Alerts This Week
Warning Icon 1 1,355
Alerts This Week
Warning Icon 1 1,355

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9,991 articles for you...
89

Fedora 44 Transmission Important CORS Use After Free Fix 2026-0c067e5040

Fixed a CORS bug that leaked the anti-CSRF nonce. (#8938) Fixed a use-after-free bug in peer code. (#8921) Fixed build error when compiling with fmt 12.2.0. (#8942). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0c067e5040 2026-07-02 01:05:29.984018+00:00 -------------------------------------------------------------------------------- Name : transmission Product : Fedora 44 Version : 4.1.3 Release : 1.fc44 URL : http://www.transmissionbt.com Summary : A lightweight GTK+ BitTorrent client Description : Transmission is a free, lightweight BitTorrent client. It features a simple, intuitive interface on top on an efficient, cross-platform back-end. -------------------------------------------------------------------------------- Update Information: Fixed a CORS bug that leaked the anti-CSRF nonce. (#8938) Fixed a use-after-free bug in peer code. (#8921) Fixed build error when compiling with fmt 12.2.0. (#8942) -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 30 2026 Gwyn Ciesla - 4.1.3-1 - 4.1.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2494743 - transmission-4.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2494743 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0c067e5040' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update for Transmission 4.1.3 in Fedora 44 fixes CORS and use-after-free issues, enhancing security and stability.. Fedora Transmission update CORS use-after-free. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 44 ipp-usb Critical DoS Security Fix FEDORA-2026-00901a5e8f

0.9.34 - security fix for CVE-2026-27145. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-00901a5e8f 2026-07-02 01:05:29.984014+00:00 -------------------------------------------------------------------------------- Name : ipp-usb Product : Fedora 44 Version : 0.9.34 Release : 2.fc44 URL : https://github.com/OpenPrinting/ipp-usb Summary : HTTP reverse proxy, backed by IPP-over-USB connection to device Description : HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol. -------------------------------------------------------------------------------- Update Information: 0.9.34 - security fix for CVE-2026-27145 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 30 2026 Zdenek Dohnal - 0.9.34-2 - ipp-usb-0.9.34 is available (fedora#2463247, fedora#2484207, fedora#2494316) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2484207 - CVE-2026-27145 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries https://bugzilla.redhat.com/show_bug.cgi?id=2484207 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-00901a5e8f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical security fix for ipp-usb in Fedora 44 to address denial of service via CVE-2026-27145. Immediate update advised.. ipp-usb security fix, fedora advisory, CVE-2026-27145. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 44 Caddy Critical Access Control and DoS Fix 2026-950cac64f2

