USN-8414-2: OpenSSL vulnerabilities

USN-8414-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Frank Buss discovered that OpenSSL had a heap buffer over-read in ASN.1 content parsing. An...

USN-8156-2: GDK-PixBuf vulnerability

USN-8156-1 fixed a vulnerability in GDK-PixBuf. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that GDK-PixBuf incorrectly handled certain JPEG files. An attacker could use this issue to caus...

USN-8411-1: Lodash vulnerabilities

It was discovered that Lodash was vulnerable to a prototype pollution issue in the zipObjectDeep function. An attacker could possibly use this issue to modify application behavior. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-8203 Liyuan Chen discovered that Lodash was...

USN-8044-2: alsa-lib vulnerability

USN-8044-1 fixed a vulnerability in alsa-lib. This update provides the corresponding fix for alsa-lib on Ubuntu 20.04 LTS. Original advisory details: It was discovered that alsa-lib incorrectly handled the topology mixer control decoder. A local attacker could use a specially crafted topology fil...

Zimbra Collaboration - Unrestricted File Upload

An issue was discovered in Zimbra Collaboration ZCS 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole extraction to /opt/zimbra/jetty/webapps/zimbra/public that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also,...

UBUNTU-CVE-2026-42487

Unknown description...

UBUNTU-CVE-2026-46327

dm: fix unlocked test for dmsuspendedmd...

UBUNTU-CVE-2026-46319

net/sched: actct: Only release RCU read lock after ctft...

UBUNTU-CVE-2026-46325

RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE...

UBUNTU-CVE-2026-46330

Revert "net/smc: Introduce TCP ULP support"...

UBUNTU-CVE-2026-46332

greybus: gb-beagleplay: bound bootloader receive buffering...

UBUNTU-CVE-2026-42490

Unknown description...

UBUNTU-CVE-2026-35188

Double-free When Checking OCSP Stapled Response...

UBUNTU-CVE-2026-46320

tap: free page on error paths in tapgetuserxdp...

UBUNTU-CVE-2026-45446

Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes...

UBUNTU-CVE-2026-46326

iio: pressure: mprls0025pa: fix spitransfer struct initialisation...

UBUNTU-CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

UBUNTU-CVE-2026-34183

Unbounded Memory Growth in the QUIC PATHCHALLENGE Handler...

UBUNTU-CVE-2026-46285

In the Linux kernel, the following vulnerability has been resolved: mtd: docg3: fix use-after-free in docg3release In docg3release, the docg3 pointer is obtained from cascade-floors0-priv before the loop that calls docreleasedevice on each floor. docreleasedevice frees the docg3 struct via...

UBUNTU-CVE-2026-42769

Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate...