Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2025-13086 | HMAC verification check: fix incorrect memcmp() call | openvpn openvpn openvpn |
| Launchpad | 2051886 | Unable to move windows by dragging the title bar on GTK4 Xorg with touchscreens | gtk4 gtk4 |
| CVE | CVE-2025-43343 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26. Proc | webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk |
| Launchpad | 2129610 | Questing update: v6.17.3 upstream stable release | linux |
| Launchpad | 2131702 | Race condition in perf build causes build failure due to missing unistd_64.h header on arm64 | linux |
| Launchpad | 2131259 | Questing update: v6.17.4 upstream stable release | linux |
| Launchpad | 2128792 | Re-enable INTEL_SKL_INT3472 for kernels \u003e= 6.16 for Intel IPU camera | linux |
| Launchpad | 2131136 | crash when reading from /sys/kernel/tracing/rv/enabled_monitors | linux |
| Launchpad | 2129770 | kernel crash on bootup for some arm64 machines | linux |
| Launchpad | 2132095 | The machine didn\u2019t go into suspend and got stuck | linux |
| CVE | CVE-2023-0466 | The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. How | edk2 edk2 edk2 edk2 |
| CVE | CVE-2023-0465 | Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain check | edk2 edk2 edk2 edk2 |
| CVE | CVE-2024-6119 | Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2024-38796 | EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2024-1298 | EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2023-45237 | EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unaut | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2023-45236 | EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unaut | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2023-3817 | Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_ | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2023-3446 | Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_ | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2025-3770 | EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vul | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
About
-
Send Feedback to @ubuntu_updates
