Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2026-46863 | Vulnerability in the MySQL Server, MySQL Cluster product of Oracle MySQL (component: Server: Connection Handling). Supported versions that are affec | mysql-8.4 mysql-8.4 mysql-8.4 mysql-8.4 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.4 mysql-8.4 mysql-8.4 mysql-8.4 mysql-8.0 mysql-8.0 mysql-8.0 mysql-8.0 |
| CVE | CVE-2026-44068 | Incomplete sanitization of extended attribute (EA) path components in Netatalk 2.1.0 through 4.4.2 allows a remote authenticated attacker to write to | netatalk netatalk |
| CVE | CVE-2026-44066 | Multiple heap out-of-bounds reads in the Spotlight RPC unmarshalling code in Netatalk 3.1.0 through 4.4.2 allow a remote authenticated attacker to ob | netatalk netatalk |
| CVE | CVE-2026-44057 | A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective | netatalk netatalk |
| CVE | CVE-2025-39930 | In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai() | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43067 | In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when searching for blocks for indirect mapped blocks Co | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43049 | In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation fai | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43338 | In the Linux kernel, the following vulnerability has been resolved: btrfs: reserve enough transaction items for qgroup ioctls Currently our qgroup | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43044 | In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix DMA corruption on long hmac keys When a key longer than bloc | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43330 | In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix overflow on long hmac keys When a key longer than block size | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43036 | In the Linux kernel, the following vulnerability has been resolved: net: use skb_header_pointer() for TCPv4 GSO frag_off check Syzbot reported a KM | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-31414 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: use expect->helper Use expect->helper in ctnetl | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43025 | In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ignore explicit helper on new expectations Use the existi | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43023 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: fix race conditions in sco_sock_connect() sco_sock_connect() ch | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43019 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync hci_conn lookup a | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43018 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt hci | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43017 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate mesh send advertising payload length mesh_send() curr | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43016 | In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-free of sk->sk_socket in sk_psock_verdict_data_ready | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-31675 | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_netem: fix out-of-bounds access in packet corruption In netem_en | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
| CVE | CVE-2026-43013 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: lag: Check for LAG device before creating debugfs __mlx5_lag_dev_add_ | linux linux-hwe-6.8 linux linux-lowlatency-hwe-6.8 linux-lowlatency-hwe-6.8 linux-hwe-6.8 linux-xilinx linux-qcom linux-azure-nvidia linux-xilinx linux-azure-nvidia |
About
-
Send Feedback to @ubuntu_updates