{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [], "removed": [], "diff": [ "fwupd", "gir1.2-glib-2.0:riscv64", "klibc-utils", "kpartx", "libdrm-common", "libdrm2:riscv64", "libfwupd2:riscv64", "libglib2.0-0t64:riscv64", "libglib2.0-bin", "libglib2.0-data", "libheif-plugin-aomdec:riscv64", "libheif-plugin-aomenc:riscv64", "libheif-plugin-libde265:riscv64", "libheif1:riscv64", "libklibc:riscv64", "libnuma1:riscv64", "libpng16-16t64:riscv64", "libpython3.12-minimal:riscv64", "libpython3.12-stdlib:riscv64", "libpython3.12t64:riscv64", "libsodium23:riscv64", "libssl3t64:riscv64", "libtasn1-6:riscv64", "libxml2:riscv64", "linux-libc-dev:riscv64", "linux-tools-common", "multipath-tools", "numactl", "openssl", "python3-distupgrade", "python3-pyasn1", "python3-urllib3", "python3.12", "python3.12-minimal", "screen", "ubuntu-release-upgrader-core" ] } }, "diff": { "deb": [ { "name": "fwupd", "from_version": { "source_package_name": "fwupd", "source_package_version": "1.9.31-0ubuntu1~24.04.1", "version": "1.9.31-0ubuntu1~24.04.1" }, "to_version": { "source_package_name": "fwupd", "source_package_version": "1.9.33-0ubuntu1~24.04.1ubuntu1", "version": "1.9.33-0ubuntu1~24.04.1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2131001 ], "changes": [ { "cves": [], "log": [ "", " * New upstream version (1.9.31)", " - Add PS5512 usb firmware update (LP: #2131001)", "" ], "package": "fwupd", "version": "1.9.33-0ubuntu1~24.04.1ubuntu1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2131001 ], "author": "Mario Limonciello ", "date": "Sun, 30 Nov 2025 07:12:14 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "gir1.2-glib-2.0:riscv64", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.80.0-6ubuntu3.6", "version": "2.80.0-6ubuntu3.6" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.80.0-6ubuntu3.7", "version": "2.80.0-6ubuntu3.7" }, "cves": [ { "cve": "CVE-2026-0988", "url": "https://ubuntu.com/security/CVE-2026-0988", "cve_description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "cve_priority": "medium", "cve_public_date": "2026-01-21 12:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-0988", "url": "https://ubuntu.com/security/CVE-2026-0988", "cve_description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "cve_priority": "medium", "cve_public_date": "2026-01-21 12:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Integer overflow in g_buffered_input_stream_peek()", " - debian/patches/CVE-2026-0988.patch: fix a potential integer overflow", " in peek() in gio/gbufferedinputstream.c,", " gio/tests/buffered-input-stream.c.", " - CVE-2026-0988", "" ], "package": "glib2.0", "version": "2.80.0-6ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 20 Jan 2026 08:08:27 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "klibc-utils", "from_version": { "source_package_name": "klibc", "source_package_version": "2.0.13-4ubuntu0.1", "version": "2.0.13-4ubuntu0.1" }, "to_version": { "source_package_name": "klibc", "source_package_version": "2.0.13-4ubuntu0.2", "version": "2.0.13-4ubuntu0.2" }, "cves": [ { "cve": "CVE-2016-9843", "url": "https://ubuntu.com/security/CVE-2016-9843", "cve_description": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2016-9843", "url": "https://ubuntu.com/security/CVE-2016-9843", "cve_description": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Undefined Behavior", " - debian/patches/CVE-2016-9843.patch: Avoid pre-decrement of pointer", " in big-endian CRC calculation.", " - CVE-2016-9843", "" ], "package": "klibc", "version": "2.0.13-4ubuntu0.2", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Bruce Cable ", "date": "Mon, 12 Jan 2026 13:55:06 +1100" } ], "notes": null, "is_version_downgrade": false }, { "name": "kpartx", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.9.4-5ubuntu8", "version": "0.9.4-5ubuntu8" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.9.4-5ubuntu8.1", "version": "0.9.4-5ubuntu8.1" }, "cves": [], "launchpad_bugs_fixed": [ 2116901 ], "changes": [ { "cves": [], "log": [ "", " * d/p/0005-hpe-msa-gen7-support.patch: add support for HPE MSA gen7 arrays", " (LP: #2116901)", "" ], "package": "multipath-tools", "version": "0.9.4-5ubuntu8.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2116901 ], "author": "Jonas Jelten ", "date": "Tue, 22 Jul 2025 17:44:15 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libdrm-common", "from_version": { "source_package_name": "libdrm", "source_package_version": "2.4.122-1~ubuntu0.24.04.2", "version": "2.4.122-1~ubuntu0.24.04.2" }, "to_version": { "source_package_name": "libdrm", "source_package_version": "2.4.125-1ubuntu0.1~24.04.1", "version": "2.4.125-1ubuntu0.1~24.04.1" }, "cves": [], "launchpad_bugs_fixed": [ 2126037, 2127944, 2104352, 2100483 ], "changes": [ { "cves": [], "log": [ "", " * Backport to noble. (LP: #2126037)", " - amdgpu-add-env-support-for-amdgpu-ids.patch dropped as it has", " changed on the upstream merge request and hasn't landed yet", "" ], "package": "libdrm", "version": "2.4.125-1ubuntu0.1~24.04.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2126037 ], "author": "Timo Aaltonen ", "date": "Fri, 07 Nov 2025 14:50:51 +0200" }, { "cves": [], "log": [ "", " * patches: Identify APUs from hardware (LP: #2127944)", "" ], "package": "libdrm", "version": "2.4.125-1ubuntu0.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2127944 ], "author": "Timo Aaltonen ", "date": "Fri, 24 Oct 2025 17:43:46 +0300" }, { "cves": [], "log": [ "", " [ Jianfeng Liu ]", " * Enable build libdrm-intel1 for loong64. (Closes: #1107223)", "", " [ Timo Aaltonen ]", " * New upstream release.", " * patches: Drop the upstreamed fix for xf86drm.", " * symbols: Updated.", "" ], "package": "libdrm", "version": "2.4.125-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Wed, 25 Jun 2025 10:46:34 +0300" }, { "cves": [], "log": [ "", " [ Daniel van Vugt ]", " * Add xf86drm-Handle-NULL-in-drmCopyVersion.patch (LP: #2104352)", "", " [ Bo YU ]", " * Enable building libdrm-intel1 for riscv64 (Closes: #1085314)", "" ], "package": "libdrm", "version": "2.4.124-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2104352 ], "author": "Timo Aaltonen ", "date": "Tue, 01 Apr 2025 11:08:19 +0300" }, { "cves": [], "log": [ "", " * New upstream release.", " * amdgpu-add-env-support-for-amdgpu-ids.patch: Add a patch to allow", " using an env variable for amdgpu.ids path. (LP: #2100483)", "" ], "package": "libdrm", "version": "2.4.124-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2100483 ], "author": "Timo Aaltonen ", "date": "Thu, 27 Feb 2025 14:57:25 +0200" }, { "cves": [], "log": [ "", " * New upstream release.", " * Add upstream metadata, drop old git url from d/watch.", " * Update signing-key.asc.", "" ], "package": "libdrm", "version": "2.4.123-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Tue, 10 Sep 2024 11:03:50 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libdrm2:riscv64", "from_version": { "source_package_name": "libdrm", "source_package_version": "2.4.122-1~ubuntu0.24.04.2", "version": "2.4.122-1~ubuntu0.24.04.2" }, "to_version": { "source_package_name": "libdrm", "source_package_version": "2.4.125-1ubuntu0.1~24.04.1", "version": "2.4.125-1ubuntu0.1~24.04.1" }, "cves": [], "launchpad_bugs_fixed": [ 2126037, 2127944, 2104352, 2100483 ], "changes": [ { "cves": [], "log": [ "", " * Backport to noble. (LP: #2126037)", " - amdgpu-add-env-support-for-amdgpu-ids.patch dropped as it has", " changed on the upstream merge request and hasn't landed yet", "" ], "package": "libdrm", "version": "2.4.125-1ubuntu0.1~24.04.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2126037 ], "author": "Timo Aaltonen ", "date": "Fri, 07 Nov 2025 14:50:51 +0200" }, { "cves": [], "log": [ "", " * patches: Identify APUs from hardware (LP: #2127944)", "" ], "package": "libdrm", "version": "2.4.125-1ubuntu0.1", "urgency": "medium", "distributions": "questing", "launchpad_bugs_fixed": [ 2127944 ], "author": "Timo Aaltonen ", "date": "Fri, 24 Oct 2025 17:43:46 +0300" }, { "cves": [], "log": [ "", " [ Jianfeng Liu ]", " * Enable build libdrm-intel1 for loong64. (Closes: #1107223)", "", " [ Timo Aaltonen ]", " * New upstream release.", " * patches: Drop the upstreamed fix for xf86drm.", " * symbols: Updated.", "" ], "package": "libdrm", "version": "2.4.125-1", "urgency": "medium", "distributions": "experimental", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Wed, 25 Jun 2025 10:46:34 +0300" }, { "cves": [], "log": [ "", " [ Daniel van Vugt ]", " * Add xf86drm-Handle-NULL-in-drmCopyVersion.patch (LP: #2104352)", "", " [ Bo YU ]", " * Enable building libdrm-intel1 for riscv64 (Closes: #1085314)", "" ], "package": "libdrm", "version": "2.4.124-2", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2104352 ], "author": "Timo Aaltonen ", "date": "Tue, 01 Apr 2025 11:08:19 +0300" }, { "cves": [], "log": [ "", " * New upstream release.", " * amdgpu-add-env-support-for-amdgpu-ids.patch: Add a patch to allow", " using an env variable for amdgpu.ids path. (LP: #2100483)", "" ], "package": "libdrm", "version": "2.4.124-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [ 2100483 ], "author": "Timo Aaltonen ", "date": "Thu, 27 Feb 2025 14:57:25 +0200" }, { "cves": [], "log": [ "", " * New upstream release.", " * Add upstream metadata, drop old git url from d/watch.", " * Update signing-key.asc.", "" ], "package": "libdrm", "version": "2.4.123-1", "urgency": "medium", "distributions": "unstable", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Tue, 10 Sep 2024 11:03:50 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libfwupd2:riscv64", "from_version": { "source_package_name": "fwupd", "source_package_version": "1.9.31-0ubuntu1~24.04.1", "version": "1.9.31-0ubuntu1~24.04.1" }, "to_version": { "source_package_name": "fwupd", "source_package_version": "1.9.33-0ubuntu1~24.04.1ubuntu1", "version": "1.9.33-0ubuntu1~24.04.1ubuntu1" }, "cves": [], "launchpad_bugs_fixed": [ 2131001 ], "changes": [ { "cves": [], "log": [ "", " * New upstream version (1.9.31)", " - Add PS5512 usb firmware update (LP: #2131001)", "" ], "package": "fwupd", "version": "1.9.33-0ubuntu1~24.04.1ubuntu1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2131001 ], "author": "Mario Limonciello ", "date": "Sun, 30 Nov 2025 07:12:14 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-0t64:riscv64", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.80.0-6ubuntu3.6", "version": "2.80.0-6ubuntu3.6" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.80.0-6ubuntu3.7", "version": "2.80.0-6ubuntu3.7" }, "cves": [ { "cve": "CVE-2026-0988", "url": "https://ubuntu.com/security/CVE-2026-0988", "cve_description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "cve_priority": "medium", "cve_public_date": "2026-01-21 12:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-0988", "url": "https://ubuntu.com/security/CVE-2026-0988", "cve_description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "cve_priority": "medium", "cve_public_date": "2026-01-21 12:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Integer overflow in g_buffered_input_stream_peek()", " - debian/patches/CVE-2026-0988.patch: fix a potential integer overflow", " in peek() in gio/gbufferedinputstream.c,", " gio/tests/buffered-input-stream.c.", " - CVE-2026-0988", "" ], "package": "glib2.0", "version": "2.80.0-6ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 20 Jan 2026 08:08:27 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-bin", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.80.0-6ubuntu3.6", "version": "2.80.0-6ubuntu3.6" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.80.0-6ubuntu3.7", "version": "2.80.0-6ubuntu3.7" }, "cves": [ { "cve": "CVE-2026-0988", "url": "https://ubuntu.com/security/CVE-2026-0988", "cve_description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "cve_priority": "medium", "cve_public_date": "2026-01-21 12:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-0988", "url": "https://ubuntu.com/security/CVE-2026-0988", "cve_description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "cve_priority": "medium", "cve_public_date": "2026-01-21 12:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Integer overflow in g_buffered_input_stream_peek()", " - debian/patches/CVE-2026-0988.patch: fix a potential integer overflow", " in peek() in gio/gbufferedinputstream.c,", " gio/tests/buffered-input-stream.c.", " - CVE-2026-0988", "" ], "package": "glib2.0", "version": "2.80.0-6ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 20 Jan 2026 08:08:27 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libglib2.0-data", "from_version": { "source_package_name": "glib2.0", "source_package_version": "2.80.0-6ubuntu3.6", "version": "2.80.0-6ubuntu3.6" }, "to_version": { "source_package_name": "glib2.0", "source_package_version": "2.80.0-6ubuntu3.7", "version": "2.80.0-6ubuntu3.7" }, "cves": [ { "cve": "CVE-2026-0988", "url": "https://ubuntu.com/security/CVE-2026-0988", "cve_description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "cve_priority": "medium", "cve_public_date": "2026-01-21 12:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-0988", "url": "https://ubuntu.com/security/CVE-2026-0988", "cve_description": "A flaw was found in glib. Missing validation of offset and count parameters in the g_buffered_input_stream_peek() function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy(), triggering a buffer overflow. This can cause application crashes, leading to a Denial of Service (DoS).", "cve_priority": "medium", "cve_public_date": "2026-01-21 12:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Integer overflow in g_buffered_input_stream_peek()", " - debian/patches/CVE-2026-0988.patch: fix a potential integer overflow", " in peek() in gio/gbufferedinputstream.c,", " gio/tests/buffered-input-stream.c.", " - CVE-2026-0988", "" ], "package": "glib2.0", "version": "2.80.0-6ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 20 Jan 2026 08:08:27 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libheif-plugin-aomdec:riscv64", "from_version": { "source_package_name": "libheif", "source_package_version": "1.17.6-1ubuntu4.1", "version": "1.17.6-1ubuntu4.1" }, "to_version": { "source_package_name": "libheif", "source_package_version": "1.17.6-1ubuntu4.2", "version": "1.17.6-1ubuntu4.2" }, "cves": [ { "cve": "CVE-2024-25269", "url": "https://ubuntu.com/security/CVE-2024-25269", "cve_description": "libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.", "cve_priority": "negligible", "cve_public_date": "2024-03-05 01:15:00 UTC" }, { "cve": "CVE-2025-68431", "url": "https://ubuntu.com/security/CVE-2025-68431", "cve_description": "libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.", "cve_priority": "medium", "cve_public_date": "2025-12-29 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-25269", "url": "https://ubuntu.com/security/CVE-2024-25269", "cve_description": "libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.", "cve_priority": "negligible", "cve_public_date": "2024-03-05 01:15:00 UTC" }, { "cve": "CVE-2025-68431", "url": "https://ubuntu.com/security/CVE-2025-68431", "cve_description": "libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.", "cve_priority": "medium", "cve_public_date": "2025-12-29 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Denial of Service", " - debian/patches/CVE-2024-25269.patch: Fix memory leaks in function", " JpegEncoder::Encode", " - CVE-2024-25269", " * SECURITY UPDATE: Buffer Overflow", " - debian/patches/CVE-2025-68431.patch: Fix wrong copy width in", " overlay images, thanks to Aldo Ristori", " - CVE-2025-68431", "" ], "package": "libheif", "version": "1.17.6-1ubuntu4.2", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Bruce Cable ", "date": "Wed, 07 Jan 2026 17:41:16 +1100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libheif-plugin-aomenc:riscv64", "from_version": { "source_package_name": "libheif", "source_package_version": "1.17.6-1ubuntu4.1", "version": "1.17.6-1ubuntu4.1" }, "to_version": { "source_package_name": "libheif", "source_package_version": "1.17.6-1ubuntu4.2", "version": "1.17.6-1ubuntu4.2" }, "cves": [ { "cve": "CVE-2024-25269", "url": "https://ubuntu.com/security/CVE-2024-25269", "cve_description": "libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.", "cve_priority": "negligible", "cve_public_date": "2024-03-05 01:15:00 UTC" }, { "cve": "CVE-2025-68431", "url": "https://ubuntu.com/security/CVE-2025-68431", "cve_description": "libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.", "cve_priority": "medium", "cve_public_date": "2025-12-29 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-25269", "url": "https://ubuntu.com/security/CVE-2024-25269", "cve_description": "libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.", "cve_priority": "negligible", "cve_public_date": "2024-03-05 01:15:00 UTC" }, { "cve": "CVE-2025-68431", "url": "https://ubuntu.com/security/CVE-2025-68431", "cve_description": "libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.", "cve_priority": "medium", "cve_public_date": "2025-12-29 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Denial of Service", " - debian/patches/CVE-2024-25269.patch: Fix memory leaks in function", " JpegEncoder::Encode", " - CVE-2024-25269", " * SECURITY UPDATE: Buffer Overflow", " - debian/patches/CVE-2025-68431.patch: Fix wrong copy width in", " overlay images, thanks to Aldo Ristori", " - CVE-2025-68431", "" ], "package": "libheif", "version": "1.17.6-1ubuntu4.2", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Bruce Cable ", "date": "Wed, 07 Jan 2026 17:41:16 +1100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libheif-plugin-libde265:riscv64", "from_version": { "source_package_name": "libheif", "source_package_version": "1.17.6-1ubuntu4.1", "version": "1.17.6-1ubuntu4.1" }, "to_version": { "source_package_name": "libheif", "source_package_version": "1.17.6-1ubuntu4.2", "version": "1.17.6-1ubuntu4.2" }, "cves": [ { "cve": "CVE-2024-25269", "url": "https://ubuntu.com/security/CVE-2024-25269", "cve_description": "libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.", "cve_priority": "negligible", "cve_public_date": "2024-03-05 01:15:00 UTC" }, { "cve": "CVE-2025-68431", "url": "https://ubuntu.com/security/CVE-2025-68431", "cve_description": "libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.", "cve_priority": "medium", "cve_public_date": "2025-12-29 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-25269", "url": "https://ubuntu.com/security/CVE-2024-25269", "cve_description": "libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.", "cve_priority": "negligible", "cve_public_date": "2024-03-05 01:15:00 UTC" }, { "cve": "CVE-2025-68431", "url": "https://ubuntu.com/security/CVE-2025-68431", "cve_description": "libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.", "cve_priority": "medium", "cve_public_date": "2025-12-29 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Denial of Service", " - debian/patches/CVE-2024-25269.patch: Fix memory leaks in function", " JpegEncoder::Encode", " - CVE-2024-25269", " * SECURITY UPDATE: Buffer Overflow", " - debian/patches/CVE-2025-68431.patch: Fix wrong copy width in", " overlay images, thanks to Aldo Ristori", " - CVE-2025-68431", "" ], "package": "libheif", "version": "1.17.6-1ubuntu4.2", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Bruce Cable ", "date": "Wed, 07 Jan 2026 17:41:16 +1100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libheif1:riscv64", "from_version": { "source_package_name": "libheif", "source_package_version": "1.17.6-1ubuntu4.1", "version": "1.17.6-1ubuntu4.1" }, "to_version": { "source_package_name": "libheif", "source_package_version": "1.17.6-1ubuntu4.2", "version": "1.17.6-1ubuntu4.2" }, "cves": [ { "cve": "CVE-2024-25269", "url": "https://ubuntu.com/security/CVE-2024-25269", "cve_description": "libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.", "cve_priority": "negligible", "cve_public_date": "2024-03-05 01:15:00 UTC" }, { "cve": "CVE-2025-68431", "url": "https://ubuntu.com/security/CVE-2025-68431", "cve_description": "libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.", "cve_priority": "medium", "cve_public_date": "2025-12-29 19:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2024-25269", "url": "https://ubuntu.com/security/CVE-2024-25269", "cve_description": "libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.", "cve_priority": "negligible", "cve_public_date": "2024-03-05 01:15:00 UTC" }, { "cve": "CVE-2025-68431", "url": "https://ubuntu.com/security/CVE-2025-68431", "cve_description": "libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in `HeifPixelImage::overlay()`. The function computes a negative row length (likely from an unclipped overlay rectangle or invalid offsets), which then underflows when converted to `size_t` and is passed to `memcpy`, causing a very large read past the end of the source plane and a crash. Version 1.21.0 contains a patch. As a workaround, avoid decoding images using `iovl` overlay boxes.", "cve_priority": "medium", "cve_public_date": "2025-12-29 19:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Denial of Service", " - debian/patches/CVE-2024-25269.patch: Fix memory leaks in function", " JpegEncoder::Encode", " - CVE-2024-25269", " * SECURITY UPDATE: Buffer Overflow", " - debian/patches/CVE-2025-68431.patch: Fix wrong copy width in", " overlay images, thanks to Aldo Ristori", " - CVE-2025-68431", "" ], "package": "libheif", "version": "1.17.6-1ubuntu4.2", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Bruce Cable ", "date": "Wed, 07 Jan 2026 17:41:16 +1100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libklibc:riscv64", "from_version": { "source_package_name": "klibc", "source_package_version": "2.0.13-4ubuntu0.1", "version": "2.0.13-4ubuntu0.1" }, "to_version": { "source_package_name": "klibc", "source_package_version": "2.0.13-4ubuntu0.2", "version": "2.0.13-4ubuntu0.2" }, "cves": [ { "cve": "CVE-2016-9843", "url": "https://ubuntu.com/security/CVE-2016-9843", "cve_description": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2016-9843", "url": "https://ubuntu.com/security/CVE-2016-9843", "cve_description": "The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.", "cve_priority": "low", "cve_public_date": "2017-05-23 04:29:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Undefined Behavior", " - debian/patches/CVE-2016-9843.patch: Avoid pre-decrement of pointer", " in big-endian CRC calculation.", " - CVE-2016-9843", "" ], "package": "klibc", "version": "2.0.13-4ubuntu0.2", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Bruce Cable ", "date": "Mon, 12 Jan 2026 13:55:06 +1100" } ], "notes": null, "is_version_downgrade": false }, { "name": "libnuma1:riscv64", "from_version": { "source_package_name": "numactl", "source_package_version": "2.0.18-1build1", "version": "2.0.18-1build1" }, "to_version": { "source_package_name": "numactl", "source_package_version": "2.0.18-1ubuntu0.24.04.1", "version": "2.0.18-1ubuntu0.24.04.1" }, "cves": [], "launchpad_bugs_fixed": [ 2136104 ], "changes": [ { "cves": [], "log": [ "", " * d/p/fix-stray-errno.patch: save and restore errno when probing for", " SET_PREFERRED_MANY (LP: #2136104)", "" ], "package": "numactl", "version": "2.0.18-1ubuntu0.24.04.