Ubuntu Security Advisories

Shaun Mirani discovered that GStreamer Base Plugins did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service.

It was discovered that .NET did not properly handle the creation of temporary build time directories. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-55247) It was discovered that .NET did not properly establish TLS sessions for SMTP server connections. An attacker could use this issue to cause .NET to use unencrypted connections. This issue only affects .NET versions 8.0 and 9.0. (CVE-2025-55248) It was discovered that .NET inconsistently interpreted certain http requests. An attacker could possibly use this to bypass a security feature over a network. (CVE-2025-55315)

USN-7818-1 fixed vulnerabilities in Apache Subversion. This update provides the corresponding update for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. Original advisory details: It was discovered that Apache Subversion incorrectly parsed control characters in filenames. An attacker could possibly use this issue to commit a corrupted revision to a repository, leading to a denial of service.

Andrew Walker discovered that Samba incorrectly initialized memory in the vfs_streams_xattr module. An authenticated attacker could possibly use this issue to obtain sensitive information. (CVE-2025-9640) Igor Morgenstern discovered that Samba incorrectly handled names passed to the WINS hook program. An attacker could possibly use this issue to execute arbitrary code. (CVE-2025-10230)

USN-7824-1 fixed several vulnerabilities in Redis. This update provides the corresponding update for Ubuntu 22.04 LTS. Original advisory details: Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Redis incorrectly handled memory when running Lua scripts. An authenticated attacker could use this vulnerability to trigger a use-after-free condition, and potentially achieve remote code execution on the Redis server.

USN-7824-1 fixed several vulnerabilities in Redis. This update provides the corresponding update for Redict - a fork of Redis. Original advisory details: Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Redis incorrectly handled memory when running Lua scripts. An authenticated attacker could use this vulnerability to trigger a use-after-free condition, and potentially achieve remote code execution on the Redis server.

It was discovered that MuPDF incorrectly managed memory, resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-1000036) It was discovered that MuPDF could enter an infinite loop when parsing certain PDF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-10289) It was discovered that MuPDF incorrectly managed memory, possibly leading to a segmentation fault. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-16647, CVE-2018-16648) It was discovered that MuPDF contained a use-after-free vulnerability. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-21896) It was discovered that MuPDF incorrectly managed memory, resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-26683) Maxim Mishechkin, Vitalii Akolzin, Shamil Kurmangaleev, Denis Straghkov, Fedor Nis'kov and Ivan Gulakov discovered that MuPDF incorrectly managed memory under certain circumstances, leading to a double-free. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-3407) Xuwei Liu discovered that MuPDF may perform an out-of-bounds write under certain circumstances. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-37220)

Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Redis incorrectly handled memory when running Lua scripts. An authenticated attacker could use this vulnerability to trigger a use-after-free condition, and potentially achieve remote code execution on the Redis server.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AMD CDX bus driver; - DPLL subsystem; - EFI core; - GPIO subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - InfiniBand drivers; - Multiple devices driver; - Network drivers; - Mellanox network drivers; - NVME drivers; - Pin controllers subsystem; - RapidIO drivers; - Voltage and Current Regulator drivers; - SCSI subsystem; - SLIMbus drivers; - QCOM SoC drivers; - UFS subsystem; - USB DSL drivers; - Renesas USBHS Controller drivers; - USB Type-C Connector System Software Interface driver; - Framebuffer layer; - ACRN Hypervisor Service Module driver; - Ext4 file system; - Network file system (NFS) client; - Proc file system; - SMB network file system; - Memory Management; - Scheduler infrastructure; - SoC audio core drivers; - Perf events; - Tracing infrastructure; - Memory management; - 802.1Q VLAN protocol; - Asynchronous Transfer Mode (ATM) subsystem; - Bluetooth subsystem; - Devlink API; - IPv4 networking; - IPv6 networking; - Logical Link layer; - Management Component Transport Protocol (MCTP); - Multipath TCP; - Netfilter; - Packet sockets; - Network traffic control; - Switch device API; - TLS protocol; - VMware vSockets driver; - Wireless networking; - eXpress Data Path; - XFRM subsystem; (CVE-2025-21969, CVE-2025-21976, CVE-2025-21898, CVE-2025-21981, CVE-2025-21929, CVE-2025-21935, CVE-2025-22009, CVE-2025-21967, CVE-2025-21963, CVE-2025-21944, CVE-2025-21970, CVE-2025-21962, CVE-2025-21912, CVE-2025-38477, CVE-2025-21977, CVE-2025-21881, CVE-2025-21980, CVE-2025-22013, CVE-2025-21946, CVE-2025-22008, CVE-2025-21975, CVE-2025-21878, CVE-2025-21891, CVE-2025-22014, CVE-2025-21916, CVE-2025-21950, CVE-2024-58090, CVE-2025-21917, CVE-2025-21885, CVE-2025-21914, CVE-2025-21873, CVE-2025-21959, CVE-2025-21964, CVE-2025-22010, CVE-2025-21928, CVE-2025-21872, CVE-2025-21908, CVE-2025-22004, CVE-2025-21895, CVE-2025-21991, CVE-2025-21936, CVE-2025-21982, CVE-2025-21996, CVE-2025-21888, CVE-2025-21961, CVE-2025-21894, CVE-2025-21966, CVE-2025-21941, CVE-2025-21890, CVE-2025-21930, CVE-2025-21883, CVE-2025-21903, CVE-2025-21922, CVE-2025-21945, CVE-2025-22005, CVE-2025-22016, CVE-2025-21926, CVE-2025-21927, CVE-2025-21924, CVE-2025-21919, CVE-2025-21997, CVE-2025-21986, CVE-2025-21905, CVE-2025-21995, CVE-2025-38617, CVE-2025-21875, CVE-2025-21910, CVE-2025-21920, CVE-2025-21913, CVE-2025-21909, CVE-2025-21911, CVE-2025-22001, CVE-2025-21972, CVE-2025-37785, CVE-2025-21889, CVE-2025-21979, CVE-2025-21918, CVE-2025-22011, CVE-2025-37756, CVE-2025-21992, CVE-2025-38618, CVE-2025-21915, CVE-2025-38500, CVE-2025-21978, CVE-2025-21947, CVE-2025-21951, CVE-2025-21994, CVE-2025-21999, CVE-2025-21960, CVE-2025-37889, CVE-2025-21892, CVE-2025-21934, CVE-2025-21877, CVE-2025-22007, CVE-2025-22003, CVE-2025-22017, CVE-2025-21925, CVE-2025-21880, CVE-2025-21957, CVE-2025-21899, CVE-2025-21956, CVE-2025-21948, CVE-2025-21955, CVE-2025-21937, CVE-2025-21968, CVE-2025-21904, CVE-2025-22015)

