Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2024-6844 | A vulnerability in corydolphin/flask-cors version 4.0.1 allows for inconsistent CORS matching due to the handling of the '+' character in URL paths. | python-flask-cors python-flask-cors python-flask-cors python-flask-cors python-flask-cors python-flask-cors |
| CVE | CVE-2024-6866 | corydolphin/flask-cors version 4.01 contains a vulnerability where the request path matching is case-insensitive due to the use of the `try_match` fu | python-flask-cors python-flask-cors python-flask-cors python-flask-cors python-flask-cors python-flask-cors |
| CVE | CVE-2024-6839 | corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more s | python-flask-cors python-flask-cors python-flask-cors python-flask-cors python-flask-cors python-flask-cors |
| Launchpad | 2114743 | Backport lowlatency-kernel to Noble | lowlatency-kernel |
| Launchpad | 2115574 | Upgrade of libpciaccess0 to 0.17-3ubuntu0.25.04.1 causes black screen on boot with AMD Radeon GPU | libpciaccess libpciaccess libpciaccess libpciaccess |
| CVE | CVE-2025-32463 | Local Privilege Escalation via chroot option | sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo |
| CVE | CVE-2025-32462 | Local Privilege Escalation via host option | sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo sudo |
| Launchpad | 2115390 | intel-ish-hid keeps timeout while accessing it during suspend | linux-oem-6.14 |
| Launchpad | 2115200 | Enable AMD STX/KRK soundwire support on new Dell GhostRider platform | linux-oem-6.14 |
| Launchpad | 2115478 | [SRU] Add waiting latency for USB port resume | linux-oem-6.14 |
| Launchpad | 2113992 | Creating a VXLAN interface with a Fan mapping causes a NULL pointer dereference caught by ubuntu_fan_smoke_test:sut-scan | linux-hwe-6.14 linux-hwe-6.14 |
| Launchpad | 2111956 | Add SVSM vTPM support for AMD SEV-SNP confidential VMs | linux-gcp-6.14 linux-gcp-6.8 |
| CVE | CVE-2023-40403 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 1 | libxslt libxslt |
| Launchpad | 2107636 | New upstream release 550.163.01 UDA13 | nvidia-graphics-drivers-550 nvidia-graphics-drivers-550 nvidia-graphics-drivers-550 |
| Launchpad | 2107759 | New upstream release 570.144 UDA | nvidia-graphics-drivers-570 nvidia-graphics-drivers-570 nvidia-graphics-drivers-570 |
| Launchpad | 2114898 | New upstream release 570.158.01 ERD5 | nvidia-graphics-drivers-570-server fabric-manager-570 nvidia-imex-570 libnvidia-nscq-570 nvidia-graphics-drivers-570-server fabric-manager-570 nvidia-imex-570 libnvidia-nscq-570 nvidia-graphics-drivers-570-server fabric-manager-570 nvidia-imex-570 libnvidia-nscq-570 nvidia-graphics-drivers-570-server |
| CVE | CVE-2025-5917 | A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes | libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive |
| CVE | CVE-2025-5916 | A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Arc | libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive |
| CVE | CVE-2025-5915 | A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potent | libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive |
| CVE | CVE-2025-5914 | A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involv | libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive libarchive |
About
-
Send Feedback to @ubuntu_updates