Security update resolving 17 CVEs across both caddy itself and its vendored libraries.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-950cac64f2 2026-07-02 01:05:29.983957+00:00 -------------------------------------------------------------------------------- Name : caddy Product : Fedora 44 Version : 2.10.2 Release : 9.fc44 URL : https://caddyserver.com Summary : Web server with automatic HTTPS Description : Caddy is an extensible server platform that uses TLS by default. -------------------------------------------------------------------------------- Update Information: Security update resolving 17 CVEs across both caddy itself and its vendored libraries. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2026 Carl George - 2.10.2-9 - Port to new golang packaging guidelines - Backport upstream fix for CVE-2026-27585 - Backport upstream fix for CVE-2026-27586 - Backport upstream fix for CVE-2026-27587 - Backport upstream fix for CVE-2026-27588 - Backport upstream fix for CVE-2026-27589 - Backport upstream fix for CVE-2026-27590 - Backport upstream fix for CVE-2026-30851 - Backport upstream fix for CVE-2026-30852 - Update vendored github.com/quic-go/quic-go to v0.57.0 for CVE-2025-64702 - Update vendored golang.org/x/crypto to v0.52.0 for CVE-2025-47913, CVE-2026-39828, CVE-2026-39829, and CVE-2026-39830 - Update vendored github.com/smallstep/certificates to v0.30.0 for CVE-2025-44005 and CVE-2026-40097 - Update vendored github.com/go-chi/chi/v5 to v5.2.5 for CVE-2025-69725 - Update vendored github.com/yuin/goldmark/renderer/html to v1.7.17 for CVE-2026-5160 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2488094 - CVE-2026-30851 caddy: Caddy: Privilege escalation via identity injection due to unstripped client headers [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488094 [ 2 ] Bug #2488095 - CVE-2026-30852 caddy: Caddy: Information disclosure via double-expansion of user-controlled input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488095 [ 3 ] Bug #2488141 - CVE-2026-40097 caddy: Step CA: Denial of Service via crafted attestation key certificate [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488141 [ 4 ] Bug #2488502 - CVE-2026-27585 caddy: Caddy: Path security bypass due to unsanitized backslashes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488502 [ 5 ] Bug #2488503 - CVE-2026-27586 caddy: Caddy: Authentication bypass via mTLS client certificate validation failure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488503 [ 6 ] Bug #2488514 - CVE-2026-27587 caddy: Caddy: Access control bypass due to improper handling of percent-escape sequences in HTTP path matcher [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488514 [ 7 ] Bug #2488516 - CVE-2026-27588 caddy: Caddy: Access control bypass due to case-sensitive host matching [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488516 [ 8 ] Bug #2488517 - CVE-2026-27589 caddy: Caddy: Unauthorized configuration modification via cross-origin requests to the admin API [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488517 [ 9 ] Bug #2488518 - CVE-2026-27590 caddy: Caddy: Remote Code Execution via FastCGI path confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488518 [ 10 ] Bug #2488661 - CVE-2025-64702 caddy: quic-go HTTP/3 QPACK Header Expansion DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488661 [ 11 ] Bug #2488663 - CVE-2025-47913 caddy: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488663 [ 12 ] Bug #2488665 - CVE-2025-44005 caddy:github.com/smallstep/certificates: Authorization bypass allows unauthorized certificate creation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488665 [ 13 ] Bug #2488666 - CVE-2025-69725 caddy: Go-chi/chi: Open Redirect vulnerability allows redirection to malicious websites [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488666 [ 14 ] Bug #2488667 - CVE-2026-5160 caddy: github.com/yuin/goldmark/renderer/html: Cross-site Scripting due to improper URL validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2488667 [ 15 ] Bug #2489962 - CVE-2026-39828 caddy: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2489962 [ 16 ] Bug #2490067 - CVE-2026-39829 caddy: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490067 [ 17 ] Bug #2490486 - CVE-2026-39830 caddy: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490486 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-950cac64f2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. FedoraCode of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . The latest Fedora security update for Caddy addresses 17 critical CVEs, ensuring enhanced security for users.. Caddy Security Update, Fedora 44, Critical CVEs, Server Security, Denial of Service Fix. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 44 Rclone Critical Denial of Service Issues 2026-6145ae14ca

Update to 1.74.3. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6145ae14ca 2026-07-02 01:05:29.983954+00:00 -------------------------------------------------------------------------------- Name : rclone Product : Fedora 44 Version : 1.74.3 Release : 1.fc44 URL : https://github.com/rclone/rclone Summary : Rsync for cloud storage Description : "rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files. -------------------------------------------------------------------------------- Update Information: Update to 1.74.3 -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 6 2026 Packit - 1.74.3-1 - Update to 1.74.3 upstream release - Resolves: rhbz#2485621 * Sat May 23 2026 Packit - 1.74.2-1 - Update to 1.74.2 upstream release - Resolves: rhbz#2468412 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2486295 - CVE-2026-45287 rclone: OpenTelemetry-Go: Denial of Service due to file descriptor leak [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2486295 [ 2 ] Bug #2489905 - CVE-2026-39828 rclone: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2489905 [ 3 ] Bug #2490091 - CVE-2026-39829 rclone: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490091 [ 4 ] Bug #2490402 - CVE-2026-39830 rclone: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490402 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6145ae14ca' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update to rclone 1.74.3 addresses multiple critical issues, including denial of service vulnerabilities.. Fedora rclone update, cloud storage security, software advisory, application vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 44 opkssh Primary SSH Command Problems and Denial of Service Threats

