Ubuntu Linux 25.10, codenamed Questing Quokka, has reached its beta stage, which constitutes an important step towards the final release expected in October 2025. The beta release includes images for various Ubuntu products and community-developed flavors, featuring updated kernel version 6.17 (release candidate) and other new features.
Ubuntu has released security notices to address vulnerabilities in several packages, including OpenJPEG, ImageMagick, and the Linux kernel. Multiple issues were found in OpenJPEG that could be exploited by an attacker to cause a denial of service or potentially execute arbitrary code. ImageMagick also has several security issues that were fixed in the latest updates, which could allow an attacker to crash the system or execute arbitrary code. The affected systems include Ubuntu 25.04, Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, and others, with fixes available through standard system updates.
[USN-7757-1] OpenJPEG vulnerabilities
[USN-7756-1] ImageMagick vulnerabilities
[USN-7726-5] Linux kernel (Azure) vulnerabilities
[USN-7757-1] OpenJPEG vulnerabilities
[USN-7756-1] ImageMagick vulnerabilities
[USN-7726-5] Linux kernel (Azure) vulnerabilities
Three Ubuntu Security Notices (USN) were released: USN-7755-1, USN-7722-2, and USN-7755-2. These notices address vulnerabilities in various Linux kernel versions affecting different Ubuntu releases, including Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS, Ubuntu 25.04, and Ubuntu 24.04 LTS. The updates correct flaws in media drivers, SPI subsystems, USB core drivers, NILFS2 file systems, IPv6 networking, and network traffic control, among other areas (CVE-2023-52477 through CVE-2025-38350).
[USN-7755-1] Linux kernel vulnerabilities
[USN-7722-2] Linux kernel vulnerability
[USN-7755-2] Linux kernel (FIPS) vulnerabilities
[USN-7755-1] Linux kernel vulnerabilities
[USN-7722-2] Linux kernel vulnerability
[USN-7755-2] Linux kernel (FIPS) vulnerabilities
Ubuntu Security Notice USN-7754-2 reports vulnerabilities in the Linux kernel (FIPS) affecting Ubuntu 20.04 LTS, which have been fixed by updating to specific package versions. A similar security issue was reported in USN-7754-1 for multiple other versions of Ubuntu and their derivatives. Separately, USN-7753-1 announces a vulnerability in the xmltodict Python library, affecting various Ubuntu releases from 16.04 LTS to 25.04, which can be fixed by updating to specific package versions. Additionally, USN-7752-1 reports vulnerabilities in libyang affecting Ubuntu 24.04 LTS, which can also be addressed through a standard system update.
[USN-7754-2] Linux kernel (FIPS) vulnerabilities
[USN-7754-1] Linux kernel vulnerabilities
[USN-7753-1] xmltodict vulnerability
[USN-7752-1] libyang vulnerabilities
[USN-7754-2] Linux kernel (FIPS) vulnerabilities
[USN-7754-1] Linux kernel vulnerabilities
[USN-7753-1] xmltodict vulnerability
[USN-7752-1] libyang vulnerabilities
Ubuntu has released several security notices (USN) to address vulnerabilities in various packages. The affected releases include Ubuntu 25.04, Ubuntu 24.04 LTS, and Ubuntu 22.04 LTS. The vulnerabilities include a JSON-XS issue that could cause a denial of service by crashing if it parses specially crafted JSON data, as well as issues with SQLite, cPanel-JSON-XS, Vim, and RubyGems that could potentially lead to code execution or resource consumption.
[USN-7750-1] JSON-XS vulnerability
[USN-7751-1] SQLite vulnerability
[USN-7749-1] Cpanel-JSON-XS vulnerability
[USN-7748-1] Vim vulnerabilities
[USN-7747-1] RubyGems vulnerability
[USN-7750-1] JSON-XS vulnerability
[USN-7751-1] SQLite vulnerability
[USN-7749-1] Cpanel-JSON-XS vulnerability
[USN-7748-1] Vim vulnerabilities
[USN-7747-1] RubyGems vulnerability
Steven Barrett has announced the release of Liquorix kernel version 6.16-6, which is built on top of Linux Kernel 6.16.7 and optimized for desktop, multimedia, and gaming workloads. The new kernel features several significant enhancements, including scheduling improvements, CPUFreq settings tweaks, and a faster disk scheduler called Budget Fair Queue. Liquorix kernel 6.16-6 also allows for better timing control, quicker responses from the CPU, uses LZ4 compression Users can install the Liquorix kernel on their Debian, Ubuntu, or Arch-based Linux distribution by running a script available on the Liquorix website.
Three security notices have been issued for Ubuntu, addressing vulnerabilities in various packages. The first notice (USN-7746-1) affects Ubuntu 25.04 to 18.04 LTS and fixes a vulnerability in the node-cipher-base package that could allow an attacker to manipulate the internal state of hash functions or cause a denial of service. The second notice (USN-7745-1) also affects Ubuntu 25.04 to 16.04 LTS and addresses vulnerabilities in the CUPS package, including issues with authentication types and deserialization and validation of printer attributes. The third notice (USN-7744-1) affects Ubuntu 25.04 to 22.04 LTS and fixes multiple vulnerabilities in the QEMU package, including issues with virtio devices, SDHCI device emulation, image files, and USB devices.
[USN-7746-1] cipher-base vulnerability
[USN-7745-1] CUPS vulnerabilities
[USN-7744-1] QEMU vulnerabilities
[USN-7746-1] cipher-base vulnerability
[USN-7745-1] CUPS vulnerabilities
[USN-7744-1] QEMU vulnerabilities
Three security updates have been released for Ubuntu Linux. Ubuntu Security Notice USN-7742-1 addresses vulnerabilities in GnuTLS that could lead to denial-of-service or arbitrary code execution. The issue was discovered on September 09, 2025, and affects Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. Another security notice, USN-7743-1, addresses a vulnerability in libxml2 that could cause a denial of service due to incorrect recursion handling when processing XPath expressions. Additionally, USN-7739-1 fixes vulnerabilities in Bind for Ubuntu 14.04 LTS, including issues with incremental zone updates and GSSAPI security policy negotiation.
[USN-7742-1] GnuTLS vulnerabilities
[USN-7743-1] libxml2 vulnerability
[USN-7739-1] Bind vulnerabilities
[USN-7742-1] GnuTLS vulnerabilities
[USN-7743-1] libxml2 vulnerability
[USN-7739-1] Bind vulnerabilities
Steven Barrett has announced the release of Liquorix kernel version 6.16-5, a distro kernel replacement optimized for desktop, multimedia, and gaming workloads. This updated kernel includes significant enhancements such as improved scheduling algorithms, increased system responsiveness, and optimized CPU frequency settings. Additionally, it features advanced technologies like High Resolution Scheduling, Preemptible tree-based hierarchical RCU, and Compressed Swap to provide a faster and more efficient computing experience. The Liquorix kernel is available for installation on Debian, Ubuntu, and Arch Linux systems through a simple script.
Ubuntu has released two security notices, USN-7740-1 and USN-7741-1, to address vulnerabilities in LibEtPan and PostgreSQL, respectively. The LibEtPan vulnerability could allow a remote attacker to crash the application by sending specially crafted network traffic, while the PostgreSQL vulnerabilities could allow an attacker to obtain sensitive information or execute arbitrary code. To fix these issues, users are advised to update their systems to the latest package versions, which include new upstream releases and additional bug fixes.
[USN-7740-1] LibEtPan vulnerability
[USN-7741-1] PostgreSQL vulnerabilities
[USN-7740-1] LibEtPan vulnerability
[USN-7741-1] PostgreSQL vulnerabilities
Liquorix Linux Kernel 6.16-4, based on Kernel 6.16.5, has been released. Liquorix is a custom kernel designed for desktop, multimedia, and gaming workloads, offering improved responsiveness at the cost of throughput and power usage. It features various optimizations, including a different scheduler (bfq), improved virtual memory management, and enhanced CPUFreq settings to improve system performance under heavy loads. Liquorix also has special features like better scheduling, a more efficient way to manage resources, and compressed swap storage to use resources more effectively.
