Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 728
Alerts This Week
Warning Icon 1 728

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":1,"type":"x","order":3,"pct":100,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9,991 articles for you...
202

openSUSE Tumbleweed python313-dulwich Moderate Threat Advisory 2026-11190-1

An update that solves 2 vulnerabilities can now be installed.. # python313-dulwich-1.2.7-1.1 on GA media Announcement ID: openSUSE-SU-2026:11190-1 Rating: moderate Cross-References: * CVE-2015-0838 * CVE-2017-16228 CVSS scores: * CVE-2017-16228 ( SUSE ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the python313-dulwich-1.2.7-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python313-dulwich 1.2.7-1.1 * python314-dulwich 1.2.7-1.1 ## References: * https://www.suse.com/security/cve/CVE-2015-0838.html * https://www.suse.com/security/cve/CVE-2017-16228.html . This advisory highlights an update for python313-dulwich fixing two moderate severity vulnerabilities on openSUSE Tumbleweed.. openSUSE Tumbleweed, python313-dulwich, moderate vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Jul 07, 2026 OpenSUSE
202

openSUSE Tumbleweed gi-docgen Moderate Vulnerability CVE-2025-11687

An update that solves one vulnerability can now be installed.. # gi-docgen-2026.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:11185-1 Rating: moderate Cross-References: * CVE-2025-11687 CVSS scores: * CVE-2025-11687 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L * CVE-2025-11687 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the gi-docgen-2026.1-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * gi-docgen 2026.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11687.html . An update for gi-docgen fixes a moderate security issue in openSUSE Tumbleweed, CVE-2025-11687.. openSUSE Tumbleweed, gi-docgen security, CVE-2025-11687. . LinuxSecurity.com Team

Calendar%202 Jul 07, 2026 OpenSUSE
202

openSUSE helm Moderate Security CVE-2026-48978 Advisory 2026-11186-1

An update that solves one vulnerability can now be installed.. # helm-4.2.2-2.1 on GA media Announcement ID: openSUSE-SU-2026:11186-1 Rating: moderate Cross-References: * CVE-2026-48978 CVSS scores: * CVE-2026-48978 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-48978 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the helm-4.2.2-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * helm 4.2.2-2.1 * helm-bash-completion 4.2.2-2.1 * helm-fish-completion 4.2.2-2.1 * helm-zsh-completion 4.2.2-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-48978.html . An important openSUSE advisory addressing a moderate risk vulnerability in helm, requiring updates for system integrity.. openSUSE, helm, security update, moderate risk, patch. . LinuxSecurity.com Team

Calendar%202 Jul 07, 2026 OpenSUSE
100

SUSE Perl-Cpanel-JSON-XS Key Type Confusion Denial of Service 2026-2782-1

An update that solves two vulnerabilities can now be installed.. # Security update for perl-Cpanel-JSON-XS Announcement ID: SUSE-SU-2026:2782-1 Release Date: 2026-07-06T18:01:58Z Rating: important References: * bsc#1267546 * bsc#1267547 Cross-References: * CVE-2026-9334 * CVE-2026-9516 CVSS scores: * CVE-2026-9334 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-9334 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-9334 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-9516 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-9516 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-9516 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for perl-Cpanel-JSON-XS fixes the following issues * CVE-2026-9334: type confusion via duplicate object keys when `dupkeys_as_arrayref` is enabled (bsc#1267546). * CVE-2026-9516: denial of service via UTF-8 BOM prefixed input when a decode filter callback throws (bsc#1267547). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-2782=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * perl-Cpanel-JSON-XS-debuginfo-4.380.0-150700.3.6.1 * perl-Cpanel-JSON-XS-4.380.0-150700.3.6.1 * perl-Cpanel-JSON-XS-debugsource-4.380.0-150700.3.6.1 ##References: * https://www.suse.com/security/cve/CVE-2026-9334.html * https://www.suse.com/security/cve/CVE-2026-9516.html * https://bugzilla.suse.com/show_bug.cgi?id=1267546 * https://bugzilla.suse.com/show_bug.cgi?id=1267547 . Critical security update for perl-Cpanel-JSON-XS addressing two vulnerabilities and impacting SUSE systems effectively.. SUSE Linux Enterprise, perl-Cpanel-JSON-XS, security update, JSON parsing, software vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Jul 07, 2026 SuSE
217