It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-35365) It was discovered that FFmpeg did not correctly handle certain integer calculations. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-35366) It was discovered that FFmpeg may perform an out-of-bounds read under certain circumstances. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-35367) It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-35368) It was discovered that FFmpeg did not correctly handle certain inputs, which could lead to an integer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-36613, CVE-2024-36616, CVE-2024-36618) It was discovered that FFmpeg did not correctly handle certain inputs, which could lead to an integer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-36619) It was discovered that FFmpeg did not correctly handle certain memory operations. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-7055)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Packet sockets; - Network traffic control; - VMware vSockets driver; (CVE-2025-38477, CVE-2025-38617, CVE-2025-38618, CVE-2025-38683)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Packet sockets; - Network traffic control; - VMware vSockets driver; (CVE-2025-38617, CVE-2025-38618, CVE-2025-38477, CVE-2025-38683)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ext4 file system; - SMB network file system; - Packet sockets; - Network traffic control; - TLS protocol; - VMware vSockets driver; - XFRM subsystem; (CVE-2025-38617, CVE-2025-37756, CVE-2025-38683, CVE-2025-38477, CVE-2025-38500, CVE-2025-37785, CVE-2025-38618, CVE-2025-38244)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; - XFRM subsystem; (CVE-2025-38500, CVE-2025-38477, CVE-2025-38617, CVE-2025-38618)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; - XFRM subsystem; (CVE-2025-38477, CVE-2025-38618, CVE-2025-38500, CVE-2025-38617)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network file system (NFS) server daemon; - Packet sockets; - Network traffic control; - VMware vSockets driver; (CVE-2025-37785, CVE-2025-38618, CVE-2025-38617, CVE-2024-57996, CVE-2025-37752, CVE-2025-38477, CVE-2025-21796, CVE-2025-38350)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Framebuffer layer; - BTRFS file system; - Ext4 file system; - Network file system (NFS) server daemon; - Packet sockets; - Network traffic control; - VMware vSockets driver; (CVE-2025-38477, CVE-2025-38617, CVE-2025-21796, CVE-2025-38618, CVE-2024-49924, CVE-2024-35849, CVE-2025-37785)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; - Network file system (NFS) server daemon; - SMB network file system; - Bluetooth subsystem; - Packet sockets; - Network traffic control; - VMware vSockets driver; (CVE-2025-38350, CVE-2024-57996, CVE-2025-37752, CVE-2025-38617, CVE-2025-38477, CVE-2025-38083, CVE-2024-38541, CVE-2023-52757, CVE-2023-52975, CVE-2025-38618, CVE-2024-49950, CVE-2024-50073, CVE-2025-37785, CVE-2025-21796, CVE-2025-38683, CVE-2025-37797)

It was discovered that Apache Subversion incorrectly parsed control characters in filenames. An attacker could possibly use this issue to commit a corrupted revision to a repository, leading to a denial of service.

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.