Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 4,468 articles for you...
172
security advisorycriticalkernelUbuntu 22.04 LTS: USN-7608-4 critical: kernel system compromise
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7608-4 July 03, 2025 linux-aws-5.15, linux-intel-iot-realtime vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-intel-iot-realtime: Linux kernel for Intel IoT Real-time platforms - linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control; (CVE-2025-37890, CVE-2024-46787, CVE-2025-37798, CVE-2025-38000, CVE-2025-37932, CVE-2025-38001, CVE-2025-37997, CVE-2024-50047, CVE-2024-53051) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-1080-intel-iot-realtime 5.15.0-1080.82 Available with Ubuntu Pro linux-image-intel-iot-realtime 5.15.0.1080.84 Available with Ubuntu Pro linux-image-intel-iot-realtime-5.15 5.15.0.1080.84 Available with Ubuntu Pro Ubuntu 20.04 LTS linux-image-5.15.0-1087-aws 5.15.0-1087.94~20.04.1 Available with Ubuntu Pro linux-image-aws 5.15.0.1087.94~20.04.1 Available with Ubuntu Pro linux-image-aws-5.15 5.15.0.1087.94~20.04.1 Available with Ubuntu Pro After a standard systemupdate you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7608-4 https://ubuntu.com/security/notices/USN-7608-3 https://ubuntu.com/security/notices/USN-7608-2 https://ubuntu.com/security/notices/USN-7608-1 CVE-2024-46787, CVE-2024-50047, CVE-2024-53051, CVE-2025-37798, CVE-2025-37890, CVE-2025-37932, CVE-2025-37997, CVE-2025-38000, CVE-2025-38001 Package Information: . High-priority vulnerabilities addressed in the Ubuntu kernel. Upgrade advised for versions 20.04 and 22.04 LTS.. ubuntu kernel updates, security issues, linux system, ubuntu security, kernel vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
Jul 03, 2025
•Critical
Ubuntu
172
security advisoryinformation leakprivilege escalationUbuntu 22.04 LTS USN-7614-1 important: pcs information leak
Several security issues were fixed in pcs.. ========================================================================== Ubuntu Security Notice USN-7614-1 July 02, 2025 pcs vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in pcs. Software Description: - pcs: Pacemaker Configuration System Details: Cedric Buissart discovered that pcs did not correctly handle certain parameters. An attacker could possibly use this issue to leak sensitive information or elevate their privileges. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-1086) Ondrej Mular discovered that pcs did not correctly handle Unix socket permissions. An attacker could possibly use this issue to elevate their privileges. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-2735) It was discovered that pcs did not correctly handle PAM authentication. An attacker could possibly use this issue to bypass authentication mechanisms. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-1049) It was discovered that pcs did not correctly handle the validation of Node names. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-2661) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS pcs 0.10.11-2ubuntu3+esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS pcs 0.10.4-3ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS pcs 0.9.149-1ubuntu1.1+esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7614-1 CVE-2017-2661, CVE-2018-1086, CVE-2022-1049, CVE-2022-2735 . Multiple vulnerabilities in Ubuntu systems may pose risks of data breaches or unauthorized privilege escalations, highlighting the importance of timely system updates.. Ubuntu pcs security patch, Ubuntu 22.04 security, pcs vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Jul 03, 2025
•Important
Ubuntu
172
security advisorydenial of servicecriticalUbuntu 24.04 LTS USN-7613-1 critical: mongo-c-driver denial of service
