USN-7684-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SCSI subsystem; - TTY drivers; - Ext4 file system; - Bluetooth subsystem; - USB sound devices; CVE-2023-52975,...

USN-7683-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers; - Network traffic control; CVE-2025-38083, CVE-2024-50073...

USN-7608-7: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control; CVE-2025-37890...

USN-7682-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; CVE-2025-37797, CVE-2025-38083...

USN-7681-1: Linux kernel vulnerability

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; CVE-2025-38083...

USN-7671-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ACPI drivers; - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control...

USN-7679-1: SQLite vulnerabilities

It was discovered that SQLite incorrectly handled aggregate terms. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-6965 It was discovered that SQLite incorrectly handled certain argument values to...

USN-7678-1: Perl vulnerability

It was discovered that Perl threads incorrectly handled certain file operations. A local attacker could possibly use this issue to load code or access files from unexpected locations...

USN-7654-5: Linux kernel (Xilinx ZynqMP) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

USN-7677-1: cloud-init vulnerabilities

Harry Sintonen discovered that the hotplugd socket in cloud-init was world writable. An attacker could possibly use this issue to send hotplug-hook commands. CVE-2024-11584 It was discovered that cloud-init granted root access to a hardcoded URL with a local IP address when a non-x86 platform is...

USN-7676-1: SQLite vulnerability

It was discovered that SQLite incorrectly handled certain numbers of aggregate terms. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-7675-1: poppler vulnerability

Kevin Backhouse discovered that poppler incorrectly handled documents with a large number of annotations. If a user or automated system were tricked into opening a specially crafted document, a remote attacker could use this issue to cause poppler to consume resources, leading to a denial of...

USN-7674-1: OpenJDK 11 vulnerabilities

It was discovered that the 2D component of OpenJDK 11 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

USN-7673-1: CRaC JDK 21 vulnerabilities

It was discovered that the 2D component of CRaC JDK 21 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

USN-7672-1: CRaC JDK 17 vulnerabilities

It was discovered that the 2D component of CRaC JDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

USN-7671-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ACPI drivers; - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control...

USN-7651-6: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

USN-7670-1: iputils vulnerability

It was discovered that the iputils ping utility incorrectly handled certain ICMP Echo Reply packets. A remote attacker could possibly use this issue to cause iputils to consume resources, leading to a denial of service...

USN-7665-2: Linux kernel (AWS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PA-RISC architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; -...

USN-7669-1: OpenJDK 24 vulnerabilities

It was discovered that the 2D component of OpenJDK 24 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 Mashroor Hasan Bhuiyan discovered that the JSSE...

USN-7668-1: OpenJDK 21 vulnerabilities

It was discovered that the 2D component of OpenJDK 21 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 Mashroor Hasan Bhuiyan discovered that the JSSE...

USN-7651-5: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

USN-7667-1: OpenJDK 8 vulnerabilities

It was discovered that the 2D component of OpenJDK 8 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 Mashroor Hasan Bhuiyan discovered that the JSSE compone...

USN-7366-2: Rack vulnerabilities

USN-7366-1 fixed vulnerabilities in Rack. This update provides the corresponding updates for Ubuntu 25.04. Original advisory details: Nhật Thái Đỗ discovered that Rack incorrectly handled certain usernames. A remote attacker could possibly use this issue to perform CRLF injection. CVE-2025-25184...

USN-7666-1: Unbound vulnerabilities

Xiang Li discovered that Unbound incorrectly handled EDNS Client Subnet ECS in certain configurations. A remote attacker could possibly use this issue to perform a cache poisoning attack called Rebirthday Attack...

USN-7657-2: jq vulnerabilities

USN-7657-1 fixed CVE-2024-23337 and CVE-2025-48060 in jq. This update provides the corresponding fixes for Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. Original advisory details: It was discovered that jq incorrectly handled certain values when parsing JSON data. A remote attacker...

USN-7651-4: Linux kernel (GCP) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

USN-7665-1: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PA-RISC architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; -...

USN-7664-1: Sinatra vulnerabilities

It was discovered that Sinatra incorrectly handled serving static files. An attacker could possibly use this issue to perform local file inclusion, obtaining sensitive information. CVE-2022-29970 It was discovered that Sinatra incorrectly handled special characters in the Content-Disposition HTTP...

USN-7663-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing,...

USN-7662-1: GDK-PixBuf vulnerabilities

It was discovered that GDK-Pixbuf incorrectly handled certain GIF files. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 25.04, Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 20.04 LTS. CVE-2025-6199 It was discovered that GDK-Pixbuf...

USN-7654-4: Linux kernel (KVM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

USN-7651-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

USN-7649-2: Linux kernel (AWS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PA-RISC architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; -...

USN-7661-1: GoBGP vulnerabilities

It was discovered that GoBGP did not properly manage memory under certain circumstances, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. CVE-2023-46565 It was...

USN-7660-1: fdkaac vulnerabilities

It was discovered that fdkaac did not correctly handle certain input. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. CVE-2022-36148 It was discovered that fdkaac did not correctly handle...

USN-7659-1: Nokogiri vulnerabilities

It was discovered Nokogiri did not correctly parse XML Schemas. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. CVE-2020-26247 Agustin Gianni discovere...

USN-7658-1: Drupal vulnerabilities

It was discovered that Drupal incorrectly parsed untrusted HTML. A remote attacker could possibly use this issue to execute arbitrary code...

USN-7611-4: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997, CVE-2025-3793...

USN-7657-1: jq vulnerabilities

It was discovered that jq incorrectly handled certain values when parsing JSON data. A remote attacker could possibly use this issue to cause jq to crash, resulting in a denial of service. CVE-2024-23337 It was discovered that jq incorrectly handled NaN values when parsing JSON data. A remote...

USN-7656-1: Erlang vulnerabilities

It was discovered that Erlang OTP’s SSH module incorrectly enforced strict KEX handshake hardening measures. A remote attacker able to intercept communications could possibly use this issue to insert optional messages into connections during the handshake. CVE-2025-46712 It was discovered that...

USN-6885-5: Apache HTTP Server vulnerabilities

USN-6885-1 fixed vulnerabilities in Apache. This update provides the corresponding updates for Ubuntu 14.04 LTS. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. A remote attacker could possibly use this iss...

USN-7651-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

USN-7655-1: Linux kernel (Intel IoTG) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...

USN-7654-3: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

USN-7654-2: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

USN-7654-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

USN-7653-1: Linux kernel (HWE) vulnerabilities

It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...

USN-7652-1: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...

USN-7651-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PowerPC architecture; - S390 architecture; - Block layer subsystem; - Serial ATA and Parallel ATA drivers; - Driver...