Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2025-71070 | In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server proces | linux |
| CVE | CVE-2025-71117 | In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the re | linux |
| CVE | CVE-2025-68812 | In the Linux kernel, the following vulnerability has been resolved: media: iris: Add sanity check for stop streaming Add sanity check in iris_vb2_s | linux |
| CVE | CVE-2025-68805 | In the Linux kernel, the following vulnerability has been resolved: fuse: fix io-uring list corruption for terminated non-committed requests When a | linux |
| CVE | CVE-2025-68791 | In the Linux kernel, the following vulnerability has been resolved: fuse: missing copy_finish in fuse-over-io-uring argument copies Fix a possible | linux |
| Launchpad | 2142250 | Questing update: upstream stable patchset 2026-03-04 | linux |
| Launchpad | 2141377 | [SRU]Fix xe GPU suspend/resume crash on Battlemage | linux |
| Launchpad | 2141276 | efi: Fix swapped arguments to bsearch() in efi_status_to_*() SAUCE patch | linux linux linux |
| Launchpad | 2134400 | Questing preinstalled server fails to boot on QCS8300 based boards | linux |
| Launchpad | 2141545 | [SRU] add swap file or partition to LicheeRV preinstalled image | livecd-rootfs |
| Launchpad | 2143015 | [SRU] Fix incorrect selection of Xorg on specific platforms that prefer Wayland. | gdm3 gdm3 |
| Launchpad | 2122551 | [SRU] Backport feature for disabling migration to Noble | watcher |
| Launchpad | 2136499 | virtualbox-dkms FTBFS in Noble with the linux-6.17 kernel | virtualbox virtualbox |
| CVE | CVE-2026-0665 | An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QE | qemu qemu qemu qemu qemu qemu qemu qemu |
| CVE | CVE-2025-14876 | A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, lea | qemu qemu qemu qemu qemu qemu qemu qemu |
| CVE | CVE-2025-12464 | A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devic | qemu qemu qemu qemu qemu qemu qemu qemu |
| CVE | CVE-2025-11234 | A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to | qemu qemu qemu qemu qemu qemu qemu qemu qemu qemu qemu qemu |
| CVE | CVE-2026-2781 | Integer overflow in the Libraries component in NSS. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird | nss nss nss nss nss nss nss nss |
| CVE | CVE-2026-2006 | Missing validation of multibyte character length in PostgreSQL text manipulation allows a database user to issue crafted queries that achieve a buffe | postgresql-17 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-17 |
| CVE | CVE-2026-2005 | Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. | postgresql-17 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-17 |
About
-
Send Feedback to @ubuntu_updates