Several security issues were fixed in mongo-c-driver.. ========================================================================== Ubuntu Security Notice USN-7613-1 July 02, 2025 mongo-c-driver vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in mongo-c-driver. Software Description: - mongo-c-driver: MongoDB driver for the C language Details: Karman Liu discovered that mongo-c-driver did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-6381) Karman Liu discovered that mongo-c-driver did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-6383, CVE-2025-0755) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS libbson-1.0-0t64 1.26.0-1.1ubuntu2+esm1 Available with Ubuntu Pro libbson-dev 1.26.0-1.1ubuntu2+esm1 Available with Ubuntu Pro libmongoc-1.0-0t64 1.26.0-1.1ubuntu2+esm1 Available with Ubuntu Pro libmongoc-dev 1.26.0-1.1ubuntu2+esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS libbson-1.0-0 1.21.0-1ubuntu0.1~esm1 Available with Ubuntu Pro libbson-dev 1.21.0-1ubuntu0.1~esm1 Available with Ubuntu Pro libmongoc-1.0-0 1.21.0-1ubuntu0.1~esm1 Available with Ubuntu Pro libmongoc-dev 1.21.0-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS libbson-1.0-0 1.16.1-1ubuntu0.1~esm1 Available with Ubuntu Pro libbson-dev 1.16.1-1ubuntu0.1~esm1 Available with Ubuntu Pro libmongoc-1.0-0 1.16.1-1ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7613-1 CVE-2024-6381, CVE-2024-6383, CVE-2025-0755 . Numerous vulnerabilities in mongo-c-driver demand immediate attention for those using Ubuntu. Mitigate risks now.. mongo-c-driver, ubuntu update, security patch, denial of service, arbitrary code execution. . Severity: Critical. LinuxSecurity.com Team
Jul 03, 2025
•Critical
Ubuntu
172
security advisorydenial of serviceimportantUbuntu 22.04 LTS USN-7616-1 important: logback denial of service
Several security issues were fixed in logback.. ========================================================================== Ubuntu Security Notice USN-7616-1 July 02, 2025 logback vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in logback. Software Description: - logback: A reliable, generic, fast and flexible logging library for Java Details: It was discovered that logback could read malicious configuration files from LDAP servers. An attacker with the required permissions could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-42550) It was discovered that logback contained a serialization vulnerability. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-6378) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS liblogback-java 1:1.2.10-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS liblogback-java 1:1.2.3-5ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS liblogback-java 1:1.2.3-2ubuntu1~18.04.1+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS liblogback-java 1:1.1.3-2ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7616-1 CVE-2021-42550, CVE-2023-6378 . Security alert USN-7617-1 outlines resolutions for log4j's severe vulnerabilities affecting multiple Ubuntu releases.. logback vulnerabilities, Ubuntu security, logginglibrary, security notice, denial of service. . Severity: Important. LinuxSecurity.com Team
Jul 03, 2025
•Important
Ubuntu
172
security advisorydenial of servicecriticalUbuntu 25.04: 7615-1 critical: ClamAV denial of service
Several security issues were fixed in ClamAV.. ========================================================================== Ubuntu Security Notice USN-7615-1 July 02, 2025 clamav vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in ClamAV. Software Description: - clamav: Anti-virus utility for Unix Details: It was discovered that ClamAV incorrectly handled scanning UDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2025-20234) It was discovered that ClamAV incorrectly handled scanning PDF files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2025-20260) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 clamav 1.4.3+dfsg-0ubuntu0.25.04.1 Ubuntu 24.10 clamav 1.4.3+dfsg-0ubuntu0.24.10.1 Ubuntu 24.04 LTS clamav 1.4.3+dfsg-0ubuntu0.24.04.1 Ubuntu 22.04 LTS clamav 1.4.3+dfsg-0ubuntu0.22.04.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7615-1 CVE-2025-20234, CVE-2025-20260 Package Information: https://launchpad.net/ubuntu/+source/clamav/1.4.3+dfsg-0ubuntu0.25.04.1 https://launchpad.net/ubuntu/+source/clamav/1.4.3+dfsg-0ubuntu0.24.10.1 https://launchpad.net/ubuntu/+source/clamav/1.4.3+dfsg-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/clamav/1.4.3+dfsg-0ubuntu0.22.04.1 . Several security patches for ClamAV in Ubuntu mitigate denial of service vulnerabilities andgreatly enhance overall system security.. Ubuntu clamav security update, ClamAV denial of service, Ubuntu security notice, ClamAV vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
Jul 02, 2025
•Critical
Ubuntu
172
security advisorycriticalubuntuUbuntu 24.10: USN-7610-1 critical: linux kernel security issues
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7610-1 July 01, 2025 linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-realtime: Linux kernel for Real-time systems - linux-gcp-6.11: Linux kernel for Google Cloud Platform (GCP) systems - linux-hwe-6.11: Linux hardware enablement (HWE) kernel Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; (CVE-2025-38001, CVE-2025-37997, CVE-2025-37798, CVE-2025-38000, CVE-2025-37932, CVE-2025-37890) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 linux-image-6.11.0-1012-realtime 6.11.0-1012.12 linux-image-6.11.0-1015-raspi 6.11.0-1015.15 linux-image-6.11.0-1016-aws 6.11.0-1016.17 linux-image-6.11.0-1017-gcp 6.11.0-1017.17 linux-image-6.11.0-1017-gcp-64k 6.11.0-1017.17 linux-image-6.11.0-1018-oracle 6.11.0-1018.19 linux-image-6.11.0-1018-oracle-64k 6.11.0-1018.19 linux-image-6.11.0-29-generic 6.11.0-29.29 linux-image-6.11.0-29-generic-64k 6.11.0-29.29 linux-image-aws 6.11.0-1016.17 linux-image-aws-6.11 6.11.0-1016.17 linux-image-gcp 6.11.0-1017.17 linux-image-gcp-6.11 6.11.0-1017.17 linux-image-gcp-64k 6.11.0-1017.17 linux-image-gcp-64k-6.11 6.11.0-1017.17 linux-image-generic 6.11.0-29.29 linux-image-generic-6.11 6.11.0-29.29 linux-image-generic-64k 6.11.0-29.29 linux-image-generic-64k-6.11 6.11.0-29.29 linux-image-oracle 6.11.0-1018.19 linux-image-oracle-6.11 6.11.0-1018.19 linux-image-oracle-64k 6.11.0-1018.19 linux-image-oracle-64k-6.11 6.11.0-1018.19 linux-image-raspi 6.11.0-1015.15 linux-image-raspi-6.11 6.11.0-1015.15 linux-image-realtime 6.11.0-1012.12 linux-image-realtime-6.11 6.11.0-1012.12 linux-image-virtual 6.11.0-29.29 linux-image-virtual-6.11 6.11.0-29.29 Ubuntu 24.04 LTS linux-image-6.11.0-1017-gcp 6.11.0-1017.17~24.04.1 linux-image-6.11.0-1017-gcp-64k 6.11.0-1017.17~24.04.1 linux-image-6.11.0-29-generic 6.11.0-29.29~24.04.1 linux-image-6.11.0-29-generic-64k 6.11.0-29.29~24.04.1 linux-image-gcp 6.11.0-1017.17~24.04.1 linux-image-gcp-6.11 6.11.0-1017.17~24.04.1 linux-image-gcp-64k 6.11.0-1017.17~24.04.1 linux-image-gcp-64k-6.11 6.11.0-1017.17~24.04.1 linux-image-generic-6.11 6.11.0-29.29~24.04.1 linux-image-generic-64k-6.11 6.11.0-29.29~24.04.1 linux-image-generic-64k-hwe-24.04 6.11.0-29.29~24.04.1 linux-image-generic-hwe-24.04 6.11.0-29.29~24.04.1 linux-image-virtual-6.11 6.11.0-29.29~24.04.1 linux-image-virtual-hwe-24.04 6.11.0-29.29~24.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstallall third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7610-1 CVE-2025-37798, CVE-2025-37890, CVE-2025-37932, CVE-2025-37997, CVE-2025-38000, CVE-2025-38001 Package Information: https://launchpad.net/ubuntu/+source/linux/6.11.0-29.29 https://launchpad.net/ubuntu/+source/linux-aws/6.11.0-1016.17 https://launchpad.net/ubuntu/+source/linux-gcp/6.11.0-1017.17 https://launchpad.net/ubuntu/+source/linux-oracle/6.11.0-1018.19 https://launchpad.net/ubuntu/+source/linux-raspi/6.11.0-1015.15 https://launchpad.net/ubuntu/+source/linux-realtime/6.11.0-1012.12 https://launchpad.net/ubuntu/+source/linux-gcp-6.11/6.11.0-1017.17~24.04.1 https://launchpad.net/ubuntu/+source/linux-hwe-6.11/6.11.0-29.29~24.04.1 . Multiple vulnerabilities addressed in the Linux kernel impacting Ubuntu 24.10 and 24.04 LTS. Prompt measures advised.. ubuntu security, linux kernel update, kernel vulnerabilities, system security, security issues. . Severity: Critical. LinuxSecurity.com Team
Jul 02, 2025
•Critical
Ubuntu
172
security advisorycriticalubuntuUbuntu 24.04 LTS USN-7609-2 critical: linux-realtime kernel issues
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7609-2 July 01, 2025 linux-realtime, linux-raspi-realtime vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-raspi-realtime: Linux kernel for Raspberry Pi Real-time systems - linux-realtime: Linux kernel for Real-time systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Netfilter; - Network traffic control; (CVE-2025-38001, CVE-2025-37798, CVE-2025-37932, CVE-2025-37997, CVE-2025-38000, CVE-2025-22088, CVE-2025-37890) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.8.0-2025-raspi-realtime 6.8.0-2025.26 Available with Ubuntu Pro linux-image-6.8.1-1024-realtime 6.8.1-1024.25 Available with Ubuntu Pro linux-image-raspi-realtime 6.8.0-2025.26 Available with Ubuntu Pro linux-image-raspi-realtime-6.8 6.8.0-2025.26 Available with Ubuntu Pro linux-image-realtime 6.8.1-1024.25 Available with Ubuntu Pro linux-image-realtime-6.8.1 6.8.1-1024.25 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number,which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7609-2 https://ubuntu.com/security/notices/USN-7609-1 CVE-2025-22088, CVE-2025-37798, CVE-2025-37890, CVE-2025-37932, CVE-2025-37997, CVE-2025-38000, CVE-2025-38001 Package Information: . Important security patches for Ubuntu kernel fix various vulnerabilities in networking and drivers. Prompt response needed!. Ubuntu kernel security, realtime vulnerabilities, network control updates. . Severity: Critical. LinuxSecurity.com Team
Jul 02, 2025
•Critical
Ubuntu
172
security advisoryarbitrary code executionimportantUbuntu 24.04 LTS: USN-7603-1 severe: composer code execution risk
Several security issues were fixed in Composer.. ========================================================================== Ubuntu Security Notice USN-7603-1 June 30, 2025 composer vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Composer. Software Description: - composer: Dependency Manager for PHP Details: Thomas Chauchefoin discovered that Composer did not correctly handle certain arguments. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24828, CVE-2023-43655) Ed Cradock discovered that Composer did not correctly handle the exclusion of certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2024-24821) Martin Haunschmid discovered that Composer did not correctly handle git branch names. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-35241) Maciej Piechota discovered that Composer did not correctly handle VCS branch names. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-35242) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS composer 2.7.1-2ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS composer 2.2.6-2ubuntu4+esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS composer 1.10.1-1ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS composer 1.6.3-1ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS composer 1.0.0~beta2-1ubuntu0.1~esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7603-1 CVE-2022-24828, CVE-2023-43655, CVE-2024-24821, CVE-2024-35241, CVE-2024-35242 . Numerous vulnerabilities in Composer for Ubuntu editions present significant dangers necessitating prompt upgrades.. Ubuntu Composer security Arbitrary code execution. . Severity: Critical. LinuxSecurity.com Team
Jul 02, 2025
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!