USN-7808-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ext4 file system; - SMB network file system; - Packet sockets; - Network traffic control; - TLS...

USN-7792-3: Linux kernel (AWS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Packet sockets; - Network traffic control; - TLS protocol; - VMware vSockets driver; - XFRM...

USN-7789-2: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

USN-7807-1: GStreamer Base Plugins vulnerabilities

Michael Randrianantenaina discovered that GStreamer Base Plugins did not correctly handle certain integer operations. An attacker could possibly use this issue to execute arbitrary code. CVE-2023-37327, CVE-2024-4453 Michael Randrianantenaina discovered that GStreamer Base Plugins did not correct...

USN-7806-1: PAM/U2F vulnerability

It was discovered that PAM/U2F could allow for authentication bypass in some configurations. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service...

USN-7801-2: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

USN-7791-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; - XFRM subsystem; CVE-2025-38617,...

USN-7805-1: HAProxy vulnerability

Oula Kivalo discovered that HAProxy incorrectly handled parsing certain json numbers. A remote attacker could possibly use this issue to cause HAProxy to crash, resulting in a denial of service...

USN-7774-5: Linux kernel (NVIDIA Tegra IGX) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7804-1: Squid vulnerability

It was discovered that Squid incorrectly handled certain long SNMP OIDs. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service...

USN-7803-1: poppler vulnerability

It was discovered that poppler incorrectly handled certain PDF files. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could use this issue to cause poppler to crash, leading to a denial of service...

USN-7691-2: MySQL vulnerabilities

USN-7691-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to...

USN-7802-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

USN-7797-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Virtio block driver; - Media drivers; - Network drivers; - Framebuffer layer; - BTRFS file system; - Ext4 file...

USN-7796-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Framebuffer layer; - BTRFS file system; - Ext4 file system; - Network file system NFS server daemon; - Packet...

USN-7796-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Framebuffer layer; - BTRFS file system; - Ext4 file system; - Network file system NFS server daemon; - Packet...

USN-7795-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network file system NFS server daemon; - Packet sockets; - Network traffic control; - VMware...

USN-7793-4: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; CVE-2025-38617, CVE-2025-38477, CVE-2025-38618...

USN-7793-3: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; CVE-2025-38618, CVE-2025-38617, CVE-2025-38477...

USN-7793-2: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; CVE-2025-38617, CVE-2025-38477, CVE-2025-38618...

USN-7801-1: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

USN-7800-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AMD CDX bus driver; - DP...

USN-7792-2: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Packet sockets; - Network traffic control; - TLS protocol; - VMware vSockets driver; - XFRM...

USN-7799-1: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Packet sockets; - Network traffic control; - TLS protocol; - VMware vSockets driver; - XFRM...

USN-7798-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - SMB network file system; - Packet sockets; - Network traffic control; - VMware vSockets driver; ...

USN-7791-2: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; - XFRM subsystem; CVE-2025-38477,...

USN-7797-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Virtio block driver; - Media drivers; - Network drivers; - Framebuffer layer; - BTRFS file system; - Ext4 file...

USN-7796-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Framebuffer layer; - BTRFS file system; - Ext4 file system; - Network file system NFS server daemon; - Packet...

USN-7795-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network file system NFS server daemon; - Packet sockets; - Network traffic control; - VMware...

USN-7793-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; CVE-2025-38477, CVE-2025-38617, CVE-2025-38618...

USN-7792-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Packet sockets; - Network traffic control; - TLS protocol; - VMware vSockets driver; - XFRM...

USN-7791-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; - XFRM subsystem; CVE-2025-38618,...

USN-7794-1: Django vulnerabilities

It was discovered that Django incorrectly handled special characters in the QuerySet function calls. A remote attacker could possibly use this issue to perform SQL injection attacks. CVE-2025-59681 It was discovered that Django incorrectly handled files with the same path prefix when starting wit...

USN-7774-4: Linux kernel (KVM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7790-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AMD CDX bus driver; - DP...

USN-7789-1: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

USN-7775-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7788-1: libmspack vulnerabilities

Jakub Wilk discovered that libmspack did not correctly handle certain integer operations and bounds checking. A remote attacker could possibly use this issue to cause a denial of service. CVE-2015-4467, CVE-2015-4468, CVE-2015-4469, CVE-2015-4472 It was discovered that libmspack incorrectly handl...

USN-7787-1: Libxslt vulnerabilities

Ivan Fratric discovered that Libxslt did not correctly handle certain memory operations. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service...

USN-7786-1: OpenSSL vulnerabilities

Stanislav Fort discovered that OpenSSL incorrectly handled memory when trying to decrypt CMS messages encrypted with password-based encryption. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-9230 Stanislav Fort discovered that OpenSSL ha...

USN-7785-1: Open VM Tools vulnerability

It was discovered that Open VM Tools incorrectly handled permissions with version checking. An attacker could possibly use this issue to escalate privileges inside a virtual machine. This update disables the SDMP get-versions.sh script, so version information may no longer be made available...

USN-7784-1: Rack vulnerability

It was discovered that Rack incorrectly handled limiting the amount of parameters. An attacker could possibly use this issue to bypass the paramslimit value, leading to a denial of service...

USN-7783-1: LibTIFF vulnerabilities

Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled memory when parsing malformed TIFF images. An attacker could possibly use this issue to cause LibTIFF to crash, resulting in a denial of service. CVE-2025-8961 Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly...

USN-7015-7: Python 2.7 regression

USN-7015-4 fixed vulnerabilities in Python. It was discovered that the fix for CVE-2023-27043 for python2.7 was incorrectly applied on Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the...

USN-7280-3: Python 2.7 regression

USN-7280-2 fixed vulnerabilities in Python. It was discovered that the fixes for CVE-2025-0938 and CVE-2024-11168 were incorrectly applied on Ubuntu 14.04 LTS as a result. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Python...

USN-7782-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled opening a file to write. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service CVE-2025-7462 It was discovered that Ghostscript incorrectly handled writing certain files. An attacker could...

USN-5495-2: curl regression

USN-5495-1 fixed vulnerabilities in curl. The fix for CVE-2022-32205 miscalculated the maximum cookie size, causing a regression. This update fixes the problem. Original advisory details: Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this...

USN-7781-1: Inetutils vulnerabilities

Matthew Hickey discovered that Inetutils did not correctly handle certain escape characters. An attacker could possibly use this issue to cause a denial of service. CVE-2019-0053 It was discovered that Inetutils did not correctly handle certain memory operations. An attacker could possibly use th...

USN-7780-1: Qt vulnerabilities

It was discovered that Qt did not correctly handle certain inputs when using the SQL ODBC driver plugin. An attacker could possibly use this issue to cause a denial of service. CVE-2023-24607 It was discovered that Qt did not correctly parse certain strict-transport- security headers. An attacker...

USN-7775-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...