Ubuntu has released security notices to address vulnerabilities in RubyGems and PHP, affecting Ubuntu 25.04 and various LTS versions. A Django vulnerability was also addressed, affecting multiple Ubuntu versions from 20.04 LTS down to 16.04 LTS. Additionally, an FFmpeg vulnerability was fixed, impacting Ubuntu 25.04 through 16.04 LTS.
[USN-7735-1] RubyGems vulnerabilities
[USN-7648-3] PHP regression
[USN-7736-1] Django vulnerability
[USN-7738-1] FFmpeg vulnerability
[USN-7735-1] RubyGems vulnerabilities
[USN-7648-3] PHP regression
[USN-7736-1] Django vulnerability
[USN-7738-1] FFmpeg vulnerability
Ubuntu Linux has released several security updates to address vulnerabilities. The updates affect KMail, including Account Wizard and multiple instances of KMail vulnerabilities. Additionally, there are security updates for KDE PIM, PIM Messagelib, and Linux kernel (Azure). Ruby vulnerabilities have also been addressed with a separate security update.
[USN-7732-1] KMail Account Wizard vulnerability
[USN-7730-1] PIM Messagelib vulnerabilities
[USN-7731-1] KMail vulnerabilities
[USN-7729-1] KDE PIM vulnerabilities
[USN-7734-1] Ruby vulnerabilities
[USN-7737-1] Linux kernel (Azure) vulnerabilities
[USN-7732-1] KMail Account Wizard vulnerability
[USN-7730-1] PIM Messagelib vulnerabilities
[USN-7731-1] KMail vulnerabilities
[USN-7729-1] KDE PIM vulnerabilities
[USN-7734-1] Ruby vulnerabilities
[USN-7737-1] Linux kernel (Azure) vulnerabilities
Ubuntu Linux has released several updates to address security vulnerabilities. The updates include fixes for the Linux kernel, specifically for Azure and AWS versions, as well as general Linux kernel vulnerabilities. Additionally, Protocol Buffers have been patched to prevent potential issues.
[USN-7712-2] Linux kernel (Azure) vulnerabilities
[USN-7727-3] Linux kernel (AWS) vulnerabilities
[USN-7629-2] Protocol Buffers vulnerabilities
[USN-7725-3] Linux kernel vulnerabilities
[USN-7726-4] Linux kernel vulnerabilities
[USN-7712-2] Linux kernel (Azure) vulnerabilities
[USN-7727-3] Linux kernel (AWS) vulnerabilities
[USN-7629-2] Protocol Buffers vulnerabilities
[USN-7725-3] Linux kernel vulnerabilities
[USN-7726-4] Linux kernel vulnerabilities
A security notice has been published for Ubuntu 16.04 LTS to 24.04 LTS due to vulnerabilities in ImageMagick that could cause a denial of service or potentially execute arbitrary code. The issues were found in the way ImageMagick processes certain format strings when interpreting image filenames, allowing an attacker to crash or consume resources.
[USN-7728-1] ImageMagick vulnerabilities
[USN-7728-1] ImageMagick vulnerabilities
A security notice was issued for Ubuntu 14.04 LTS due to vulnerabilities found in Open VM Tools. Two issues were discovered: one where a local attacker could hijack /dev/uinput and simulate user inputs (CVE-2023-34059), and another where an attacker could setup a symlink attack to override files without authorization (CVE-2014-4199).
