Security
Security
This page lists all security advisories that were released by the Gentoo security team. For more information, please visit our distribution's security overview.
| ID | Title |
|---|---|
| 202412-20 | NVIDIA Drivers: Privilege Escalation |
| 202412-19 | eza: Arbitrary Code Execution |
| 202412-18 | Distrobox: Arbitrary Code Execution |
| 202412-17 | idna: Denial of Service |
| 202412-16 | libvirt: Multiple Vulnerabilities |
| 202412-15 | OpenSC: Multiple Vulnerabilities |
| 202412-14 | HashiCorp Consul: Multiple Vulnerabilities |
| 202412-13 | Spidermonkey: Multiple Vulnerabilities |
| 202412-12 | PostgreSQL: Multiple Vulnerabilities |
| 202412-11 | OATH Toolkit: Privilege Escalation |
| 202412-10 | Dnsmasq: Multiple Vulnerabilities |
| 202412-09 | Salt: Multiple Vulnerabilities |
| 202412-08 | icinga2: Multiple Vulnerabilities |
| 202412-07 | OpenJDK: Multiple Vulnerabilities |
| 202412-06 | Mozilla Thunderbird: Multiple Vulnerabilities |
| 202412-05 | Chromium, Google Chrome, Microsoft Edge. Opera: Multiple Vulnerabilities |
| 202412-04 | Mozilla Firefox: Multiple Vulnerabilities |
| 202412-03 | Asterisk: Multiple Vulnerabilities |
| 202412-02 | Cacti: Multiple Vulnerabilities |
| 202412-01 | R: Arbitrary Code Execution |
| 202411-09 | Perl: Multiple Vulnerabilities |
| 202411-08 | X.Org X server, XWayland: Multiple Vulnerabilities |
| 202411-07 | Pillow: Arbitrary code execution |
| 202411-06 | GnuTLS: Multiple Vulnerabilities |
| 202411-05 | libgit2: Multiple Vulnerabilities |
| 202411-04 | EditorConfig core C library: arbitrary stack write |
| 202411-03 | Ubiquiti UniFi: Privilege Escalation |
| 202411-02 | Flatpak: Sandbox Escape |
| 202411-01 | Neat VNC: Authentication Bypass |
| 202409-32 | nginx: Multiple Vulnerabilities |
| 202409-31 | Apache HTTPD: Multiple Vulnerabilities |
| 202409-30 | yt-dlp: Multiple Vulnerabilities |
| 202409-29 | Docker: Multiple Vulnerabilities |
| 202409-28 | HashiCorp Consul: Multiple Vulnerabilities |
| 202409-27 | tmux: Null Pointer Dereference |
| 202409-26 | IcedTea: Multiple Vulnerabilities |
| 202409-25 | Xpdf: Multiple Vulnerabilities |
| 202409-24 | Tor: Multiple Vulnerabilities |
| 202409-23 | ZNC: Remote Code Execution |
| 202409-22 | GCC: Flawed Code Generation |
| 202409-21 | Hunspell: Multiple Vulnerabilities |
| 202409-20 | curl: Multiple Vulnerabilities |
| 202409-19 | Emacs, org-mode: Command Execution Vulnerability |
| 202409-18 | liblouis: Multiple Vulnerabilities |
| 202409-17 | VLC: Multiple Vulnerabilities |
| 202409-16 | Slurm: Multiple Vulnerabilities |
| 202409-15 | stb: Multiple Vulnerabilities |
| 202409-14 | Mbed TLS: Multiple Vulnerabilities |
| 202409-13 | gst-plugins-good: Multiple Vulnerabilities |
| 202409-12 | pypy, pypy3: Multiple Vulnerabilities |
| 202409-11 | Oracle VirtualBox: Multiple Vulnerabilities |
| 202409-10 | Xen: Multiple Vulnerabilities |
| 202409-09 | Exo: Arbitrary Code Execution |
| 202409-08 | OpenVPN: Multiple Vulnerabilities |