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2136104 ], "author": "Renan Rodrigo ", "date": "Fri, 09 Jan 2026 10:36:33 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpng16-16t64:riscv64", "from_version": { "source_package_name": "libpng1.6", "source_package_version": "1.6.43-5ubuntu0.1", "version": "1.6.43-5ubuntu0.1" }, "to_version": { "source_package_name": "libpng1.6", "source_package_version": "1.6.43-5ubuntu0.3", "version": "1.6.43-5ubuntu0.3" }, "cves": [ { "cve": "CVE-2025-66293", "url": "https://ubuntu.com/security/CVE-2025-66293", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management. Upgrade to libpng 1.6.52 or later.", "cve_priority": "medium", "cve_public_date": "2025-12-03 21:15:00 UTC" }, { "cve": "CVE-2026-22695", "url": "https://ubuntu.com/security/CVE-2026-22695", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlaced 16-bit PNGs with 8-bit output format and non-minimal row stride. This is a regression introduced by the fix for CVE-2025-65018. This vulnerability is fixed in 1.6.54.", "cve_priority": "medium", "cve_public_date": "2026-01-12 23:15:00 UTC" }, { "cve": "CVE-2026-22801", "url": "https://ubuntu.com/security/CVE-2026-22801", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions png_write_image_16bit and png_write_image_8bit causes heap buffer over-read when the caller provides a negative row stride (for bottom-up image layouts) or a stride exceeding 65535 bytes. The bug was introduced in libpng 1.6.26 (October 2016) by casts added to silence compiler warnings on 16-bit systems. This vulnerability is fixed in 1.6.54.", "cve_priority": "medium", "cve_public_date": "2026-01-12 23:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-66293", "url": "https://ubuntu.com/security/CVE-2025-66293", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng's internal state management. Upgrade to libpng 1.6.52 or later.", "cve_priority": "medium", "cve_public_date": "2025-12-03 21:15:00 UTC" }, { "cve": "CVE-2026-22695", "url": "https://ubuntu.com/security/CVE-2026-22695", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API function png_image_finish_read when processing interlaced 16-bit PNGs with 8-bit output format and non-minimal row stride. This is a regression introduced by the fix for CVE-2025-65018. This vulnerability is fixed in 1.6.54.", "cve_priority": "medium", "cve_public_date": "2026-01-12 23:15:00 UTC" }, { "cve": "CVE-2026-22801", "url": "https://ubuntu.com/security/CVE-2026-22801", "cve_description": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.26 to 1.6.53, there is an integer truncation in the libpng simplified write API functions png_write_image_16bit and png_write_image_8bit causes heap buffer over-read when the caller provides a negative row stride (for bottom-up image layouts) or a stride exceeding 65535 bytes. The bug was introduced in libpng 1.6.26 (October 2016) by casts added to silence compiler warnings on 16-bit systems. This vulnerability is fixed in 1.6.54.", "cve_priority": "medium", "cve_public_date": "2026-01-12 23:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: OOB in png_image_read_composite", " - debian/patches/CVE-2025-66293-1.patch: validate component size in", " pngread.c.", " - debian/patches/CVE-2025-66293-2.patch: improve fix in pngread.c.", " - CVE-2025-66293", " * SECURITY UPDATE: Heap buffer over-read in png_image_read_direct_scaled", " - debian/patches/CVE-2026-22695.patch: fix memcpy size in pngread.c.", " - CVE-2026-22695", " * SECURITY UPDATE: Integer truncation causing heap buffer over-read", " - debian/patches/CVE-2026-22801.patch: remove incorrect truncation", " casts in CMakeLists.txt, contrib/libtests/pngstest.c, pngwrite.c,", " tests/pngstest-large-stride.", " - CVE-2026-22801", "" ], "package": "libpng1.6", "version": "1.6.43-5ubuntu0.3", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Mon, 12 Jan 2026 13:14:03 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpython3.12-minimal:riscv64", "from_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.9", "version": "3.12.3-1ubuntu0.9" }, "to_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.10", "version": "3.12.3-1ubuntu0.10" }, "cves": [ { "cve": "CVE-2025-13836", "url": "https://ubuntu.com/security/CVE-2025-13836", "cve_description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "cve_priority": "medium", "cve_public_date": "2025-12-01 18:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-13836", "url": "https://ubuntu.com/security/CVE-2025-13836", "cve_description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "cve_priority": "medium", "cve_public_date": "2025-12-01 18:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: HTTP Content-Length denial of service", " - debian/patches/CVE-2025-13836.patch: Read large data in chunks with", " geometric reads in Lib/http/client.py and add tests in ", " Lib/test/test_httplib.py", " - CVE-2025-13836", "" ], "package": "python3.12", "version": "3.12.3-1ubuntu0.10", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Vyom Yadav ", "date": "Thu, 08 Jan 2026 17:00:50 +0530" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpython3.12-stdlib:riscv64", "from_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.9", "version": "3.12.3-1ubuntu0.9" }, "to_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.10", "version": "3.12.3-1ubuntu0.10" }, "cves": [ { "cve": "CVE-2025-13836", "url": "https://ubuntu.com/security/CVE-2025-13836", "cve_description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "cve_priority": "medium", "cve_public_date": "2025-12-01 18:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-13836", "url": "https://ubuntu.com/security/CVE-2025-13836", "cve_description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "cve_priority": "medium", "cve_public_date": "2025-12-01 18:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: HTTP Content-Length denial of service", " - debian/patches/CVE-2025-13836.patch: Read large data in chunks with", " geometric reads in Lib/http/client.py and add tests in ", " Lib/test/test_httplib.py", " - CVE-2025-13836", "" ], "package": "python3.12", "version": "3.12.3-1ubuntu0.10", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Vyom Yadav ", "date": "Thu, 08 Jan 2026 17:00:50 +0530" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpython3.12t64:riscv64", "from_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.9", "version": "3.12.3-1ubuntu0.9" }, "to_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.10", "version": "3.12.3-1ubuntu0.10" }, "cves": [ { "cve": "CVE-2025-13836", "url": "https://ubuntu.com/security/CVE-2025-13836", "cve_description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "cve_priority": "medium", "cve_public_date": "2025-12-01 18:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-13836", "url": "https://ubuntu.com/security/CVE-2025-13836", "cve_description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "cve_priority": "medium", "cve_public_date": "2025-12-01 18:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: HTTP Content-Length denial of service", " - debian/patches/CVE-2025-13836.patch: Read large data in chunks with", " geometric reads in Lib/http/client.py and add tests in ", " Lib/test/test_httplib.py", " - CVE-2025-13836", "" ], "package": "python3.12", "version": "3.12.3-1ubuntu0.10", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Vyom Yadav ", "date": "Thu, 08 Jan 2026 17:00:50 +0530" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsodium23:riscv64", "from_version": { "source_package_name": "libsodium", "source_package_version": "1.0.18-1build3", "version": "1.0.18-1build3" }, "to_version": { "source_package_name": "libsodium", "source_package_version": "1.0.18-1ubuntu0.24.04.1", "version": "1.0.18-1ubuntu0.24.04.1" }, "cves": [ { "cve": "CVE-2025-69277", "url": "https://ubuntu.com/security/CVE-2025-69277", "cve_description": "libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group.", "cve_priority": "medium", "cve_public_date": "2025-12-31 06:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-69277", "url": "https://ubuntu.com/security/CVE-2025-69277", "cve_description": "libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group.", "cve_priority": "medium", "cve_public_date": "2025-12-31 06:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: mishandled check in crypto_core_ed25519_is_valid_point", " - debian/patches/CVE-2025-69277.patch: check Y==Z in addition to X==0", " in src/libsodium/crypto_core/ed25519/ref10/ed25519_ref10.c,", " test/default/core_ed25519.c.", " - CVE-2025-69277", "" ], "package": "libsodium", "version": "1.0.18-1ubuntu0.24.04.1", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 06 Jan 2026 11:06:40 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libssl3t64:riscv64", "from_version": { "source_package_name": "openssl", "source_package_version": "3.0.13-0ubuntu3.6", "version": "3.0.13-0ubuntu3.6" }, "to_version": { "source_package_name": "openssl", "source_package_version": "3.0.13-0ubuntu3.7", "version": "3.0.13-0ubuntu3.7" }, "cves": [ { "cve": "CVE-2025-15467", "url": "https://ubuntu.com/security/CVE-2025-15467", "cve_description": "Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.", "cve_priority": "medium", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-68160", "url": "https://ubuntu.com/security/CVE-2025-68160", "cve_description": "Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading to Denial of Service for an application. The line-buffering BIO filter (BIO_f_linebuffer) is not used by default in TLS/SSL data paths. In OpenSSL command-line applications, it is typically only pushed onto stdout/stderr on VMS systems. Third-party applications that explicitly use this filter with a BIO chain that can short-write and that write large, newline-free data influenced by an attacker would be affected. However, the circumstances where this could happen are unlikely to be under attacker control, and BIO_f_linebuffer is unlikely to be handling non-curated data controlled by an attacker. For that reason the issue was assessed as Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the BIO implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69418", "url": "https://ubuntu.com/security/CVE-2025-69418", "cve_description": "Issue summary: When using the low-level OCB API directly with AES-NI or
other hardware-accelerated code paths, inputs whose length is not a multiple
of 16 bytes can leave the final partial block unencrypted and unauthenticated.

