Ubuntu Security Advisories

It was discovered that Express incorrectly handled certain URLs, leading to an open redirect attack. A remote attacker could possibly use this issue to perform phishing attacks. (CVE-2024-29041) Adam Korcz discovered that Express did not properly sanitize certain inputs. A remote attacker could possibly use this issue to perform cross site scripting. (CVE-2024-43796)

USN-7577-1 fixed a vulnerability in libblockdev. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that libblockdev incorrectly handled mount options when resizing certain filesystems. A local attacker with an active session on the console can use this issue to escalate their privileges to root.

USN-7578-1 fixed a vulnerability in UDisks. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that UDisks incorrectly handled mount options when resizing certain filesystems. A local attacker with an active session on the console can use this issue to escalate their privileges to root.

Olivier BAL-PETRE discovered that the PAM pam_namespace module incorrectly handled user-controlled paths. In environments where pam_namespace is used, a local attacker could possibly use this issue to escalate their privileges to root.

It was discovered that the Godot Engine did not properly handle certain malformed WebM media files. If the Godot Engine opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. (CVE-2019-2126) It was discovered that the Godot Engine did not properly handle certain malformed TGA image files. If the Godot Engine opened a specially crafted TGA image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-26825, CVE-2021-26826)

It was discovered that UDisks incorrectly handled mount options when resizing certain filesystems. A local attacker with an active session on the console can use this issue to escalate their privileges to root.

It was discovered that libblockdev incorrectly handled mount options when resizing certain filesystems. A local attacker with an active session on the console can use this issue to escalate their privileges to root.

USN-7573-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Nils Emmerich discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could use these issues to cause the X Server to crash, leading to a denial of service, obtain sensitive information, or possibly execute arbitrary code.

Kyle Seely discovered that the Go net/http module did not properly handle sensitive headers during repeated redirects. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-45336) Juho Forsén discovered that the Go crypto/x509 module incorrectly handled IPv6 addresses during URI parsing. An attacker could possibly use this issue to bypass certificate URI constraints. (CVE-2024-45341) It was discovered that the Go crypto module did not properly handle variable time instructions under certain circumstances on 64-bit Power (ppc64el) systems. An attacker could possibly use this issue to expose sensitive information. (CVE-2025-22866) It was discovered that the Go http/httpproxy module did not properly handle IPv6 zone IDs during hostname matching. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-22870) Takeshi Kaneko discovered that the Go net/http module did not properly strip sensitive proxy headers during redirect requests. An attacker could possibly use this issue to obtain sensitive information. (CVE-2025-4673)

It was discovered that dwarfutils did not correctly certain memory operations, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

It was discovered that MuJS did not correctly handle try/finally statements, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2021-45005) Han Zheng discovered that MuJS did not correctly handle recursion, which could lead to stack exhaustion. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-30974) Han Zheng discovered that MuJS did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-30975)

Nils Emmerich discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could use these issues to cause the X Server to crash, leading to a denial of service, obtain sensitive information, or possibly execute arbitrary code.

USN-7555-1 fixed a vulnerability in Django. This update provides an additional fix for Ubuntu 20.04 LTS. Original advisory details: It was discovered that Django incorrectly handled certain unescaped request paths. An attacker could possibly use this issue to perform a log injection.

Juho Forsén discovered that KaTeX did not correctly handle certain inputs, which could lead to an infinite loop. If a user or application were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS. (CVE-2024-28243) Tobias S. Fink discovered that KaTeX did not correctly block certain URL protocols. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2024-28246) It was discovered that KaTeX did not correctly handle certain inputs. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. (CVE-2024-28245) Sean Ng discovered that KaTeX did not correctly handle certain inputs. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to execute arbitrary code. (CVE-2025-23207)

Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application’s XML configuration file could possibly use this issue to cause a denial of service.

USN-7555-1 fixed vulnerabilities in Django. The fix was incomplete. This update applies an additional patch to fix it properly. Original advisory details: It was discovered that Django incorrectly handled certain unescaped request paths. An attacker could possibly use this issue to perform a log injection.

It was discovered that Python incorrectly handled certain unicode characters during decoding. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-4516) It was discovered that Python incorrectly handled unicode encoding of email headers with list separators in folded lines. An attacker could possibly use this issue to expose sensitive information. (CVE-2025-1795)

USN-7536-1 fixed vulnerabilities in cifs-utils. This update introduced a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that cifs-utils incorrectly handled namespaces when obtaining Kerberos credentials. An attacker could possibly use this issue to obtain sensitive information.

It was discovered that Dojo did not correctly handle DataGrids. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-15494) It was discovered that Dojo was vulnerable to prototype pollution. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-23450) Jonathan Leitschuh discovered that Dojo did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-10785, CVE-2020-4051)

Dennis Brinkrolf and Tobias Funke discovered that Requests did not correctly handle certain HTTP headers. A remote attacker could possibly use this issue to leak sensitive information. This issue only affected Ubuntu 14.04 LTS. (CVE-2023-32681) Juho Forsén discovered that Requests did not correctly parse URLs. A remote attacker could possibly use this issue to leak sensitive information. (CVE-2024-47081)