Oracle Linux 8 Ruby Important DoS Fixes Advisory ELSA-2026-33515

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-33515 http://linux.oracle.com/errata/ELSA-2026-33515.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm ruby-default-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm ruby-doc-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-bundler-2.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-irb-1.13.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-minitest-5.20.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.x86_64.rpm rubygem-mysql2-doc-0.5.5-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.x86_64.rpm rubygem-pg-doc-1.5.4-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-power_assert-2.0.3-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-rake-13.1.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.i686.rpm rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm rubygem-rdoc-6.6.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rexml-3.4.4-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rss-0.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-devel-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-test-unit-3.6.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-typeprof-0.21.9-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.i686.rpm ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.x86_64.rpm aarch64: ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm ruby-bundled-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm ruby-default-gems-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-devel-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm ruby-doc-3.3.10-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-abrt-doc-0.4.0-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-bigdecimal-3.1.5-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-bundler-2.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-io-console-0.7.1-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-irb-1.13.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-json-2.7.2-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-minitest-5.20.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm rubygem-mysql2-doc-0.5.5-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.aarch64.rpm rubygem-pg-doc-1.5.4-1.module+el8.10.0+90287+d51aa4ed.noarch.rpm rubygem-power_assert-2.0.3-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-psych-5.1.2-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-racc-1.7.3-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-rake-13.1.0-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rbs-3.4.0-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm rubygem-rdoc-6.6.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rexml-3.4.4-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-rss-0.3.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygems-devel-3.5.22-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-test-unit-3.6.1-7.module+el8.10.0+90936+88c9ba90.noarch.rpm rubygem-typeprof-0.21.9-7.module+el8.10.0+90936+88c9ba90.noarch.rpm ruby-libs-3.3.10-7.module+el8.10.0+90936+88c9ba90.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/ruby-3.3.10-7.module+el8.10.0+90936+88c9ba90.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-abrt-0.4.0-1.module+el8.10.0+90287+d51aa4ed.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-mysql2-0.5.5-1.module+el8.10.0+90287+d51aa4ed.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/rubygem-pg-1.5.4-1.module+el8.10.0+90287+d51aa4ed.src.rpm Related CVEs: CVE-2026-42245 CVE-2026-42246 CVE-2026-42258 Description of changes: ruby [3.3.10-7] - Fix DoS via crafted IMAP responses in net-imap. (CVE-2026-42245) Resolves: RHEL-181682 - Fix information disclosure via MITM attack bypassing TLS in net-imap. (CVE-2026-42246) Resolves: RHEL-181759 - Fix command injection via Symbol arguments in net-imap. (CVE-2026-42258) Resolves: RHEL-181791 rubygem-abrt [0.4.0-1] - Update to abrt 0.4.0. Resolves: rhbz#1842476 rubygem-mysql2 [0.5.5-1] - Upgrade to mysql2 0.5.5. Related: RHEL-17090 rubygem-pg [1.5.4-1] - Upgrade to pg 1.5.4. Related: RHEL-17090 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Stay updated on Oracle Linux Security Advisory ELSA-2026-33515 for Ruby 3.3 critical fixes and upgrades.. Oracle Linux Ruby Security Update DoS Threat. . LinuxSecurity.com Team