Impact summary: The trailing 1-15 bytes of a message may be exposed in
cleartext on encryption and are not covered by the authentication tag,
allowing an attacker to read or tamper with those bytes without detection.

The low-level OCB encrypt and decrypt routines in the hardware-accelerated
stream path process full 16-byte blocks but do not advance the input/output
pointers. The subsequent tail-handling code then operates on the original
base pointers, effectively reprocessing the beginning of the buffer while
leaving the actual trailing bytes unprocessed. The authentication checksum
also excludes the true tail bytes.

However, typical OpenSSL consumers using EVP are not affected because the
higher-level EVP and provider OCB implementations split inputs so that full
blocks and trailing partial blocks are processed in separate calls, avoiding
the problematic code path. Additionally, TLS does not use OCB ciphersuites.
The vulnerability only affects applications that call the low-level
CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with
non-block-aligned lengths in a single call on hardware-accelerated builds.
For these reasons the issue was assessed as Low severity.

The FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected
by this issue, as OCB mode is not a FIPS-approved algorithm.

OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.

OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69419", "url": "https://ubuntu.com/security/CVE-2025-69419", "cve_description": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service. The OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12 BMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes, the helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16 source byte count as the destination buffer capacity to UTF8_putc(). For BMP code points above U+07FF, UTF-8 requires three bytes, but the forwarded capacity can be just two bytes. UTF8_putc() then returns -1, and this negative value is added to the output length without validation, causing the length to become negative. The subsequent trailing NUL byte is then written at a negative offset, causing write outside of heap allocated buffer. The vulnerability is reachable via the public PKCS12_get_friendlyname() API when parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a different code path that avoids this issue, PKCS12_get_friendlyname() directly invokes the vulnerable function. Exploitation requires an attacker to provide a malicious PKCS#12 file to be parsed by the application and the attacker can just trigger a one zero byte write before the allocated buffer. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69420", "url": "https://ubuntu.com/security/CVE-2025-69420", "cve_description": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An application calling TS_RESP_verify_response() with a malformed TimeStamp Response can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2() access the signing cert attribute value without validating its type. When the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed TimeStamp Response to an application that verifies timestamp responses. The TimeStamp protocol (RFC 3161) is not widely used and the impact of the exploit is just a Denial of Service. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the TimeStamp Response implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69421", "url": "https://ubuntu.com/security/CVE-2025-69421", "cve_description": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS#12 files. The PKCS12_item_decrypt_d2i_ex() function does not check whether the oct parameter is NULL before dereferencing it. When called from PKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can be NULL, causing a crash. The vulnerability is limited to Denial of Service and cannot be escalated to achieve code execution or memory disclosure. Exploiting this issue requires an attacker to provide a malformed PKCS#12 file to an application that processes it. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2026-2279", "url": "https://ubuntu.com/security/CVE-2026-2279", "cve_description": "", "cve_priority": "n/a", "cve_public_date": "" }, { "cve": "CVE-2026-22795", "url": "https://ubuntu.com/security/CVE-2026-22795", "cve_description": "Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file. Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type confusion vulnerability exists in PKCS#12 parsing code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid pointer read. The location is constrained to a 1-byte address space, meaning any attempted pointer manipulation can only target addresses between 0x00 and 0xFF. This range corresponds to the zero page, which is unmapped on most modern operating systems and will reliably result in a crash, leading only to a Denial of Service. Exploiting this issue also requires a user or application to process a maliciously crafted PKCS#12 file. It is uncommon to accept untrusted PKCS#12 files in applications as they are usually used to store private keys which are trusted by definition. For these reasons, the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2026-22796", "url": "https://ubuntu.com/security/CVE-2026-22796", "cve_description": "Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS#7 data. Impact summary: An application performing signature verification of PKCS#7 data or calling directly the PKCS7_digest_from_attributes() function can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The function PKCS7_digest_from_attributes() accesses the message digest attribute value without validating its type. When the type is not V_ASN1_OCTET_STRING, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed signed PKCS#7 to an application that verifies it. The impact of the exploit is just a Denial of Service, the PKCS7 API is legacy and applications should be using the CMS API instead. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#7 parsing implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-15467", "url": "https://ubuntu.com/security/CVE-2025-15467", "cve_description": "Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.", "cve_priority": "medium", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-68160", "url": "https://ubuntu.com/security/CVE-2025-68160", "cve_description": "Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading to Denial of Service for an application. The line-buffering BIO filter (BIO_f_linebuffer) is not used by default in TLS/SSL data paths. In OpenSSL command-line applications, it is typically only pushed onto stdout/stderr on VMS systems. Third-party applications that explicitly use this filter with a BIO chain that can short-write and that write large, newline-free data influenced by an attacker would be affected. However, the circumstances where this could happen are unlikely to be under attacker control, and BIO_f_linebuffer is unlikely to be handling non-curated data controlled by an attacker. For that reason the issue was assessed as Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the BIO implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69418", "url": "https://ubuntu.com/security/CVE-2025-69418", "cve_description": "Issue summary: When using the low-level OCB API directly with AES-NI or
other hardware-accelerated code paths, inputs whose length is not a multiple
of 16 bytes can leave the final partial block unencrypted and unauthenticated.

Impact summary: The trailing 1-15 bytes of a message may be exposed in
cleartext on encryption and are not covered by the authentication tag,
allowing an attacker to read or tamper with those bytes without detection.

The low-level OCB encrypt and decrypt routines in the hardware-accelerated
stream path process full 16-byte blocks but do not advance the input/output
pointers. The subsequent tail-handling code then operates on the original
base pointers, effectively reprocessing the beginning of the buffer while
leaving the actual trailing bytes unprocessed. The authentication checksum
also excludes the true tail bytes.

However, typical OpenSSL consumers using EVP are not affected because the
higher-level EVP and provider OCB implementations split inputs so that full
blocks and trailing partial blocks are processed in separate calls, avoiding
the problematic code path. Additionally, TLS does not use OCB ciphersuites.
The vulnerability only affects applications that call the low-level
CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with
non-block-aligned lengths in a single call on hardware-accelerated builds.
For these reasons the issue was assessed as Low severity.

The FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected
by this issue, as OCB mode is not a FIPS-approved algorithm.

OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.

OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69419", "url": "https://ubuntu.com/security/CVE-2025-69419", "cve_description": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service. The OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12 BMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes, the helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16 source byte count as the destination buffer capacity to UTF8_putc(). For BMP code points above U+07FF, UTF-8 requires three bytes, but the forwarded capacity can be just two bytes. UTF8_putc() then returns -1, and this negative value is added to the output length without validation, causing the length to become negative. The subsequent trailing NUL byte is then written at a negative offset, causing write outside of heap allocated buffer. The vulnerability is reachable via the public PKCS12_get_friendlyname() API when parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a different code path that avoids this issue, PKCS12_get_friendlyname() directly invokes the vulnerable function. Exploitation requires an attacker to provide a malicious PKCS#12 file to be parsed by the application and the attacker can just trigger a one zero byte write before the allocated buffer. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69420", "url": "https://ubuntu.com/security/CVE-2025-69420", "cve_description": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An application calling TS_RESP_verify_response() with a malformed TimeStamp Response can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2() access the signing cert attribute value without validating its type. When the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed TimeStamp Response to an application that verifies timestamp responses. The TimeStamp protocol (RFC 3161) is not widely used and the impact of the exploit is just a Denial of Service. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the TimeStamp Response implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69421", "url": "https://ubuntu.com/security/CVE-2025-69421", "cve_description": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS#12 files. The PKCS12_item_decrypt_d2i_ex() function does not check whether the oct parameter is NULL before dereferencing it. When called from PKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can be NULL, causing a crash. The vulnerability is limited to Denial of Service and cannot be escalated to achieve code execution or memory disclosure. Exploiting this issue requires an attacker to provide a malformed PKCS#12 file to an application that processes it. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2026-2279", "url": "https://ubuntu.com/security/CVE-2026-2279", "cve_description": "", "cve_priority": "n/a", "cve_public_date": "" }, { "cve": "CVE-2026-22795", "url": "https://ubuntu.com/security/CVE-2026-22795", "cve_description": "Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file. Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type confusion vulnerability exists in PKCS#12 parsing code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid pointer read. The location is constrained to a 1-byte address space, meaning any attempted pointer manipulation can only target addresses between 0x00 and 0xFF. This range corresponds to the zero page, which is unmapped on most modern operating systems and will reliably result in a crash, leading only to a Denial of Service. Exploiting this issue also requires a user or application to process a maliciously crafted PKCS#12 file. It is uncommon to accept untrusted PKCS#12 files in applications as they are usually used to store private keys which are trusted by definition. For these reasons, the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2026-22796", "url": "https://ubuntu.com/security/CVE-2026-22796", "cve_description": "Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS#7 data. Impact summary: An application performing signature verification of PKCS#7 data or calling directly the PKCS7_digest_from_attributes() function can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The function PKCS7_digest_from_attributes() accesses the message digest attribute value without validating its type. When the type is not V_ASN1_OCTET_STRING, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed signed PKCS#7 to an application that verifies it. The impact of the exploit is just a Denial of Service, the PKCS7 API is legacy and applications should be using the CMS API instead. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#7 parsing implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Stack buffer overflow in CMS AuthEnvelopedData parsing", " - debian/patches/CVE-2025-15467-1.patch: correct handling of", " AEAD-encrypted CMS with inadmissibly long IV in crypto/evp/evp_lib.c.", " - debian/patches/CVE-2025-15467-2.patch: some comments to clarify", " functions usage in crypto/asn1/evp_asn1.c.", " - debian/patches/CVE-2025-15467-3.patch: test for handling of", " AEAD-encrypted CMS with inadmissibly long IV in test/cmsapitest.c,", " test/recipes/80-test_cmsapi.t,", " test/recipes/80-test_cmsapi_data/encDataWithTooLongIV.pem.", " - CVE-2025-15467", " * SECURITY UPDATE: Heap out-of-bounds write in BIO_f_linebuffer on short", " writes", " - debian/patches/CVE-2025-68160.patch: fix heap buffer overflow in", " BIO_f_linebuffer in crypto/bio/bf_lbuf.c.", " - CVE-2025-68160", " * SECURITY UPDATE: Unauthenticated/unencrypted trailing bytes with", " low-level OCB function calls", " - debian/patches/CVE-2025-69418.patch: fix OCB AES-NI/HW stream path", " unauthenticated/unencrypted trailing bytes in crypto/modes/ocb128.c.", " - CVE-2025-69418", " * SECURITY UPDATE: Out of bounds write in PKCS12_get_friendlyname() UTF-8", " conversion", " - debian/patches/CVE-2025-69419.patch: check return code of UTF8_putc", " in crypto/asn1/a_strex.c, crypto/pkcs12/p12_utl.c.", " - CVE-2025-69419", " * SECURITY UPDATE: Missing ASN1_TYPE validation in", " TS_RESP_verify_response() function", " - debian/patches/CVE-2025-69420.patch: verify ASN1 object's types", " before attempting to access them as a particular type in", " crypto/ts/ts_rsp_verify.c.", " - CVE-2025-69420", " * SECURITY UPDATE: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex", " - debian/patches/CVE-2025-69421.patch: add NULL check in", " crypto/pkcs12/p12_decr.c.", " - CVE-2025-69421", " * SECURITY UPDATE: ASN1_TYPE missing validation and type confusion", " - debian/patches/CVE-2026-2279x.patch: ensure ASN1 types are checked", " before use in apps/s_client.c, crypto/pkcs12/p12_kiss.c,", " crypto/pkcs7/pk7_doit.c.", " - CVE-2026-22795", " - CVE-2026-22796", "" ], "package": "openssl", "version": "3.0.13-0ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Mon, 26 Jan 2026 07:31:31 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtasn1-6:riscv64", "from_version": { "source_package_name": "libtasn1-6", "source_package_version": "4.19.0-3ubuntu0.24.04.1", "version": "4.19.0-3ubuntu0.24.04.1" }, "to_version": { "source_package_name": "libtasn1-6", "source_package_version": "4.19.0-3ubuntu0.24.04.2", "version": "4.19.0-3ubuntu0.24.04.2" }, "cves": [ { "cve": "CVE-2025-13151", "url": "https://ubuntu.com/security/CVE-2025-13151", "cve_description": "Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.", "cve_priority": "medium", "cve_public_date": "2026-01-07 22:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-13151", "url": "https://ubuntu.com/security/CVE-2025-13151", "cve_description": "Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a buffer overflow in asn1_expend_octet_string.", "cve_priority": "medium", "cve_public_date": "2026-01-07 22:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Stack-based buffer overflow", " - debian/patches/CVE-2025-13151.patch: fix asn1_expand_octet_string", " buffer size in lib/decoding.c.", " - CVE-2025-13151", "" ], "package": "libtasn1-6", "version": "4.19.0-3ubuntu0.24.04.2", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Thu, 08 Jan 2026 12:24:41 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libxml2:riscv64", "from_version": { "source_package_name": "libxml2", "source_package_version": "2.9.14+dfsg-1.3ubuntu3.6", "version": "2.9.14+dfsg-1.3ubuntu3.6" }, "to_version": { "source_package_name": "libxml2", "source_package_version": "2.9.14+dfsg-1.3ubuntu3.7", "version": "2.9.14+dfsg-1.3ubuntu3.7" }, "cves": [ { "cve": "CVE-2025-8732", "url": "https://ubuntu.com/security/CVE-2025-8732", "cve_description": "A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that \"[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all.\"", "cve_priority": "low", "cve_public_date": "2025-08-08 17:15:00 UTC" }, { "cve": "CVE-2026-0989", "url": "https://ubuntu.com/security/CVE-2026-0989", "cve_description": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.", "cve_priority": "medium", "cve_public_date": "2026-01-15 15:15:00 UTC" }, { "cve": "CVE-2026-0990", "url": "https://ubuntu.com/security/CVE-2026-0990", "cve_description": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.", "cve_priority": "medium", "cve_public_date": "2026-01-15 15:15:00 UTC" }, { "cve": "CVE-2026-0992", "url": "https://ubuntu.com/security/CVE-2026-0992", "cve_description": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.", "cve_priority": "medium", "cve_public_date": "2026-01-15 15:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-8732", "url": "https://ubuntu.com/security/CVE-2025-8732", "cve_description": "A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that \"[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all.