| 202409-07 | Rust: Multiple Vulnerabilities |
| 202409-06 | file: Stack Buffer Overread |
| 202409-05 | PJSIP: Heap Buffer Overflow |
| 202409-04 | calibre: Multiple Vulnerabilities |
| 202409-03 | GPL Ghostscript: Multiple Vulnerabilities |
| 202409-02 | PostgreSQL: Privilege Escalation |
| 202409-01 | Portage: Unverified PGP Signatures |
| 202408-33 | protobuf-c: Multiple Vulnerabilities |
| 202408-32 | PHP: Multiple Vulnerabilities |
| 202408-31 | protobuf, protobuf-python: Denial of Service |
| 202408-30 | dpkg: Directory Traversal |
| 202408-29 | MuPDF: Multiple Vulnerabilities |
| 202408-28 | rsyslog: Heap Buffer Overflow |
| 202408-27 | AFLplusplus: Arbitrary Code Execution |
| 202408-26 | matio: Multiple Vulnerabilities |
| 202408-25 | runc: Multiple Vulnerabilities |
| 202408-24 | Ruby on Rails: Remote Code Execution |
| 202408-23 | GnuPG: Multiple Vulnerabilities |
| 202408-22 | Bundler: Multiple Vulnerabilities |
| 202408-21 | GPAC: Multiple Vulnerabilities |
| 202408-20 | libde265: Multiple Vulnerabilities |
| 202408-19 | ncurses: Multiple Vulnerabilities |
| 202408-18 | QEMU: Multiple Vulnerabilities |
| 202408-17 | Nautilus: Denial of Service |
| 202408-16 | re2c: Denial of Service |
| 202408-15 | Percona XtraBackup: Multiple Vulnerabilities |
| 202408-14 | Librsvg: Arbitrary File Read |
| 202408-13 | Nokogiri: Denial of Service |
| 202408-12 | Bitcoin: Denial of Service |
| 202408-11 | aiohttp: Multiple Vulnerabilities |
| 202408-10 | nghttp2: Multiple Vulnerabilities |
| 202408-09 | Cairo: Multiple Vulnerabilities |
| 202408-08 | json-c: Buffer Overflow |
| 202408-07 | Go: Multiple Vulnerabilities |
| 202408-06 | PostgreSQL: Multiple Vulnerabilities |
| 202408-05 | Redis: Multiple Vulnerabilities |
| 202408-04 | Levenshtein: Remote Code Execution |
| 202408-03 | libXpm: Multiple Vulnerabilities |
| 202408-02 | Mozilla Firefox: Multiple Vulnerabilities |
| 202408-01 | containerd: Multiple Vulnerabilities |
| 202407-28 | Freenet: Deanonymization Vulnerability |
| 202407-27 | ExifTool: Multiple vulnerabilities |
| 202407-26 | Dmidecode: Privilege Escalation |
| 202407-25 | Buildah: Multiple Vulnerabilities |
| 202407-24 | HarfBuzz: Denial of Service |
| 202407-23 | LIVE555 Media Server: Multiple Vulnerabilities |
| 202407-22 | Mozilla Firefox: Multiple Vulnerabilities |
| 202407-21 | X.Org X11 library: Multiple Vulnerabilities |
| 202407-20 | KDE Plasma Workspaces: Privilege Escalation |
| 202407-19 | Mozilla Thunderbird: Multiple Vulnerabilities |
| 202407-18 | Stellarium: Arbitrary File Write |
| 202407-17 | BusyBox: Multiple Vulnerabilities |
| 202407-16 | GNU Coreutils: Buffer Overflow Vulnerability |
| 202407-15 | GraphicsMagick: Multiple Vulnerabilities |
| 202407-14 | TigerVNC: Multiple Vulnerabilities |
| 202407-13 | WebKitGTK+: Multiple Vulnerabilities |
| 202407-12 | podman: Multiple Vulnerabilities |
| 202407-11 | PuTTY: Multiple Vulnerabilities |
| 202407-10 | Sofia-SIP: Multiple Vulnerabilities |
| 202407-09 | OpenSSH: Remote Code Execution |
