Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| Launchpad | 2140344 | [SRU] drivers/usb/cdns3 module path missing | initramfs-tools |
| CVE | CVE-2026-1767 | Heap Buffer Overflow in GNOME localsearch MP3 Extractor | tracker-miners tracker-miners |
| CVE | CVE-2026-1766 | Heap Buffer Overflow in GNOME localsearch MP3 Extractor (ID3v2.3 COMM Tags) | tracker-miners tracker-miners |
| CVE | CVE-2026-1765 | Heap Buffer Overflow in GNOME localsearch MP3 Extractor (TXXX Tags) | tracker-miners tracker-miners |
| CVE | CVE-2026-1764 | Heap Buffer Overflow in GNOME localsearch MP3 Extractor | tracker-miners tracker-miners |
| CVE | CVE-2026-0865 | User-controlled header names and values containing newlines can allow injecting HTTP headers. | python3.13 python3.14 python3.13 python3.12 python3.12 python3.10 python3.10 python3.13 python3.14 python3.13 python3.12 python3.12 |
| CVE | CVE-2026-0672 | When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all contro | python3.13 python3.14 python3.13 python3.12 python3.12 python3.10 python3.10 python3.13 python3.14 python3.13 python3.12 python3.12 |
| CVE | CVE-2025-15367 | The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containin | python3.13 python3.14 python3.13 python3.12 python3.12 python3.10 python3.10 python3.13 python3.14 python3.13 python3.12 python3.12 |
| CVE | CVE-2025-15366 | The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containi | python3.13 python3.14 python3.13 python3.12 python3.12 python3.10 python3.10 python3.13 python3.14 python3.13 python3.12 python3.12 |
| CVE | CVE-2025-15282 | User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype. | python3.13 python3.14 python3.13 python3.12 python3.12 python3.10 python3.10 python3.13 python3.14 python3.13 python3.12 python3.12 |
| CVE | CVE-2025-13837 | When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues | python3.13 python3.14 python3.13 python3.12 python3.12 python3.10 python3.10 python3.13 python3.14 python3.13 python3.12 python3.12 |
| CVE | CVE-2025-12084 | When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadra | python3.13 python3.14 python3.13 python3.12 python3.12 python3.10 python3.10 python3.13 python3.14 python3.13 python3.12 python3.12 |
| CVE | CVE-2025-11468 | When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be us | python3.13 python3.14 python3.13 python3.12 python3.12 python3.10 python3.10 python3.13 python3.14 python3.13 python3.12 python3.12 |
| CVE | CVE-2026-1489 | A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processin | glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 |
| CVE | CVE-2026-1485 | A flaw was found in Glib's content type parsing logic. This buffer underflow vulnerability occurs because the length of a header line is stored in a | glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 |
| CVE | CVE-2026-1484 | A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calcu | glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 glib2.0 |
| Launchpad | 2106791 | Emerald Rapids cannot be used as Sapphire Rapids on Ubuntu due to TSX features | libvirt libvirt |
| Launchpad | 2083293 | [SRU] [GNR] Virt-Libvirt: Add platform support to libvirt | libvirt libvirt |
| CVE | CVE-2024-43411 | CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 (and above). I | ckeditor ckeditor |
| CVE | CVE-2024-24815 | CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsi | ckeditor ckeditor |
About
-
Send Feedback to @ubuntu_updates