\"", "cve_priority": "low", "cve_public_date": "2025-08-08 17:15:00 UTC" }, { "cve": "CVE-2026-0989", "url": "https://ubuntu.com/security/CVE-2026-0989", "cve_description": "A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may lead to stack exhaustion and application crashes, creating a denial-of-service risk.", "cve_priority": "medium", "cve_public_date": "2026-01-15 15:15:00 UTC" }, { "cve": "CVE-2026-0990", "url": "https://ubuntu.com/security/CVE-2026-0990", "cve_description": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.", "cve_priority": "medium", "cve_public_date": "2026-01-15 15:15:00 UTC" }, { "cve": "CVE-2026-0992", "url": "https://ubuntu.com/security/CVE-2026-0992", "cve_description": "A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU consumption and degrades application availability, resulting in a denial-of-service condition.", "cve_priority": "medium", "cve_public_date": "2026-01-15 15:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Infinite recursion with SGML catalogs.", " - debian/patches/CVE-2025-8732.patch: Add catalog depth and checks in", " catalog.c. Add test files in result/catalogs/recursive and", " test/catalogs/recursive.sgml.", " - CVE-2025-8732", " * SECURITY UPDATE: Infinite recursion when resolving include directives in", " RelaxNG parser.", " - debian/patches/CVE-2026-0989.patch: Add xmlRelaxParserSetIncLImit in", " include/libxml/relaxng.h. Add include limit and checks in relaxng.c. Add", " test and test files in runtest.c,", " test/relaxng/include/include-limit.rng,", " test/relaxng/include/include-limit_1.rng,", " test/relaxng/include/include-limit_2.rng, and", " test/relaxng/include/include-limit_3.rng.", " - debian/libxml2.symbols: Add new xmlRelaxParserSetIncLImit symbol.", " - CVE-2026-0989", " * SECURITY UPDATE: Infinite recursion in URI dereferencing.", " - debian/patches/CVE-2026-0990.patch: Add MAX_CATAL_DEPTH and other checks", " in catalog.c.", " - CVE-2026-0990", " * SECURITY UPDATE: Uncontrolled resource consumption in catalogs.", " - debian/patches/CVE-2026-0992.patch: Add catalog duplication checks in", " catalog.c.", " - CVE-2026-0992", "" ], "package": "libxml2", "version": "2.9.14+dfsg-1.3ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Hlib Korzhynskyy ", "date": "Wed, 21 Jan 2026 12:24:26 -0330" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-libc-dev:riscv64", "from_version": { "source_package_name": "linux", "source_package_version": "6.8.0-90.91", "version": "6.8.0-90.91" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.8.0-94.96", "version": "6.8.0-94.96" }, "cves": [ { "cve": "CVE-2025-40019", "url": "https://ubuntu.com/security/CVE-2025-40019", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" }, { "cve": "CVE-2025-38561", "url": "https://ubuntu.com/security/CVE-2025-38561", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.", "cve_priority": "high", "cve_public_date": "2025-08-19 17:15:00 UTC" }, { "cve": "CVE-2025-39698", "url": "https://ubuntu.com/security/CVE-2025-39698", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: io_uring/futex: ensure io_futex_wait() cleans up properly on failure The io_futex_data is allocated upfront and assigned to the io_kiocb async_data field, but the request isn't marked with REQ_F_ASYNC_DATA at that point. Those two should always go together, as the flag tells io_uring whether the field is valid or not. Additionally, on failure cleanup, the futex handler frees the data but does not clear ->async_data. Clear the data and the flag in the error path as well. Thanks to Trend Micro Zero Day Initiative and particularly ReDress for reporting this.", "cve_priority": "high", "cve_public_date": "2025-09-05 18:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2138092 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40019", "url": "https://ubuntu.com/security/CVE-2025-40019", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" }, { "cve": "CVE-2025-38561", "url": "https://ubuntu.com/security/CVE-2025-38561", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.", "cve_priority": "high", "cve_public_date": "2025-08-19 17:15:00 UTC" }, { "cve": "CVE-2025-39698", "url": "https://ubuntu.com/security/CVE-2025-39698", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: io_uring/futex: ensure io_futex_wait() cleans up properly on failure The io_futex_data is allocated upfront and assigned to the io_kiocb async_data field, but the request isn't marked with REQ_F_ASYNC_DATA at that point. Those two should always go together, as the flag tells io_uring whether the field is valid or not. Additionally, on failure cleanup, the futex handler frees the data but does not clear ->async_data. Clear the data and the flag in the error path as well. Thanks to Trend Micro Zero Day Initiative and particularly ReDress for reporting this.", "cve_priority": "high", "cve_public_date": "2025-09-05 18:15:00 UTC" } ], "log": [ "", " * noble/linux: 6.8.0-94.96 -proposed tracker (LP: #2138092)", "", " * CVE-2025-40019", " - crypto: essiv - Check ssize for decryption and in-place encryption", "", " * CVE-2025-38561", " - ksmbd: fix Preauh_HashValue race condition", "", " * CVE-2025-39698", " - io_uring/futex: ensure io_futex_wait() cleans up properly on failure", "" ], "package": "linux", "version": "6.8.0-94.96", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2138092 ], "author": "Manuel Diewald ", "date": "Fri, 09 Jan 2026 17:07:51 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-tools-common", "from_version": { "source_package_name": "linux", "source_package_version": "6.8.0-90.91", "version": "6.8.0-90.91" }, "to_version": { "source_package_name": "linux", "source_package_version": "6.8.0-94.96", "version": "6.8.0-94.96" }, "cves": [ { "cve": "CVE-2025-40019", "url": "https://ubuntu.com/security/CVE-2025-40019", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" }, { "cve": "CVE-2025-38561", "url": "https://ubuntu.com/security/CVE-2025-38561", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.", "cve_priority": "high", "cve_public_date": "2025-08-19 17:15:00 UTC" }, { "cve": "CVE-2025-39698", "url": "https://ubuntu.com/security/CVE-2025-39698", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: io_uring/futex: ensure io_futex_wait() cleans up properly on failure The io_futex_data is allocated upfront and assigned to the io_kiocb async_data field, but the request isn't marked with REQ_F_ASYNC_DATA at that point. Those two should always go together, as the flag tells io_uring whether the field is valid or not. Additionally, on failure cleanup, the futex handler frees the data but does not clear ->async_data. Clear the data and the flag in the error path as well. Thanks to Trend Micro Zero Day Initiative and particularly ReDress for reporting this.", "cve_priority": "high", "cve_public_date": "2025-09-05 18:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2138092 ], "changes": [ { "cves": [ { "cve": "CVE-2025-40019", "url": "https://ubuntu.com/security/CVE-2025-40019", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encryption.", "cve_priority": "medium", "cve_public_date": "2025-10-24 12:15:00 UTC" }, { "cve": "CVE-2025-38561", "url": "https://ubuntu.com/security/CVE-2025-38561", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Preauh_HashValue race condition If client send multiple session setup requests to ksmbd, Preauh_HashValue race condition could happen. There is no need to free sess->Preauh_HashValue at session setup phase. It can be freed together with session at connection termination phase.", "cve_priority": "high", "cve_public_date": "2025-08-19 17:15:00 UTC" }, { "cve": "CVE-2025-39698", "url": "https://ubuntu.com/security/CVE-2025-39698", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: io_uring/futex: ensure io_futex_wait() cleans up properly on failure The io_futex_data is allocated upfront and assigned to the io_kiocb async_data field, but the request isn't marked with REQ_F_ASYNC_DATA at that point. Those two should always go together, as the flag tells io_uring whether the field is valid or not. Additionally, on failure cleanup, the futex handler frees the data but does not clear ->async_data. Clear the data and the flag in the error path as well. Thanks to Trend Micro Zero Day Initiative and particularly ReDress for reporting this.", "cve_priority": "high", "cve_public_date": "2025-09-05 18:15:00 UTC" } ], "log": [ "", " * noble/linux: 6.8.0-94.96 -proposed tracker (LP: #2138092)", "", " * CVE-2025-40019", " - crypto: essiv - Check ssize for decryption and in-place encryption", "", " * CVE-2025-38561", " - ksmbd: fix Preauh_HashValue race condition", "", " * CVE-2025-39698", " - io_uring/futex: ensure io_futex_wait() cleans up properly on failure", "" ], "package": "linux", "version": "6.8.0-94.96", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2138092 ], "author": "Manuel Diewald ", "date": "Fri, 09 Jan 2026 17:07:51 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "multipath-tools", "from_version": { "source_package_name": "multipath-tools", "source_package_version": "0.9.4-5ubuntu8", "version": "0.9.4-5ubuntu8" }, "to_version": { "source_package_name": "multipath-tools", "source_package_version": "0.9.4-5ubuntu8.1", "version": "0.9.4-5ubuntu8.1" }, "cves": [], "launchpad_bugs_fixed": [ 2116901 ], "changes": [ { "cves": [], "log": [ "", " * d/p/0005-hpe-msa-gen7-support.patch: add support for HPE MSA gen7 arrays", " (LP: #2116901)", "" ], "package": "multipath-tools", "version": "0.9.4-5ubuntu8.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2116901 ], "author": "Jonas Jelten ", "date": "Tue, 22 Jul 2025 17:44:15 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "numactl", "from_version": { "source_package_name": "numactl", "source_package_version": "2.0.18-1build1", "version": "2.0.18-1build1" }, "to_version": { "source_package_name": "numactl", "source_package_version": "2.0.18-1ubuntu0.24.04.1", "version": "2.0.18-1ubuntu0.24.04.1" }, "cves": [], "launchpad_bugs_fixed": [ 2136104 ], "changes": [ { "cves": [], "log": [ "", " * d/p/fix-stray-errno.patch: save and restore errno when probing for", " SET_PREFERRED_MANY (LP: #2136104)", "" ], "package": "numactl", "version": "2.0.18-1ubuntu0.24.04.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2136104 ], "author": "Renan Rodrigo ", "date": "Fri, 09 Jan 2026 10:36:33 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssl", "from_version": { "source_package_name": "openssl", "source_package_version": "3.0.13-0ubuntu3.6", "version": "3.0.13-0ubuntu3.6" }, "to_version": { "source_package_name": "openssl", "source_package_version": "3.0.13-0ubuntu3.7", "version": "3.0.13-0ubuntu3.7" }, "cves": [ { "cve": "CVE-2025-15467", "url": "https://ubuntu.com/security/CVE-2025-15467", "cve_description": "Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.", "cve_priority": "medium", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-68160", "url": "https://ubuntu.com/security/CVE-2025-68160", "cve_description": "Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading to Denial of Service for an application. The line-buffering BIO filter (BIO_f_linebuffer) is not used by default in TLS/SSL data paths. In OpenSSL command-line applications, it is typically only pushed onto stdout/stderr on VMS systems. Third-party applications that explicitly use this filter with a BIO chain that can short-write and that write large, newline-free data influenced by an attacker would be affected. However, the circumstances where this could happen are unlikely to be under attacker control, and BIO_f_linebuffer is unlikely to be handling non-curated data controlled by an attacker. For that reason the issue was assessed as Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the BIO implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69418", "url": "https://ubuntu.com/security/CVE-2025-69418", "cve_description": "Issue summary: When using the low-level OCB API directly with AES-NI or
other hardware-accelerated code paths, inputs whose length is not a multiple
of 16 bytes can leave the final partial block unencrypted and unauthenticated.