| 202407-08 | GNU Emacs, Org Mode: Multiple Vulnerabilities |
| 202407-07 | cpio: Arbitrary Code Execution |
| 202407-06 | cryptography: Multiple Vulnerabilities |
| 202407-05 | SSSD: Command Injection |
| 202407-04 | Pixman: Heap Buffer Overflow |
| 202407-03 | Liferea: Remote Code Execution |
| 202407-02 | SDL_ttf: Arbitrary Memory Write |
| 202407-01 | Zsh: Prompt Expansion Vulnerability |
| 202406-06 | GStreamer, GStreamer Plugins: Multiple Vulnerabilities |
| 202406-05 | JHead: Multiple Vulnerabilities |
| 202406-04 | LZ4: Memory Corruption |
| 202406-03 | RDoc: Remote Code Execution |
| 202406-02 | Flatpak: Sandbox Escape |
| 202406-01 | GLib: Privilege Escalation |
| 202405-33 | PoDoFo: Multiple Vulnerabilities |
| 202405-32 | Mozilla Thunderbird: Multiple Vulnerabilities |
| 202405-31 | Kubelet: Privilege Escalation |
| 202405-30 | Rebar3: Command Injection |
| 202405-29 | Node.js: Multiple Vulnerabilities |
| 202405-28 | NVIDIA Drivers: Multiple Vulnerabilities |
| 202405-27 | Epiphany: Buffer Overflow |
| 202405-26 | qtsvg: Multiple Vulnerabilities |
| 202405-25 | MariaDB: Multiple Vulnerabilities |
| 202405-24 | ytnef: Multiple Vulnerabilities |
| 202405-23 | U-Boot tools: double free vulnerability |
| 202405-22 | rsync: Multiple Vulnerabilities |
| 202405-21 | Commons-BeanUtils: Improper Access Restriction |
| 202405-20 | libjpeg-turbo: Multiple Vulnerabilities |
| 202405-19 | xar: Unsafe Extraction |
| 202405-18 | Xpdf: Multiple Vulnerabilities |
| 202405-17 | glibc: Multiple Vulnerabilities |
| 202405-16 | Apache Commons BCEL: Remote Code Execution |
| 202405-15 | Mozilla Firefox: Multiple Vulnerabilities |
| 202405-14 | QtWebEngine: Multiple Vulnerabilities |
| 202405-13 | borgmatic: Shell Injection |
| 202405-12 | Pillow: Multiple Vulnerabilities |
| 202405-11 | MIT krb5: Multiple Vulnerabilities |
| 202405-10 | Setuptools: Denial of Service |
| 202405-09 | MediaInfo, MediaInfoLib: Multiple Vulnerabilities |
| 202405-08 | strongSwan: Multiple Vulnerabilities |
| 202405-07 | HTMLDOC: Multiple Vulnerabilities |
| 202405-06 | mujs: Multiple Vulnerabilities |
| 202405-05 | MPlayer: Multiple Vulnerabilities |
| 202405-04 | systemd: Multiple Vulnerabilities |
| 202405-03 | Dalli: Code Injection |
| 202405-02 | ImageMagick: Multiple Vulnerabilities |
| 202405-01 | Python, PyPy3: Multiple Vulnerabilities |
| 202403-04 | XZ utils: Backdoor in release tarballs |
| 202403-03 | UltraJSON: Multiple Vulnerabilities |
| 202403-02 | Blender: Multiple Vulnerabilities |
| 202403-01 | Tox: Remote Code Execution |
| 202402-33 | PyYAML: Arbitrary Code Execution |
| 202402-32 | btrbk: Remote Code Execution |
| 202402-31 | GNU Aspell: Heap Buffer Overflow |
| 202402-30 | Glances: Arbitrary Code Execution |
| 202402-29 | LibreOffice: Multiple Vulnerabilities |
| 202402-28 | Samba: Multiple Vulnerabilities |
| 202402-27 | Glade: Denial of Service |
| 202402-26 | Mozilla Firefox: Multiple Vulnerabilities |
