USN-8174-1: XML::Parser vulnerabilities

It was discovered that XML::Parser incorrectly handled certain multi-byte UTF-8 characters. If a user or automated system were tricked into processing specially crafted XML data, a remote attacker could use this issue to cause XML::Parser to crash, resulting in a denial of service or to possibly...

USN-8173-1: polkit vulnerabilities

It was discovered that polkit incorrectly handled nested elements in XML policy files. If an administrator were tricked into installing a malicious policy file, a remote attacker could possibly use this issue to cause polkit to crash, resulting in a denial of service. CVE-2025-7519 Pavel Kohout...

USN-8148-6: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

USN-8149-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

USN-8163-2: Linux kernel (Azure) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

USN-8172-1: kvmtool vulnerabilities

It was discovered that kvmtool did not properly manage memory under certain circumstances. A malicious guest attacker could use this issue to cause kvmtool to crash, leading to a denial of service, or possibly execute arbitrary code on the host system. CVE-2021-45464 It was discovered that kvmtoo...

USN-8171-1: Vim vulnerabilities

Nathan Mills discovered that Vim could crash when parsing certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10 CVE-2026-32249 It was discovered that Vim did not properly sanitize user input...

USN-8170-1: Corosync vulnerabilities

It was discovered that Corosync incorrectly handled the membership commit token validity check. A remote attacker could use this issue to cause Corosync to crash, resulting in a denial of service, or to possibly obtain a small quantity of sensitive information. CVE-2026-35091 It was discovered th...

USN-8169-1: Redis, Lua vulnerabilities

It was discovered that Redis incorrectly handled certain specially crafted Lua scripts. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue was only addressed in lua5.1 on Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2025-49844 It was...

USN-8168-1: Rust vulnerability

It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside the...

USN-8167-1: xdg-dbus-proxy vulnerability

It was discovered that xdg-dbus-proxy incorrectly handled eavesdropping in policy rules. A local attacker could possibly use this issue to intercept certain D-Bus messages...

LSN-0119-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfsreftreemod after we successfully inserted the new ref entry local variable 'ref' into the respective block entry's rbtree local variable 'be', if we find an...

USN-8166-1: RetroArch vulnerability

It was discovered that RetroArch did not correctly handle certain memory operations, which could lead to a buffer overflow. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary...

USN-8165-1: Linux kernel (Azure FIPS) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

USN-8164-1: Linux kernel (Intel IoTG Real-time) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

USN-8163-1: Linux kernel (Azure FIPS) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

USN-8145-4: Linux kernel (HWE) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control;...

USN-8162-1: Linux kernel (NVIDIA Tegra) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - Drivers core; - Bluetooth drivers; - DMA engine...

USN-8155-2: OpenSSL vulnerabilities

USN-8155-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for CVE-2026-28387 for openssl in Ubuntu 20.04 LTS. CVE-2026-28388 for openssl and openssl1.0 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS, and CVE-2026-28389 and...

USN-8154-2: Django vulnerabilities

USN-8154-1 fixed vulnerabilities in Django. This update provides the corresponding updates for Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Original advisory details: Seokchan Yoon discovered that Django incorrectly handled copying memory when parsing multipart uploads with excessive whitespace. A remo...

USN-8161-1: QEMU vulnerabilities

It was discovered that the LSI53C895A SCSI Host Bus Adapter implementation of QEMU incorrectly handled memory. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-6519 It was discovered...

USN-8160-1: MongoDB vulnerability

It was discovered that MongoDB incorrectly handled length parameters in zlib-compressed network messages prior to authentication. An unauthenticated remote attacker could possibly use this issue to cause MongoDB to allocate an oversized memory buffer, resulting in the exposure of sensitive...

USN-8149-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

USN-8148-5: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

USN-8159-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - Netfilter; - Network traffic control; CVE-2025-37849, CVE-2026-23060,...

USN-8159-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - Netfilter; - Network traffic control; CVE-2025-37849, CVE-2026-23060,...

USN-8159-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - Netfilter; - Network traffic control; CVE-2025-37849, CVE-2026-23060,...

USN-8158-1: Dogtag PKI vulnerability

Fraser Tweedale and Geetika Kapoor discovered that Dogtag PKI could renew a certificate without proper authentication. An attacker could possibly use this to repeatedly renew a compromised certificate and maintain unauthorized access to a system or resource...

USN-8157-1: Squid vulnerabilities

It was discovered that Squid incorrectly handled certain ICP traffic. In environments where ICP support is enabled, a remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or obtain small amounts of sensitive information...

USN-8156-1: GDK-PixBuf vulnerability

It was discovered that GDK-PixBuf incorrectly handled certain JPEG files. An attacker could use this issue to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-8155-1: OpenSSL vulnerabilities

Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected preferred key exchange group when used as a TLS 1.3 server. This could result in a less preferred key exchange being used, contrary to expectations. This issue only affected Ubuntu 25.10. CVE-2026-2673 Igor Morgenstern...

USN-8089-3: ADSys, Juju Core, LXD vulnerabilities

USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in LXD, ADSys, and Juju Core. Original advisory details: Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go...

USN-8154-1: Django vulnerabilities

Seokchan Yoon discovered that Django incorrectly handled copying memory when parsing multipart uploads with excessive whitespace. A remote attacker could possibly use this issue to cause Django to use excessive resources, leading to a denial of service. CVE-2026-33033 It was discovered that Djang...

USN-8153-1: Salt vulnerabilities

Zach Malone discovered that Salt did not properly handle permissions to cache data. A local attacker could possibly use this issue to obtain sensitive information. CVE-2015-8034 Dylan Frese discovered that Salt incorrectly allowed users to specify PAM service. An attacker could possibly use this...

USN-8152-1: Linux kernel (OEM) vulnerabilities

It was discovered that some AMD Zen 5 processors supporting RDSEED instruction did not properly handle entropy, potentially resulting in the consumption of insufficiently random values. A local attacker could possibly use this issue to influence the values returned by the RDSEED instruction causi...

USN-8148-4: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

USN-8145-3: Linux kernel (GCP) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control;...

USN-8151-1: lambdaisland/uri vulnerability

It was discovered that lambdaisland/uri did not properly sanitize the backslash character in URI strings. An attacker could possibly use this issue to bypass security checks or redirect users...

USN-8150-1: SPIP vulnerabilities

It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use this issue to perform cross site scripting. CVE-2022-28959 It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use this issue to perform PH...

USN-8148-3: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

USN-8148-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

USN-8145-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control;...

USN-8143-2: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - GPU drivers; - BTRFS file system; - GFS2 file system; - UDF file system; - NFC subsystem; -...

USN-8146-1: libjxl vulnerability

Daniel Novomeský discovered that libjxl did not properly manage memory when decoding certain files. An attacker could use this issue to cause libjxl to crash, resulting in denial of service, or possibly execute arbitrary code...

USN-8149-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

USN-8147-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to access sensitive information. This issue only affected Ubuntu 14.04 LTS. CVE-2019-19221 It was discovered that libarchive incorrectly handled certain RAR archive files. If a...

USN-8148-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

USN-8145-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Cryptographic API; - UDF file system; - NFC subsystem; - Network traffic control;...

USN-8144-1: Undertow vulnerability

It was discovered that Undertow incorrectly validated the Host header in incoming HTTP requests. A remote attacker could possibly use this issue to gain unintended access to user sessions...

USN-8140-1: Cairo vulnerabilities

Alberto Garcia, Francisco Oca and Suleman Ali discovered that Cairo did not properly manage memory. An attacker could possibly use this issue to cause Cairo to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2017-9814 ...