SUSE security fix, buffer overflow issue. . LinuxSecurity.com Team

Calendar%202 Mar 18, 2026 SuSE
202

Fedora 37 zlib Vulnerability Update Active Cycle Remedy SUSE-SU-2026-0832-1

An update that solves one vulnerability can now be installed.. # Security update for zlib Announcement ID: SUSE-SU-2026:0783-1 Release Date: 2026-03-03T13:36:31Z Rating: moderate References: * bsc#1258392 Cross-References: * CVE-2026-27171 CVSS scores: * CVE-2026-27171 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-27171 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-27171 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-27171 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for zlib fixes the following issue: * CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing checks for negative lengths (bsc#1258392). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-783=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-783=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-783=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-783=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-783=1 ## Package List: * Development Tools Module 15-SP7 (x86_64) * zlib-devel-32bit-1.2.13-150500.4.6.1 *openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * zlib-devel-static-1.2.13-150500.4.6.1 * zlib-testsuite-debuginfo-1.2.13-150500.4.6.1 * libminizip1-debuginfo-1.2.13-150500.4.6.1 * libminizip1-1.2.13-150500.4.6.1 * zlib-devel-1.2.13-150500.4.6.1 * zlib-testsuite-1.2.13-150500.4.6.1 * libz1-1.2.13-150500.4.6.1 * zlib-debugsource-1.2.13-150500.4.6.1 * libz1-debuginfo-1.2.13-150500.4.6.1 * minizip-devel-1.2.13-150500.4.6.1 * openSUSE Leap 15.5 (x86_64) * libz1-32bit-debuginfo-1.2.13-150500.4.6.1 * libz1-32bit-1.2.13-150500.4.6.1 * zlib-devel-static-32bit-1.2.13-150500.4.6.1 * libminizip1-32bit-debuginfo-1.2.13-150500.4.6.1 * zlib-devel-32bit-1.2.13-150500.4.6.1 * libminizip1-32bit-1.2.13-150500.4.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libminizip1-64bit-debuginfo-1.2.13-150500.4.6.1 * libz1-64bit-1.2.13-150500.4.6.1 * libz1-64bit-debuginfo-1.2.13-150500.4.6.1 * zlib-devel-64bit-1.2.13-150500.4.6.1 * zlib-devel-static-64bit-1.2.13-150500.4.6.1 * libminizip1-64bit-1.2.13-150500.4.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * zlib-devel-static-1.2.13-150500.4.6.1 * zlib-testsuite-debuginfo-1.2.13-150500.4.6.1 * libminizip1-debuginfo-1.2.13-150500.4.6.1 * libminizip1-1.2.13-150500.4.6.1 * zlib-devel-1.2.13-150500.4.6.1 * zlib-testsuite-1.2.13-150500.4.6.1 * libz1-1.2.13-150500.4.6.1 * zlib-debugsource-1.2.13-150500.4.6.1 * libz1-debuginfo-1.2.13-150500.4.6.1 * minizip-devel-1.2.13-150500.4.6.1 * openSUSE Leap 15.6 (x86_64) * libz1-32bit-debuginfo-1.2.13-150500.4.6.1 * libz1-32bit-1.2.13-150500.4.6.1 * zlib-devel-static-32bit-1.2.13-150500.4.6.1 * libminizip1-32bit-debuginfo-1.2.13-150500.4.6.1 * zlib-devel-32bit-1.2.13-150500.4.6.1 * libminizip1-32bit-1.2.13-150500.4.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libz1-debuginfo-1.2.13-150500.4.6.1 * zlib-devel-1.2.13-150500.4.6.1 *zlib-debugsource-1.2.13-150500.4.6.1 * libz1-1.2.13-150500.4.6.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * zlib-devel-static-1.2.13-150500.4.6.1 * libminizip1-debuginfo-1.2.13-150500.4.6.1 * libminizip1-1.2.13-150500.4.6.1 * zlib-devel-1.2.13-150500.4.6.1 * libz1-1.2.13-150500.4.6.1 * zlib-debugsource-1.2.13-150500.4.6.1 * libz1-debuginfo-1.2.13-150500.4.6.1 * minizip-devel-1.2.13-150500.4.6.1 * Basesystem Module 15-SP7 (x86_64) * libz1-32bit-debuginfo-1.2.13-150500.4.6.1 * libz1-32bit-1.2.13-150500.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27171.html * https://bugzilla.suse.com/show_bug.cgi?id=1258392 . An important moderation update for zlib on openSUSE addresses an infinite loop vulnerability effectively. Install now!. zlib update, openSUSE security, infinite loop fix, SUSE advisory. . LinuxSecurity.com Team