Update bundled golang.org/x/crypto to 0.53.0. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-7794729685 2026-07-02 01:05:29.983902+00:00 -------------------------------------------------------------------------------- Name : opkssh Product : Fedora 44 Version : 0.14.0 Release : 3.fc44 URL : https://github.com/openpubkey/opkssh Summary : OpenPubkey SSH Description : OpenPubkey SSH is a tool which enables ssh to be used with OpenID Connect allowing SSH access to be managed via identities like This email address is being protected from spambots. You need JavaScript enabled to view it. instead of long-lived SSH keys. -------------------------------------------------------------------------------- Update Information: Update bundled golang.org/x/crypto to 0.53.0 -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 22 2026 Till Hofmann - 0.14.0-3 - Update bundled golang.org/x/crypto to 0.53.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2489950 - CVE-2026-39828 opkssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2489950 [ 2 ] Bug #2490498 - CVE-2026-39830 opkssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490498 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7794729685' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update for Fedora 44 addressing important security issues in opkssh. Critical updates for OpenPubkey SSH functionality.. Fedora Security Update, OpenPubkey SSH, opkssh, Denial of Service, Security Advisory. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
89

Fedora 44 Hut Update Security Advisory 2026-ed208f5337 CVE Fixes

Update! Close Go standard library CVE bugs that are solved by a rebuild. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-ed208f5337 2026-07-02 01:05:29.983895+00:00 -------------------------------------------------------------------------------- Name : hut Product : Fedora 44 Version : 0.8.0 Release : 1.fc44 URL : https://git.sr.ht/~xenrox/hut Summary : A CLI tool for Sourcehut Description : hut is a CLI tool for interacting with Sourcehut instances. It supports git.sr.ht as well as self-hosted Sourcehut instances. -------------------------------------------------------------------------------- Update Information: Update! Close Go standard library CVE bugs that are solved by a rebuild -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 23 2026 Javier Olaechea - 0.8.0-1 - Update to 0.8.0. Fixes rhbz#2451702. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2408304 - CVE-2025-58189 hut: go crypto/tls ALPN negotiation error contains attacker controlled information [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408304 [ 2 ] Bug #2408723 - CVE-2025-61725 hut: Excessive CPU consumption in ParseAddress in net/mail [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2408723 [ 3 ] Bug #2409777 - CVE-2025-61723 hut: Quadratic complexity when parsing some invalid inputs in encoding/pem [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2409777 [ 4 ] Bug #2410727 - CVE-2025-58185 hut: Parsing DER payload can cause memory exhaustion in encoding/asn1 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2410727 [ 5 ] Bug #2411623 - CVE-2025-58188 hut: Panic when validating certificates with DSA public keys in crypto/x509 [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2411623 [ 6 ] Bug #2412711- CVE-2025-58183 hut: Unbounded allocation when parsing GNU sparse map [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2412711 [ 7 ] Bug #2451702 - hut-0.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2451702 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ed208f5337' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Close Go standard library CVE bugs through a rebuild of hut in Fedora 44. Critical updates included.. Fedora security advisory,hut update,CVE fix,Fedora 44. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Fedora
202

openSUSE 2026-2720-1 dracut Important Remote Command Injection Risk

An update that solves one vulnerability can now be installed.. # Security update for dracut Announcement ID: SUSE-SU-2026:2720-1 Release Date: 2026-07-01T13:15:19Z Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for dracut fixes the following issue * CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: * Update to version 055+suse.365.g79144c5: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2720=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patchSUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2720=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2720=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2720=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2720=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2720=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2720=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2720=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2720=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * dracut-extra-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-tools-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 *dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise HighPerformance Computing LTSS 15 SP4 (aarch64 x86_64) * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6893.html * https://bugzilla.suse.com/show_bug.cgi?id=1268322 . Critical update for dracut resolving root code execution flaw, impacting multiple openSUSE and SUSE systems.. dracut update, root code execution, openSUSE security fix, CVE-2026-6893, SUSE advisory. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 OpenSUSE
100

SUSE dracut Important Root Code Execution Vulnern 2026-2720-1

An update that solves one vulnerability can now be installed.. # Security update for dracut Announcement ID: SUSE-SU-2026:2720-1 Release Date: 2026-07-01T13:15:19Z Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for dracut fixes the following issue * CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: * Update to version 055+suse.365.g79144c5: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2720=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patchSUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2720=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2720=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2720=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2720=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2720=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2720=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2720=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2720=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * dracut-extra-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-tools-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 *dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise HighPerformance Computing LTSS 15 SP4 (aarch64 x86_64) * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6893.html * https://bugzilla.suse.com/show_bug.cgi?id=1268322 . # Security update for dracut Announcement ID: SUSE-SU-2026:2720-1 Release Date: 2026-07-01T13:15:19Z. update, solves, vulnerability, installed, security, dracut, announcem. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here