Debian Linux Security LinuxSecurity Advisories is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals.
Stay Vigilant with Timely Linux Security Advisories LinuxSecurity.com is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the commu
- Debian: firebird4.0 Critical Denial of Service Issues Fixed DSA-5992-1
on August 30, 2025 at 6:05 pmTwo vulnerabilities were discovered in the Firebird database, which may result in denial of service or authentication bypass. For the stable distribution (trixie), these problems have been fixed in
- Debian: Node.js Critical Risks Denial Service DSA-5991-1 CVE-2023-46809on August 29, 2025 at 6:10 pm
Multiple vulnerabilities were discovered in Node.js, which could result in denial of service, HTTP request smuggling, privilege escalation, a side channel attack against PKCS#1 1.5 or a bypass of network import restrictions.
- Debian: libxml2 Critical Memory Corruption Fix CVE-2025-7425 DSA-5990-1on August 29, 2025 at 7:24 am
A flaw was found in libxslt, the XSLT 1.0 processing library, where the attribute type, atype, flags are modified in a way that corrupts internal memory management. This is addressed by adding guards in libxml2, the GNOME XML library, preventing the heap use-after-free from happening.
- Debian: udisks2 Critical Out-of-Bounds Read CVE-2025-8067on August 28, 2025 at 6:51 pm
Michael Imfeld discovered an out-of-bounds read vulnerability in udisks2, a D-Bus service to access and manipulate storage devices, which may result in denial of service (daemon process crash), or in mapping an internal file descriptor from the daemon process onto a loop device,
- Debian: Chromium Critical DSA-5988-1 Code Execution and DoS Threaton August 28, 2025 at 1:19 am
A security issues was discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
- Debian: Unbound Severe Denial of Service Vulnerability DSA-5988-2on August 27, 2025 at 9:07 pm
Multiple security issues were discovered in Unbound, a validating, recursive, caching DNS resolver, which may result in denial of service or cache poisoning via the “rebirthday attack”.
- Debian: node-cipher-base Critical Incomplete Type Check Issue DSA-5986-1on August 26, 2025 at 6:30 pm
Nikita Skorovoda discovered that Node cipher-base, an abstract base class for crypto-streams, performed incomplete type checks. For the oldstable distribution (bookworm), this problem has been fixed
- Debian 11: FFmpeg Critical Denial of Service and Code Exec DSA-5985-1on August 25, 2025 at 6:23 pm
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
- Debian: Thunderbird Critical Arbitrary Code Execution DSA-5984-1on August 24, 2025 at 12:51 pm
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code. For the oldstable distribution (bookworm), these problems have been fixed