Calendar%202 Jul 07, 2026 Oracle
217

Oracle Linux 8 Kernel Important Threats Advisory ELSA-2026-50374

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50374 http://linux.oracle.com/errata/ELSA-2026-50374.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: aarch64: kernel-uek-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-debug-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-debug-devel-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-devel-5.4.17-2136.357.3.1.el8uek.aarch64.rpm kernel-uek-doc-5.4.17-2136.357.3.1.el8uek.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.357.3.1.el8uek.src.rpm Related CVEs: CVE-2022-50073 CVE-2025-10263 CVE-2026-31504 CVE-2026-31657 CVE-2026-43037 CVE-2026-46331 CVE-2026-52943 CVE-2026-53359 Description of changes: [5.4.17-2136.357.3.1] - KVM: x86: Fix shadow paging use-after-free due to unexpected role (Paolo Bonzini) [Orabug: 39673892] - KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (Sean Christopherson) [Orabug: 39673892] - KVM: x86/MMU: Recursively zap nested TDP SPs when zapping last/only parent (Ben Gardon) [Orabug: 39673892] - KVM: x86/mmu: Move flush logic from mmu_page_zap_pte() to FNAME(invlpg) (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: pull call to drop_large_spte() into __link_shadow_page() (Paolo Bonzini) [Orabug: 39673892] - KVM: x86/mmu: Passing up the error state of mmu_alloc_shadow_roots() (Like Xu) [Orabug: 39673892] - KVM: MMU: load PDPTRs outside mmu_lock (Paolo Bonzini) [Orabug: 39673892] - KVM: x86/mmu: Check PDPTRs before allocating PAE roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Always pass 0 for @quadrant when gptes are 8 bytes (David Matlack) [Orabug: 39673892] - KVM: x86/mmu: Derive shadow MMU page role from parent (David Matlack) [Orabug: 39673892] - KVM: X86: Remove useless code to set role.gpte_is_8_bytes when role.direct (Lai Jiangshan) [Orabug: 39673892] - KVM: X86: Synchronize the shadowpagetable before link it (Lai Jiangshan) [Orabug: 39673892] - KVM: X86: Fix missed remote tlb flush in rmap_write_protect() (Lai Jiangshan) [Orabug: 39673892] - KVM: x86/mmu: Refactor shadow walk in __direct_map() to reduce indentation (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Stop passing "direct" to mmu_alloc_root() (David Matlack) [Orabug: 39673892] - KVM: x86/mmu: Use a bool for direct (David Matlack) [Orabug: 39673892] - kvm: mmu: Replace unsigned with unsigned int for PTE access (Ben Gardon) [Orabug: 39673892] - KVM: x86/mmu: Ensure MMU pages are available when allocating roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Allocate pae_root and lm_root pages in dedicated helper (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Allocate the lm_root before allocating PAE roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Capture 'mmu' in a local variable when allocating roots (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Alloc page for PDPTEs when shadowing 32-bit NPT with 64-bit (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Stash 'kvm' in a local variable in kvm_mmu_free_roots() (Sean Christopherson) [Orabug: 39673892] - KVM: x86/mmu: Add a helper to consolidate root sp allocation (Sean Christopherson) [Orabug: 39673892] - net/sched: act_pedit: fix action bind logic (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: free pedit keys on bail from offset check (Pedro Tammela) [Orabug: 39680880] - net/sched: fix pedit partial COW leading to page cache corruption (Rajat Gupta) [Orabug: 39680880] {CVE-2026-46331} - net/sched: act_pedit: Parse L3 Header for L4 offset (Max Tottenham) [Orabug: 39680880] - net/sched: act_pedit: rate limit datapath messages (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: check static offsets a priori (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: remove extra check for key type (Pedro Tammela) [Orabug: 39680880] - net/sched: simplify tcf_pedit_act (Pedro Tammela) [Orabug: 39680880] - net/sched: transition act_pedit to rcu and percpu stats (Pedro Tammela) [Orabug: 39680880] - net/sched: act_pedit: use NLA_POLICY for parsing 'ex' keys (Pedro Tammela) [Orabug: 39680880] [5.4.17-2136.357.3] - net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39619389] {CVE-2026-52943} [5.4.17-2136.357.2] - net: fix fanout UAF in packet_release() via NETDEV_UP race (Yochai Eisenrich) [Orabug: 39250953] {CVE-2026-31504} - x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers (Dan Williams) [Orabug: 39429802] - x86/kaslr: Reduce KASLR entropy on most x86 systems (Balbir Singh) [Orabug: 39429802] - net: tap: NULL pointer derefence in dev_parse_header_protocol when skb-> dev is null (Cezar Bulinaru) [Orabug: 39526882] {CVE-2022-50073} - arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39548666] {CVE-2025-10263} - arm64: tlb: Add ARM64_WORKAROUND_REPEAT_TLBI_SYNC (Mark Rutland) [Orabug: 39548666] - ARM: uek: Disable CONFIG_QCOM_FALKOR_ERRATUM_1003 (Boris Ostrovsky) [Orabug: 39548666] - arm64: tlb: allow XZR argument to TLBI ops (Mark Rutland) [Orabug: 39548666] - arm64: cputype: Add C1-Premium definitions (Mark Rutland) [Orabug: 39548666] - arm64: cputype: Add C1-Ultra definitions (Mark Rutland) [Orabug: 39548666] - ip6_tunnel: clear skb2-> cb[] in ip4ip6_err() (Eric Dumazet) [Orabug: 39300926] {CVE-2026-43037} [5.4.17-2136.357.1] - batman-adv: hold claim backbone gateways by reference (Haoze Xie) [Orabug: 39262375] {CVE-2026-31657} - scsi: fcoe: Reject FIP descriptors with zero fip_dlen in CVL walker (Michael Bommarito) [Orabug: 39446045] - scsi: target: iscsi: Fix CRC overread and double-free in iscsit_handle_text_cmd() (Michael Bommarito) [Orabug: 39446045] - scsi: target: iscsi: Bound iscsi_encode_text_output() appends to rsp_buf (Michael Bommarito) [Orabug: 39446045] - rds: Drop rds conn in connect worker if not in down state. (Rohit Nair) [Orabug: 39152239] [5.4.17-2136.356.4.1] -smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669] {CVE-2026-46243} [5.4.17-2136.356.4] - tun: free page on build_skb failure in tun_xdp_one() (Weiming Shi) [Orabug: 39429147] - tap: free page on error paths in tap_get_user_xdp() (Weiming Shi) [Orabug: 39429147] - tun: free page on short-frame rejection in tun_xdp_one() (Weiming Shi) [Orabug: 39429147] [5.4.17-2136.356.3] - ptrace: slightly saner 'get_dumpable()' logic (Linus Torvalds) [Orabug: 39384275,39391459] {CVE-2026-46333} - net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug: 39368828,39441326] {CVE-2026-43503,CVE-2026-46300} - net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368828] {CVE-2026-46300} [5.4.17-2136.356.2] - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Jeff Layton) [Orabug: 39167617,39368718] {CVE-2026-31402} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (Maurizio Lombardi) [Orabug: 38985173,39368732] {CVE-2026-23216} - scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (Maurizio Lombardi) [Orabug: 38970455,39368774] {CVE-2026-23193} - xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39334580,39367147] {CVE-2026-43284} - x86/CPU/AMD: Add a fix for AMD-SB-7052 (Prathyushi Nangia) [Orabug: 39218897] {CVE-2025-54518} [5.4.17-2136.356.1] - arm64/kvm: Include linux/random.h in trng.c (Siddh Raman Pant) [Orabug: 39327096] - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Tam Nguyen) [Orabug: 39174662] - i2c: designware: Handle invalid SMBus block data response length value (Tam Nguyen) [Orabug: 39174662] - i2c: designware: fix __i2c_dw_disable() in case master is holding SCL low (Yann Sionneau) [Orabug: 39174662] [5.4.17-2136.355.3] - crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [Orabug: 39250687,39331106] {CVE-2026-43077} - crypto: af_alg - Fix page reassignmentoverflow in af_alg_pull_tsgl (Herbert Xu) [Orabug: 39250687,39331111] {CVE-2026-43078} - crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [Orabug: 39250687] - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [Orabug: 39250687,39300911] {CVE-2026-43033} - crypto: authenc - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] - crypto: algif_aead - snapshot IV for async AEAD requests (Douya Le) [Orabug: 39250687,39452217] {CVE-2026-46028} - crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [Orabug: 39250687,39283868,39292250] {CVE-2026-31431} - crypto: algif_aead - use memcpy_sglist() instead of null skcipher (Eric Biggers) [Orabug: 39250687] {CVE-2026-31431} - crypto: scatterwalk - Backport memcpy_sglist() (Eric Biggers) [Orabug: 39250687] - crypto: doc - fix kernel-doc notation in chacha.c and af_alg.c (Randy Dunlap) [Orabug: 39250687] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Advisory ELSA-2026-50374 addresses important updates for kernel vulnerabilities, enhancing system security.. Oracle Linux security advisory, kernel updates, ELSA-2026-50374. . LinuxSecurity.com Team