Impact summary: The trailing 1-15 bytes of a message may be exposed in
cleartext on encryption and are not covered by the authentication tag,
allowing an attacker to read or tamper with those bytes without detection.

The low-level OCB encrypt and decrypt routines in the hardware-accelerated
stream path process full 16-byte blocks but do not advance the input/output
pointers. The subsequent tail-handling code then operates on the original
base pointers, effectively reprocessing the beginning of the buffer while
leaving the actual trailing bytes unprocessed. The authentication checksum
also excludes the true tail bytes.

However, typical OpenSSL consumers using EVP are not affected because the
higher-level EVP and provider OCB implementations split inputs so that full
blocks and trailing partial blocks are processed in separate calls, avoiding
the problematic code path. Additionally, TLS does not use OCB ciphersuites.
The vulnerability only affects applications that call the low-level
CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with
non-block-aligned lengths in a single call on hardware-accelerated builds.
For these reasons the issue was assessed as Low severity.

The FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected
by this issue, as OCB mode is not a FIPS-approved algorithm.

OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.

OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69419", "url": "https://ubuntu.com/security/CVE-2025-69419", "cve_description": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service. The OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12 BMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes, the helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16 source byte count as the destination buffer capacity to UTF8_putc(). For BMP code points above U+07FF, UTF-8 requires three bytes, but the forwarded capacity can be just two bytes. UTF8_putc() then returns -1, and this negative value is added to the output length without validation, causing the length to become negative. The subsequent trailing NUL byte is then written at a negative offset, causing write outside of heap allocated buffer. The vulnerability is reachable via the public PKCS12_get_friendlyname() API when parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a different code path that avoids this issue, PKCS12_get_friendlyname() directly invokes the vulnerable function. Exploitation requires an attacker to provide a malicious PKCS#12 file to be parsed by the application and the attacker can just trigger a one zero byte write before the allocated buffer. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69420", "url": "https://ubuntu.com/security/CVE-2025-69420", "cve_description": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An application calling TS_RESP_verify_response() with a malformed TimeStamp Response can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2() access the signing cert attribute value without validating its type. When the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed TimeStamp Response to an application that verifies timestamp responses. The TimeStamp protocol (RFC 3161) is not widely used and the impact of the exploit is just a Denial of Service. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the TimeStamp Response implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69421", "url": "https://ubuntu.com/security/CVE-2025-69421", "cve_description": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS#12 files. The PKCS12_item_decrypt_d2i_ex() function does not check whether the oct parameter is NULL before dereferencing it. When called from PKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can be NULL, causing a crash. The vulnerability is limited to Denial of Service and cannot be escalated to achieve code execution or memory disclosure. Exploiting this issue requires an attacker to provide a malformed PKCS#12 file to an application that processes it. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2026-2279", "url": "https://ubuntu.com/security/CVE-2026-2279", "cve_description": "", "cve_priority": "n/a", "cve_public_date": "" }, { "cve": "CVE-2026-22795", "url": "https://ubuntu.com/security/CVE-2026-22795", "cve_description": "Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file. Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type confusion vulnerability exists in PKCS#12 parsing code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid pointer read. The location is constrained to a 1-byte address space, meaning any attempted pointer manipulation can only target addresses between 0x00 and 0xFF. This range corresponds to the zero page, which is unmapped on most modern operating systems and will reliably result in a crash, leading only to a Denial of Service. Exploiting this issue also requires a user or application to process a maliciously crafted PKCS#12 file. It is uncommon to accept untrusted PKCS#12 files in applications as they are usually used to store private keys which are trusted by definition. For these reasons, the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2026-22796", "url": "https://ubuntu.com/security/CVE-2026-22796", "cve_description": "Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS#7 data. Impact summary: An application performing signature verification of PKCS#7 data or calling directly the PKCS7_digest_from_attributes() function can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The function PKCS7_digest_from_attributes() accesses the message digest attribute value without validating its type. When the type is not V_ASN1_OCTET_STRING, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed signed PKCS#7 to an application that verifies it. The impact of the exploit is just a Denial of Service, the PKCS7 API is legacy and applications should be using the CMS API instead. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#7 parsing implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-15467", "url": "https://ubuntu.com/security/CVE-2025-15467", "cve_description": "Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 parameters is copied into a fixed-size stack buffer without verifying that its length fits the destination. An attacker can supply a crafted CMS message with an oversized IV, causing a stack-based out-of-bounds write before any authentication or tag verification occurs. Applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers (e.g., S/MIME AuthEnvelopedData with AES-GCM) are vulnerable. Because the overflow occurs prior to authentication, no valid key material is required to trigger it. While exploitability to remote code execution depends on platform and toolchain mitigations, the stack-based write primitive represents a severe risk. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3 and 3.0 are vulnerable to this issue. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.", "cve_priority": "medium", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-68160", "url": "https://ubuntu.com/security/CVE-2025-68160", "cve_description": "Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short writes can trigger a heap-based out-of-bounds write. Impact summary: This out-of-bounds write can cause memory corruption which typically results in a crash, leading to Denial of Service for an application. The line-buffering BIO filter (BIO_f_linebuffer) is not used by default in TLS/SSL data paths. In OpenSSL command-line applications, it is typically only pushed onto stdout/stderr on VMS systems. Third-party applications that explicitly use this filter with a BIO chain that can short-write and that write large, newline-free data influenced by an attacker would be affected. However, the circumstances where this could happen are unlikely to be under attacker control, and BIO_f_linebuffer is unlikely to be handling non-curated data controlled by an attacker. For that reason the issue was assessed as Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the BIO implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69418", "url": "https://ubuntu.com/security/CVE-2025-69418", "cve_description": "Issue summary: When using the low-level OCB API directly with AES-NI or
other hardware-accelerated code paths, inputs whose length is not a multiple
of 16 bytes can leave the final partial block unencrypted and unauthenticated.

Impact summary: The trailing 1-15 bytes of a message may be exposed in
cleartext on encryption and are not covered by the authentication tag,
allowing an attacker to read or tamper with those bytes without detection.

The low-level OCB encrypt and decrypt routines in the hardware-accelerated
stream path process full 16-byte blocks but do not advance the input/output
pointers. The subsequent tail-handling code then operates on the original
base pointers, effectively reprocessing the beginning of the buffer while
leaving the actual trailing bytes unprocessed. The authentication checksum
also excludes the true tail bytes.

However, typical OpenSSL consumers using EVP are not affected because the
higher-level EVP and provider OCB implementations split inputs so that full
blocks and trailing partial blocks are processed in separate calls, avoiding
the problematic code path. Additionally, TLS does not use OCB ciphersuites.
The vulnerability only affects applications that call the low-level
CRYPTO_ocb128_encrypt() or CRYPTO_ocb128_decrypt() functions directly with
non-block-aligned lengths in a single call on hardware-accelerated builds.
For these reasons the issue was assessed as Low severity.

The FIPS modules in 3.6, 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected
by this issue, as OCB mode is not a FIPS-approved algorithm.

OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue.

OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69419", "url": "https://ubuntu.com/security/CVE-2025-69419", "cve_description": "Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file with a BMPString (UTF-16BE) friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service. The OPENSSL_uni2utf8() function performs a two-pass conversion of a PKCS#12 BMPString (UTF-16BE) to UTF-8. In the second pass, when emitting UTF-8 bytes, the helper function bmp_to_utf8() incorrectly forwards the remaining UTF-16 source byte count as the destination buffer capacity to UTF8_putc(). For BMP code points above U+07FF, UTF-8 requires three bytes, but the forwarded capacity can be just two bytes. UTF8_putc() then returns -1, and this negative value is added to the output length without validation, causing the length to become negative. The subsequent trailing NUL byte is then written at a negative offset, causing write outside of heap allocated buffer. The vulnerability is reachable via the public PKCS12_get_friendlyname() API when parsing attacker-controlled PKCS#12 files. While PKCS12_parse() uses a different code path that avoids this issue, PKCS12_get_friendlyname() directly invokes the vulnerable function. Exploitation requires an attacker to provide a malicious PKCS#12 file to be parsed by the application and the attacker can just trigger a one zero byte write before the allocated buffer. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69420", "url": "https://ubuntu.com/security/CVE-2025-69420", "cve_description": "Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An application calling TS_RESP_verify_response() with a malformed TimeStamp Response can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The functions ossl_ess_get_signing_cert() and ossl_ess_get_signing_cert_v2() access the signing cert attribute value without validating its type. When the type is not V_ASN1_SEQUENCE, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed TimeStamp Response to an application that verifies timestamp responses. The TimeStamp protocol (RFC 3161) is not widely used and the impact of the exploit is just a Denial of Service. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the TimeStamp Response implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2025-69421", "url": "https://ubuntu.com/security/CVE-2025-69421", "cve_description": "Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. Impact summary: A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS#12 files. The PKCS12_item_decrypt_d2i_ex() function does not check whether the oct parameter is NULL before dereferencing it. When called from PKCS12_unpack_p7encdata() with a malformed PKCS#12 file, this parameter can be NULL, causing a crash. The vulnerability is limited to Denial of Service and cannot be escalated to achieve code execution or memory disclosure. Exploiting this issue requires an attacker to provide a malformed PKCS#12 file to an application that processes it. For that reason the issue was assessed as Low severity according to our Security Policy. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2026-2279", "url": "https://ubuntu.com/security/CVE-2026-2279", "cve_description": "", "cve_priority": "n/a", "cve_public_date": "" }, { "cve": "CVE-2026-22795", "url": "https://ubuntu.com/security/CVE-2026-22795", "cve_description": "Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file. Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type confusion vulnerability exists in PKCS#12 parsing code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid pointer read. The location is constrained to a 1-byte address space, meaning any attempted pointer manipulation can only target addresses between 0x00 and 0xFF. This range corresponds to the zero page, which is unmapped on most modern operating systems and will reliably result in a crash, leading only to a Denial of Service. Exploiting this issue also requires a user or application to process a maliciously crafted PKCS#12 file. It is uncommon to accept untrusted PKCS#12 files in applications as they are usually used to store private keys which are trusted by definition. For these reasons, the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" }, { "cve": "CVE-2026-22796", "url": "https://ubuntu.com/security/CVE-2026-22796", "cve_description": "Issue summary: A type confusion vulnerability exists in the signature verification of signed PKCS#7 data where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing malformed PKCS#7 data. Impact summary: An application performing signature verification of PKCS#7 data or calling directly the PKCS7_digest_from_attributes() function can be caused to dereference an invalid or NULL pointer when reading, resulting in a Denial of Service. The function PKCS7_digest_from_attributes() accesses the message digest attribute value without validating its type. When the type is not V_ASN1_OCTET_STRING, this results in accessing invalid memory through the ASN1_TYPE union, causing a crash. Exploiting this vulnerability requires an attacker to provide a malformed signed PKCS#7 to an application that verifies it. The impact of the exploit is just a Denial of Service, the PKCS7 API is legacy and applications should be using the CMS API instead. For these reasons the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS#7 parsing implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue.", "cve_priority": "low", "cve_public_date": "2026-01-27 16:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Stack buffer overflow in CMS AuthEnvelopedData parsing", " - debian/patches/CVE-2025-15467-1.patch: correct handling of", " AEAD-encrypted CMS with inadmissibly long IV in crypto/evp/evp_lib.c.", " - debian/patches/CVE-2025-15467-2.patch: some comments to clarify", " functions usage in crypto/asn1/evp_asn1.c.", " - debian/patches/CVE-2025-15467-3.patch: test for handling of", " AEAD-encrypted CMS with inadmissibly long IV in test/cmsapitest.c,", " test/recipes/80-test_cmsapi.t,", " test/recipes/80-test_cmsapi_data/encDataWithTooLongIV.pem.", " - CVE-2025-15467", " * SECURITY UPDATE: Heap out-of-bounds write in BIO_f_linebuffer on short", " writes", " - debian/patches/CVE-2025-68160.patch: fix heap buffer overflow in", " BIO_f_linebuffer in crypto/bio/bf_lbuf.c.", " - CVE-2025-68160", " * SECURITY UPDATE: Unauthenticated/unencrypted trailing bytes with", " low-level OCB function calls", " - debian/patches/CVE-2025-69418.patch: fix OCB AES-NI/HW stream path", " unauthenticated/unencrypted trailing bytes in crypto/modes/ocb128.c.", " - CVE-2025-69418", " * SECURITY UPDATE: Out of bounds write in PKCS12_get_friendlyname() UTF-8", " conversion", " - debian/patches/CVE-2025-69419.patch: check return code of UTF8_putc", " in crypto/asn1/a_strex.c, crypto/pkcs12/p12_utl.c.", " - CVE-2025-69419", " * SECURITY UPDATE: Missing ASN1_TYPE validation in", " TS_RESP_verify_response() function", " - debian/patches/CVE-2025-69420.patch: verify ASN1 object's types", " before attempting to access them as a particular type in", " crypto/ts/ts_rsp_verify.c.", " - CVE-2025-69420", " * SECURITY UPDATE: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex", " - debian/patches/CVE-2025-69421.patch: add NULL check in", " crypto/pkcs12/p12_decr.c.", " - CVE-2025-69421", " * SECURITY UPDATE: ASN1_TYPE missing validation and type confusion", " - debian/patches/CVE-2026-2279x.patch: ensure ASN1 types are checked", " before use in apps/s_client.c, crypto/pkcs12/p12_kiss.c,", " crypto/pkcs7/pk7_doit.c.", " - CVE-2026-22795", " - CVE-2026-22796", "" ], "package": "openssl", "version": "3.0.13-0ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Mon, 26 Jan 2026 07:31:31 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-distupgrade", "from_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:24.04.27", "version": "1:24.04.27" }, "to_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:24.04.28", "version": "1:24.04.28" }, "cves": [], "launchpad_bugs_fixed": [ 2138637 ], "changes": [ { "cves": [], "log": [ "", " * Run pre-build.sh: updating mirrors for point release (LP: #2138637)", "" ], "package": "ubuntu-release-upgrader", "version": "1:24.04.28", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2138637 ], "author": "Florent 'Skia' Jacquet ", "date": "Mon, 19 Jan 2026 16:31:44 +0100" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-pyasn1", "from_version": { "source_package_name": "pyasn1", "source_package_version": "0.4.8-4", "version": "0.4.8-4" }, "to_version": { "source_package_name": "pyasn1", "source_package_version": "0.4.8-4ubuntu0.1", "version": "0.4.8-4ubuntu0.1" }, "cves": [ { "cve": "CVE-2026-23490", "url": "https://ubuntu.com/security/CVE-2026-23490", "cve_description": "pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.", "cve_priority": "medium", "cve_public_date": "2026-01-16 19:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-23490", "url": "https://ubuntu.com/security/CVE-2026-23490", "cve_description": "pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.", "cve_priority": "medium", "cve_public_date": "2026-01-16 19:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: memory exhaustion from malformed RELATIVE-OID", " - debian/patches/CVE-2026-23490.patch: add limit of 20 continuation", " octets per OID arc in pyasn1/codec/ber/decoder.py,", " tests/codec/ber/test_decoder.py.", " - CVE-2026-23490", "" ], "package": "pyasn1", "version": "0.4.8-4ubuntu0.1", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 20 Jan 2026 10:40:22 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-urllib3", "from_version": { "source_package_name": "python-urllib3", "source_package_version": "2.0.7-1ubuntu0.3", "version": "2.0.7-1ubuntu0.3" }, "to_version": { "source_package_name": "python-urllib3", "source_package_version": "2.0.7-1ubuntu0.6", "version": "2.0.7-1ubuntu0.6" }, "cves": [ { "cve": "CVE-2025-66471", "url": "https://ubuntu.com/security/CVE-2025-66471", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.", "cve_priority": "medium", "cve_public_date": "2025-12-05 17:16:00 UTC" }, { "cve": "CVE-2025-66471", "url": "https://ubuntu.com/security/CVE-2025-66471", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.", "cve_priority": "medium", "cve_public_date": "2025-12-05 17:16:00 UTC" }, { "cve": "CVE-2026-21441", "url": "https://ubuntu.com/security/CVE-2026-21441", "cve_description": "urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.", "cve_priority": "medium", "cve_public_date": "2026-01-07 22:15:00 UTC" } ], "launchpad_bugs_fixed": [ 2136906, 2136906 ], "changes": [ { "cves": [ { "cve": "CVE-2025-66471", "url": "https://ubuntu.com/security/CVE-2025-66471", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.", "cve_priority": "medium", "cve_public_date": "2025-12-05 17:16:00 UTC" } ], "log": [ "", " * SECURITY REGRESSION: Zstandard missing attribute after CVE-2025-66471 fix.", " (LP: #2136906)", " - debian/patches/CVE-2025-66471-fix2.patch: Fall back if \"needs_input\" is", " not a zstd object attribute in src/urllib3/response.py.", "" ], "package": "python-urllib3", "version": "2.0.7-1ubuntu0.6", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [ 2136906 ], "author": "Hlib Korzhynskyy ", "date": "Tue, 13 Jan 2026 09:34:51 -0330" }, { "cves": [ { "cve": "CVE-2025-66471", "url": "https://ubuntu.com/security/CVE-2025-66471", "cve_description": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data.", "cve_priority": "medium", "cve_public_date": "2025-12-05 17:16:00 UTC" } ], "log": [ "", " * SECURITY REGRESSION: Zstd issues after CVE-2025-66471 fix. (LP: #2136906)", " - debian/patches/CVE-2025-66471-fix1.patch: Revert zstd fix due to not", " being compatible with zstandard.", "" ], "package": "python-urllib3", "version": "2.0.7-1ubuntu0.5", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [ 2136906 ], "author": "Hlib Korzhynskyy ", "date": "Mon, 12 Jan 2026 17:27:22 -0330" }, { "cves": [ { "cve": "CVE-2026-21441", "url": "https://ubuntu.com/security/CVE-2026-21441", "cve_description": "urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.", "cve_priority": "medium", "cve_public_date": "2026-01-07 22:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Decompression bomb in HTTP redirect responses.", " - debian/patches/CVE-2026-21441.patch: Add decode_content to self.read()", " in src/urllib3/response.py. Add tests in", " test/with_dummyserver/test_connectionpool.py and dummyserver/app.py.", " - CVE-2026-21441", "" ], "package": "python-urllib3", "version": "2.0.7-1ubuntu0.4", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Hlib Korzhynskyy ", "date": "Thu, 08 Jan 2026 15:36:38 -0330" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3.12", "from_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.9", "version": "3.12.3-1ubuntu0.9" }, "to_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.10", "version": "3.12.3-1ubuntu0.10" }, "cves": [ { "cve": "CVE-2025-13836", "url": "https://ubuntu.com/security/CVE-2025-13836", "cve_description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "cve_priority": "medium", "cve_public_date": "2025-12-01 18:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-13836", "url": "https://ubuntu.com/security/CVE-2025-13836", "cve_description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "cve_priority": "medium", "cve_public_date": "2025-12-01 18:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: HTTP Content-Length denial of service", " - debian/patches/CVE-2025-13836.patch: Read large data in chunks with", " geometric reads in Lib/http/client.py and add tests in ", " Lib/test/test_httplib.py", " - CVE-2025-13836", "" ], "package": "python3.12", "version": "3.12.3-1ubuntu0.10", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Vyom Yadav ", "date": "Thu, 08 Jan 2026 17:00:50 +0530" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3.12-minimal", "from_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.9", "version": "3.12.3-1ubuntu0.9" }, "to_version": { "source_package_name": "python3.12", "source_package_version": "3.12.3-1ubuntu0.10", "version": "3.12.3-1ubuntu0.10" }, "cves": [ { "cve": "CVE-2025-13836", "url": "https://ubuntu.com/security/CVE-2025-13836", "cve_description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "cve_priority": "medium", "cve_public_date": "2025-12-01 18:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-13836", "url": "https://ubuntu.com/security/CVE-2025-13836", "cve_description": "When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS.", "cve_priority": "medium", "cve_public_date": "2025-12-01 18:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: HTTP Content-Length denial of service", " - debian/patches/CVE-2025-13836.patch: Read large data in chunks with", " geometric reads in Lib/http/client.py and add tests in ", " Lib/test/test_httplib.py", " - CVE-2025-13836", "" ], "package": "python3.12", "version": "3.12.3-1ubuntu0.10", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Vyom Yadav ", "date": "Thu, 08 Jan 2026 17:00:50 +0530" } ], "notes": null, "is_version_downgrade": false }, { "name": "screen", "from_version": { "source_package_name": "screen", "source_package_version": "4.9.1-1build1", "version": "4.9.1-1build1" }, "to_version": { "source_package_name": "screen", "source_package_version": "4.9.1-1ubuntu1", "version": "4.9.1-1ubuntu1" }, "cves": [ { "cve": "CVE-2025-46802", "url": "https://ubuntu.com/security/CVE-2025-46802", "cve_description": "For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.", "cve_priority": "medium", "cve_public_date": "2025-05-26 16:15:00 UTC" }, { "cve": "CVE-2025-46804", "url": "https://ubuntu.com/security/CVE-2025-46804", "cve_description": "A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0.", "cve_priority": "low", "cve_public_date": "2025-05-26 14:15:00 UTC" }, { "cve": "CVE-2025-46805", "url": "https://ubuntu.com/security/CVE-2025-46805", "cve_description": "Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.", "cve_priority": "low", "cve_public_date": "2025-05-26 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-46802", "url": "https://ubuntu.com/security/CVE-2025-46802", "cve_description": "For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.", "cve_priority": "medium", "cve_public_date": "2025-05-26 16:15:00 UTC" }, { "cve": "CVE-2025-46804", "url": "https://ubuntu.com/security/CVE-2025-46804", "cve_description": "A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0.", "cve_priority": "low", "cve_public_date": "2025-05-26 14:15:00 UTC" }, { "cve": "CVE-2025-46805", "url": "https://ubuntu.com/security/CVE-2025-46805", "cve_description": "Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.", "cve_priority": "low", "cve_public_date": "2025-05-26 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: incorrect PTY permissions", " - debian/patches/CVE-2025-46802.patch: prevent temporary 0666 mode on", " PTYs in attacher.c, screen.c.", " - CVE-2025-46802", " * SECURITY UPDATE: minor information leak", " - debian/patches/CVE-2025-46804.patch: avoid file existence test", " information leaks in screen.c, socket.c.", " - CVE-2025-46804", " * SECURITY UPDATE: TOCTOU allowing to send SIGHUP, SIGCONT", " - debian/patches/CVE-2025-46805.patch: don't send signals with root", " privileges in socket.c.", " - CVE-2025-46805", "" ], "package": "screen", "version": "4.9.1-1ubuntu1", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Thu, 22 Jan 2026 14:59:29 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "ubuntu-release-upgrader-core", "from_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:24.04.27", "version": "1:24.04.27" }, "to_version": { "source_package_name": "ubuntu-release-upgrader", "source_package_version": "1:24.04.28", "version": "1:24.04.28" }, "cves": [], "launchpad_bugs_fixed": [ 2138637 ], "changes": [ { "cves": [], "log": [ "", " * Run pre-build.sh: updating mirrors for point release (LP: #2138637)", "" ], "package": "ubuntu-release-upgrader", "version": "1:24.04.28", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2138637 ], "author": "Florent 'Skia' Jacquet ", "date": "Mon, 19 Jan 2026 16:31:44 +0100" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 24.04 noble image from daily image serial 20260108 to 20260131", "from_series": "noble", "to_series": "noble", "from_serial": "20260108", "to_serial": "20260131", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }