Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2025-30754 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supporte | openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 |
| CVE | CVE-2025-50106 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported | openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 |
| CVE | CVE-2025-30749 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported | openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 |
| CVE | CVE-2025-50059 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Su | openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 openjdk-21 |
| Launchpad | 2116890 | Incorrect shebang in loguserdata.py | heat |
| Launchpad | 2117494 | [Regression Updates] \ | linux linux linux linux linux-hwe-6.8 linux-hwe-6.14 linux-lowlatency-hwe-6.8 linux-azure-nvidia-6.14 linux-hwe-6.14 linux-hwe-6.8 linux-lowlatency-hwe-6.8 linux-azure-nvidia |
| Launchpad | 2117395 | raid10: block discard causes a NULL pointer dereference after 5.15.0-144-generic | linux linux |
| CVE | CVE-2025-5994 | A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet (ECS) | unbound unbound unbound unbound unbound unbound unbound unbound unbound unbound unbound unbound |
| CVE | CVE-2025-7345 | A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c) | gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf |
| CVE | CVE-2025-6199 | A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the repor | gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf gdk-pixbuf |
| CVE | CVE-2023-34824 | fdkaac before 1.0.5 was discovered to contain a heap buffer overflow in caf_info function in caf_reader.c. | fdkaac fdkaac |
| CVE | CVE-2023-34823 | fdkaac before 1.0.5 was discovered to contain a stack overflow in read_callback function in src/main.c. | fdkaac fdkaac |
| CVE | CVE-2022-37781 | fdkaac v1.0.3 was discovered to contain a heap buffer overflow via __interceptor_memcpy.part.46 at /sanitizer_common/sanitizer_common_interceptors.in | fdkaac fdkaac |
| CVE | CVE-2022-36148 | fdkaac commit 53fe239 was discovered to contain a floating point exception (FPE) via wav_open at /src/wav_reader.c. | fdkaac fdkaac |
| CVE | CVE-2024-53427 | decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buf | jq jq jq jq |
| CVE | CVE-2025-48060 | jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_ | jq jq jq jq jq jq |
| CVE | CVE-2024-23337 | jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483 | jq jq jq jq jq jq |
| CVE | CVE-2025-4748 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Trav | erlang erlang erlang erlang erlang erlang erlang erlang erlang erlang erlang erlang |
| CVE | CVE-2025-46712 | Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and O | erlang erlang erlang erlang erlang erlang erlang erlang erlang erlang erlang erlang |
| Launchpad | 2116729 | Add new firmware for hwe-6.14 | linux-firmware |
About
-
Send Feedback to @ubuntu_updates