| 202402-25 | Mozilla Thunderbird: Multiple Vulnerabilities |
| 202402-24 | Seamonkey: Multiple Vulnerabilities |
| 202402-23 | Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities |
| 202402-22 | intel-microcode: Multiple Vulnerabilities |
| 202402-21 | QtNetwork: Multiple Vulnerabilities |
| 202402-20 | Thunar: Arbitrary Code Execution |
| 202402-19 | libcaca: Arbitary Code Execution |
| 202402-18 | Exim: Multiple Vulnerabilities |
| 202402-17 | CUPS: Multiple Vulnerabilities |
| 202402-16 | Apache Log4j: Multiple Vulnerabilities |
| 202402-15 | e2fsprogs: Arbitrary Code Execution |
| 202402-14 | QtWebEngine: Multiple Vulnerabilities |
| 202402-13 | TACACS+: Remote Code Execution |
| 202402-12 | GNU Tar: Out of Bounds Read |
| 202402-11 | libxml2: Multiple Vulnerabilities |
| 202402-10 | NBD Tools: Multiple Vulnerabilities |
| 202402-09 | Wireshark: Multiple Vulnerabilities |
| 202402-08 | OpenSSL: Multiple Vulnerabilities |
| 202402-07 | Xen: Multiple Vulnerabilities |
| 202402-06 | FreeType: Multiple Vulnerabilities |
| 202402-05 | Microsoft Edge: Multiple Vulnerabilities |
| 202402-04 | GNAT Ada Suite: Remote Code Execution |
| 202402-03 | QtGui: Multiple Vulnerabilities |
| 202402-02 | SDDM: Privilege Escalation |
| 202402-01 | glibc: Multiple Vulnerabilities |
| 202401-34 | Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities |
| 202401-33 | WebKitGTK+: Multiple Vulnerabilities |
| 202401-32 | libaom: Multiple Vulnerabilities |
| 202401-31 | containerd: Multiple Vulnerabilities |
| 202401-30 | X.Org X Server, XWayland: Multiple Vulnerabilities |
| 202401-29 | sudo: Memory Manipulation |
| 202401-28 | GOCR: Multiple Vulnerabilities |
| 202401-27 | Ruby: Multiple vulnerabilities |
| 202401-26 | Apache XML-RPC: Multiple Vulnerabilities |
| 202401-25 | OpenJDK: Multiple Vulnerabilities |
| 202401-24 | Nettle: Denial of Service |
| 202401-23 | libuv: Buffer Overread |
| 202401-22 | libspf2: Multiple vulnerabilities |
| 202401-21 | KTextEditor: Arbitrary Local Code Execution |
| 202401-20 | QPDF: Buffer Overflow |
| 202401-19 | Opera: Multiple Vulnerabilities |
| 202401-18 | zlib: Buffer Overflow |
| 202401-17 | libgit2: Privilege Escalation Vulnerability |
| 202401-16 | FreeRDP: Multiple Vulnerabilities |
| 202401-15 | Prometheus SNMP Exporter: Basic Authentication Bypass |
| 202401-14 | RedCloth: ReDoS Vulnerability |
| 202401-13 | FAAD2: Multiple Vulnerabilities |
| 202401-12 | Synapse: Multiple Vulnerabilities |
| 202401-11 | Apache Batik: Multiple Vulnerabilities |
| 202401-10 | Mozilla Firefox: Multiple Vulnerabilities |
| 202401-09 | Eclipse Mosquitto: Multiple Vulnerabilities |
| 202401-08 | util-linux: Multiple Vulnerabilities |
| 202401-07 | R: Directory Traversal |
| 202401-06 | CUPS filters: Remote Code Execution |
| 202401-05 | RDoc: Command Injection |
| 202401-04 | WebKitGTK+: Multiple Vulnerabilities |
| 202401-03 | BlueZ: Privilege Escalation |
| 202401-02 | c-ares: Multiple Vulnerabilities |
| 202401-01 | Joblib: Arbitrary Code Execution |