[USN-7714-1] Open VM Tools vulnerabilities
[USN-7714-1] Open VM Tools vulnerabilities
Ubuntu has issued two security updates: USN-7713-1 addressing vulnerabilities in OpenLDAP and USN-7710-2 resolving a vulnerability in Python 2.7. The OpenLDAP update affects Ubuntu 14.04 LTS, while the Python update affects Ubuntu versions 16.04 LTS, 18.04 LTS, 20.04 LTS, and 22.04 LTS. The resolved issues encompass the incorrect parsing of X.509 DNs by OpenLDAP, which had the potential to lead to a denial of service (CVE-2020-36229, CVE-2020-36230), as well as the inefficient parsing of maliciously crafted HTML input and Tar archives by Python (CVE-2025-6069, CVE-2025-8194).
[USN-7713-1] OpenLDAP vulnerabilities
[USN-7710-2] Python 2.7 vulnerability
[USN-7713-1] OpenLDAP vulnerabilities
[USN-7710-2] Python 2.7 vulnerability
Liquorix is a kernel replacement designed for desktop, multimedia, and gaming workloads, built with optimized configurations and sources for improved performance, and has been updated to the latest Linux kernel, 6.16.4. It features various tuning options and settings, including Zen Interactive Tuning, PDS/BMQ CPU Scheduler, High Resolution Scheduling, and Compressed Swap, among others. The Liquorix kernel is available for installation on Debian, Ubuntu, and Arch Linux systems through a simple install script or binary builds from the project's GitHub repository.
Multiple Ubuntu Security Notices (USN) have been issued, addressing various vulnerabilities in the Linux kernel affecting different Ubuntu releases. These vulnerabilities were found in various subsystems such as the NTFS3 file system, network traffic control, overlay file system, and more, and could be exploited by an attacker to compromise the system (CVE numbers mentioned include CVE-2024-27407, CVE-2025-37752, and others). The affected Ubuntu releases include 16.04 LTS, 14.04 LTS, 22.04 LTS, 20.04 LTS, 18.04 LTS, and 24.04 LTS. Additionally, a vulnerability was found in the UDisks service that could cause it to crash or run arbitrary code if it received specially crafted input.
[USN-7726-2] Linux kernel (Real-time) vulnerabilities
[USN-7704-5] Linux kernel vulnerabilities
[USN-7703-4] Linux kernel vulnerabilities
[USN-7724-1] Linux kernel (OEM) vulnerabilities
[USN-7722-1] Linux kernel vulnerability
[USN-7721-1] Linux kernel (Azure) vulnerabilities
[USN-7725-1] Linux kernel vulnerabilities
[USN-7725-2] Linux kernel (Real-time) vulnerabilities
[USN-7726-3] Linux kernel (FIPS) vulnerabilities
[USN-7727-1] Linux kernel vulnerabilities
[USN-7727-2] Linux kernel (FIPS) vulnerabilities
[USN-7726-1] Linux kernel vulnerabilities
[USN-7723-1] UDisks vulnerability
[USN-7726-2] Linux kernel (Real-time) vulnerabilities
[USN-7704-5] Linux kernel vulnerabilities
[USN-7703-4] Linux kernel vulnerabilities
[USN-7724-1] Linux kernel (OEM) vulnerabilities
[USN-7722-1] Linux kernel vulnerability
[USN-7721-1] Linux kernel (Azure) vulnerabilities
[USN-7725-1] Linux kernel vulnerabilities
[USN-7725-2] Linux kernel (Real-time) vulnerabilities
[USN-7726-3] Linux kernel (FIPS) vulnerabilities
[USN-7727-1] Linux kernel vulnerabilities
[USN-7727-2] Linux kernel (FIPS) vulnerabilities
[USN-7726-1] Linux kernel vulnerabilities
[USN-7723-1] UDisks vulnerability
A security issue affects Ubuntu 14.04 LTS due to several vulnerabilities in the Linux kernel. The issues include a use-after-free vulnerability caused by a race condition in the Unix domain socket, as well as flaws in the HID and media drivers subsystems (CVE-2021-0920, CVE-2024-50302, CVE-2024-53104).
[USN-7720-1] Linux kernel vulnerabilities
[USN-7720-1] Linux kernel vulnerabilities