Calendar%202 Mar 03, 2026 OpenSUSE
203

Mageia 9: zlib Important Buffer Overflow Security Fix MGASA-2026-0006

MGASA-2026-0006 - Updated zlib packages fix security vulnerability. MGASA-2026-0006 - Updated zlib packages fix security vulnerability Publication date: 11 Jan 2026 URL: https://advisories.mageia.org/MGASA-2026-0006.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-22184 Description: zlib

Calendar%202 Jan 11, 2026 Important Mageia
217

Oracle Linux 7 ELSA-2025-8314: Important zlib Security Issue

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-8314 http://linux.oracle.com/errata/ELSA-2025-8314.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: minizip-1.2.7-21.0.1.el7_9.i686.rpm minizip-1.2.7-21.0.1.el7_9.x86_64.rpm minizip-devel-1.2.7-21.0.1.el7_9.i686.rpm minizip-devel-1.2.7-21.0.1.el7_9.x86_64.rpm zlib-1.2.7-21.0.1.el7_9.i686.rpm zlib-1.2.7-21.0.1.el7_9.x86_64.rpm zlib-devel-1.2.7-21.0.1.el7_9.i686.rpm zlib-devel-1.2.7-21.0.1.el7_9.x86_64.rpm zlib-static-1.2.7-21.0.1.el7_9.i686.rpm zlib-static-1.2.7-21.0.1.el7_9.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//zlib-1.2.7-21.0.1.el7_9.src.rpm Related CVEs: CVE-2016-9840 Description of changes: [1.2.7-21.0.1] - Resolves: CVE-2025-4638 [Orabug: 38010977] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 7 has released essential RPM packages for zlib, addressing significant security flaws and weaknesses. For more information, visit this link.. Oracle Linux, Zlib Update, RPM Security, Linux Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 10, 2025 Important Oracle
172

Ubuntu 14.04 LTS: USN-7107-1 critical: zlib denial of service

zlib could be made to crash or run programs if it received specially crafted input.. ========================================================================== Ubuntu Security Notice USN-7107-1 November 13, 2024 zlib vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: zlib could be made to crash or run programs if it received specially crafted input. Software Description: - zlib: Lossless data-compression library Details: It was discovered that Minizip in zlib incorrectly handled certain zip header fields. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS lib32z1 1:1.2.8.dfsg-1ubuntu1.1+esm3 Available with Ubuntu Pro lib32z1-dev 1:1.2.8.dfsg-1ubuntu1.1+esm3 Available with Ubuntu Pro libx32z1 1:1.2.8.dfsg-1ubuntu1.1+esm3 Available with Ubuntu Pro libx32z1-dev 1:1.2.8.dfsg-1ubuntu1.1+esm3 Available with Ubuntu Pro zlib-bin 1:1.2.8.dfsg-1ubuntu1.1+esm3 Available with Ubuntu Pro zlib1g 1:1.2.8.dfsg-1ubuntu1.1+esm3 Available with Ubuntu Pro zlib1g-dev 1:1.2.8.dfsg-1ubuntu1.1+esm3 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7107-1 CVE-2023-45853 . Concerning the zlib vulnerability USN-7107-1 affecting Ubuntu systems: it’s crucial to implement updates to avert potential system failures as well as unauthorized code execution.. Ubuntu Security, zlib Advisory, Denial of Service, Code Execution, Software Update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Nov 13, 2024 Critical Ubuntu
100

SUSE Linux Enterprise Micro 5.5: 2024:2431-1 Moderate: zlib Buffer Overflow

* bsc#1216378 Cross-References: * CVE-2023-45853 . # Security update for zlib Announcement ID: SUSE-SU-2024:2431-1 Rating: moderate References: * bsc#1216378 Cross-References: * CVE-2023-45853 CVSS scores: * CVE-2023-45853 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-45853 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for zlib fixes the following issues: * CVE-2023-45853: Fixed an integer overflow that would lead to a buffer overflow in the minizip subcomponent (bsc#1216378). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2431=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (ppc64le) * zlib-devel-1.2.13-150500.4.3.1 * libz1-debuginfo-1.2.13-150500.4.3.1 * zlib-debugsource-1.2.13-150500.4.3.1 * libz1-1.2.13-150500.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45853.html * https://bugzilla.suse.com/show_bug.cgi?id=1216378 . The latest patch for zlib resolves a critical integer overflow vulnerability that could result in a buffer overflow affecting SUSE Linux Enterprise Micro 5.5.. zlib Security Update, SUSE Linux Update, buffer overflow patch. . LinuxSecurity.com Team

Calendar%202 Aug 19, 2024 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200