Calendar%202 Jul 07, 2026 Oracle
89

Fedora 43 kernel-headers 7.1.3 Significant CVE-2026-53359 Resolution

The 7.1.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree. This also has a fix for CVE-2026-53359. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-c3e2e91b4d 2026-07-07 01:08:27.509786+00:00 -------------------------------------------------------------------------------- Name : kernel-headers Product : Fedora 43 Version : 7.1.3 Release : 100.fc43 URL : http://www.kernel.org/ Summary : Header files for the Linux kernel for use by glibc Description : Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. -------------------------------------------------------------------------------- Update Information: The 7.1.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree. This also has a fix for CVE-2026-53359 -------------------------------------------------------------------------------- ChangeLog: * Sun Jul 5 2026 Justin M. Forbes - 7.1.3-1 - Linux v7.1.3 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c3e2e91b4d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 43 kernel-headers 7.1.3 update fixes CVE-2026-53359, enhancing system security and stability.. Fedora kernel security updates CVE-2026-53359 kernel-headers. . LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Fedora
89

Fedora 43 Kernel 7.1.3 Important CVE-2026-53359 Security Update

The 7.1.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree. This also has a fix for CVE-2026-53359. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-c3e2e91b4d 2026-07-07 01:08:27.509786+00:00 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 43 Version : 7.1.3 Release : 100.fc43 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 7.1.3 stable kernel rebase contains new features, improved hardware support, and a number of important fixes across the tree. This also has a fix for CVE-2026-53359 -------------------------------------------------------------------------------- ChangeLog: * Sat Jul 4 2026 Justin M. Forbes [7.1.3-1] - Linux v7.1.3 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c3e2e91b4d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Kernel 7.1.3 for Fedora 43 includes new features and crucial fixes for CVE-2026-53359. Ensure timely updates to maintain system integrity.. Fedora 43 Kernel 7.1.3 Update, System Security Fixes, CVE-2026-53359 Resolution. . LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":1,"type":"x","order":3,"pct":100,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200