Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2026-1965 | libcurl can in some circumstances reuse the wrong connection when aske ... | curl curl curl |
| Launchpad | 2142446 | [SRU] The entire desktop session crashes when browsing/playing videos/scrolling in firefox | budgie-session budgie-session budgie-session budgie-session |
| Launchpad | 2139061 | [SRU] Add support for new Goodix device 27c6:66a9 | libfprint libfprint libfprint libfprint libfprint libfprint libfprint libfprint |
| Launchpad | 2143028 | [SRU] Add quirks support for Goodix touchpad | libinput libinput libinput libinput libinput libinput libinput libinput |
| CVE | CVE-2025-0167 | When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the follo | curl curl curl curl |
| CVE | CVE-2025-69662 | SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the to_postgis()` function being used | python-geopandas python-geopandas python-geopandas python-geopandas python-geopandas python-geopandas |
| Launchpad | 2143861 | 1.10.2-4ubuntu0.1 regresses MFA in some cases | network-manager-openvpn network-manager-openvpn network-manager-openvpn network-manager-openvpn |
| CVE | CVE-2026-26127 | Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network. | dotnet9 dotnet10 dotnet10 dotnet9 dotnet10 dotnet10 |
| CVE | CVE-2026-26130 | Allocation of resources without limits or throttling in ASP.NET Core a ... | dotnet8 dotnet8 dotnet8 dotnet9 dotnet10 dotnet10 dotnet9 dotnet10 dotnet8 dotnet10 dotnet8 dotnet8 |
| Launchpad | 2143198 | [SRU] Fix GPU hang on gfx1152 and gfx1153 hardware | linux-firmware linux-firmware |
| Launchpad | 2139604 | Update AMD GPU firmware to fix ASUS Vivobook S16 Boot Freeze on all kernels from 6.15 upwards | linux-firmware linux-firmware |
| Launchpad | 2137618 | Add new firmware for hwe-6.17 | linux-firmware |
| CVE | CVE-2026-23038 | In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() In nfs4_ff_all | linux linux |
| CVE | CVE-2026-23037 | In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: allow partial RX URB allocation to succeed When es58x_alloc_rx | linux linux |
| CVE | CVE-2026-22998 | In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec Commit efa | linux linux |
| CVE | CVE-2026-23003 | In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() Blamed commit did no | linux linux |
| CVE | CVE-2026-23001 | In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU protection on (st | linux linux |
| CVE | CVE-2026-23011 | In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_gre: make ipgre_header() robust Analog to commit db5b4e39c4e6 ("ip6_gr | linux linux |
| CVE | CVE-2026-22999 | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not free existing class in qfq_change_class() Fixes qfq_ | linux linux |
| CVE | CVE-2025-71162 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Te | linux linux |
About
-
Send Feedback to @ubuntu_updates
