Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2006-10002 | XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crash | libxml-parser-perl libxml-parser-perl libxml-parser-perl libxml-parser-perl libxml-parser-perl libxml-parser-perl |
| CVE | CVE-2026-4897 | A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input to the `polkit-agent-helper-1` set | policykit-1 policykit-1 policykit-1 policykit-1 policykit-1 policykit-1 policykit-1 policykit-1 |
| CVE | CVE-2025-7519 | A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This iss | policykit-1 policykit-1 policykit-1 policykit-1 policykit-1 policykit-1 policykit-1 policykit-1 |
| CVE | CVE-2026-34982 | Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution wh | vim vim vim vim vim vim vim vim vim vim vim vim |
| CVE | CVE-2026-33412 | Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob() function on Unix | vim vim vim vim vim vim vim vim vim vim vim vim |
| CVE | CVE-2026-32249 | Vim is an open source, command line text editor. From 9.1.0011 to before 9.2.0137, Vim's NFA regex compiler, when encountering a collection containin | vim vim vim vim vim vim vim vim |
| Launchpad | 2147094 | [BPO] Starting recording fails | obs-studio |
| CVE | CVE-2026-35092 | A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacke | corosync corosync corosync corosync corosync corosync corosync corosync corosync corosync corosync corosync |
| CVE | CVE-2026-35091 | A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit toke | corosync corosync corosync corosync corosync corosync corosync corosync corosync corosync corosync corosync |
| CVE | CVE-2026-34080 | xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allows bypassing eavesdrop restrictions. The | xdg-dbus-proxy xdg-dbus-proxy xdg-dbus-proxy xdg-dbus-proxy xdg-dbus-proxy xdg-dbus-proxy xdg-dbus-proxy xdg-dbus-proxy xdg-dbus-proxy xdg-dbus-proxy xdg-dbus-proxy xdg-dbus-proxy |
| CVE | CVE-2025-9809 | Out-of-bounds write in cdfs_open_cue_track in libretro libretro-common latest on all platforms allows remote attackers to execute arbitrary code via | retroarch retroarch |
| CVE | CVE-2024-35862 | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions | linux |
| CVE | CVE-2024-50004 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DC | linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-riscv-6.8 linux-hwe-6.8 linux-riscv-6.8 linux |
| CVE | CVE-2025-71183 | In the Linux kernel, the following vulnerability has been resolved: btrfs: always detect conflicting inodes when logging inode refs After rename ex | linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-riscv-6.8 linux-hwe-6.8 linux-riscv-6.8 linux |
| CVE | CVE-2026-23136 | In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osd_fault() When a fault occurs, the connec | linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-riscv-6.8 linux-hwe-6.8 linux-riscv-6.8 linux |
| CVE | CVE-2026-23047 | In the Linux kernel, the following vulnerability has been resolved: libceph: make calc_target() set t->paused, not just clear it Currently calc_tar | linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-riscv-6.8 linux-hwe-6.8 linux-riscv-6.8 linux |
| CVE | CVE-2026-23139 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: update last_gc only when GC has been performed Current | linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-riscv-6.8 linux-hwe-6.8 linux-riscv-6.8 linux |
| CVE | CVE-2026-22979 | In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skb_segment_list for GRO packets When skb_segment_list( | linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-riscv-6.8 linux-hwe-6.8 linux-riscv-6.8 linux |
| CVE | CVE-2025-71192 | In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in snd_ac97_controller_register() If ac97_add_ada | linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-riscv-6.8 linux-hwe-6.8 linux-riscv-6.8 linux |
| CVE | CVE-2026-23140 | In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Subtract size of xdp_frame from allowed metadata size The xdp_fr | linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-riscv-6.8 linux-hwe-6.8 linux-riscv-6.8 linux |
About
-
Send Feedback to @ubuntu_updates
