A security notice (USN-7941-1) has been issued for Ubuntu and its derivatives, affecting systems including Ubuntu 25.10, 25.04, 24.04 LTS, and 22.04 LTS. Several vulnerabilities have been discovered in WebKitGTK, a library for web content, which could allow remote attackers to exploit cross-site scripting attacks, denial of service attacks, and arbitrary code execution. To fix these issues, users need to update their systems to the latest package versions, which include new upstream releases with additional bug fixes. After updating, applications that use WebKitGTK, such as Epiphany, may require a restart to apply the necessary changes.
[USN-7941-1] WebKitGTK vulnerabilities
A new version of the Liquorix Linux kernel, 6.18-3, has been released by Steven Barrett, which is designed to optimize desktop experiences for multimedia and gaming workloads. This custom-built kernel includes several notable improvements, such as Zen Interactive Tuning, optimized I/O and memory management, and faster responsiveness through tweaks like adjusted CPUFreq control. The Liquorix 6.18-3 also includes additional performance features like high-resolution scheduling, real-time system handling, and support for Budget Fair Queue (BFQ) to manage disk I/O and latency. Users can easily deploy the kernel on Debian, Ubuntu, or Arch Linux by downloading binary builds from the Liquorix website or using a simple installation script.
Steven Barrett has released Liquorix Linux kernel 6.18-2, which offers several improvements to optimize desktop performance for multimedia and gaming workloads. The new kernel includes features that help improve how the system responds quickly while still being stable, such as better management of input/output, memory, and CPU speed control.
Steven Barrett has released the first Liquorix Linux kernel based on the 6.18 series, designed to optimize desktop experience for multimedia and gaming workloads by tapping into underutilized performance capabilities. The kernel includes various improvements, such as Zen Interactive Tuning, which prioritizes responsiveness over power saving, as well as optimized I/O and memory management through tweaks like background reclaim for hugepages and minimum cache TTL timings. Liquorix 6.18-1 also features other technical enhancements, including high-resolution scheduling, real-time system handling, Budget Fair Queue (BFQ) support, and TCP BBR2 Congestion Control to improve data transfer speed during network congestion. The kernel provides binary builds for Debian, Ubuntu, and Arch Linux through their PPA, making it easy to install and use as a direct replacement for the standard kernel.
Ubuntu Linux has released security updates to address several vulnerabilities in the Linux kernel. Specifically, updates have been issued for Raspberry Pi, Real-time, Oracle, and Xilinx variants of the Linux kernel.
[USN-7928-4] Linux kernel (Raspberry Pi) vulnerabilities
[USN-7921-2] Linux kernel (Real-time) vulnerabilities
[USN-7922-3] Linux kernel (Oracle) vulnerabilities
[USN-7931-4] Linux kernel (Xilinx) vulnerabilities
Liquorix Kernel 6.17-15 has been released, enhancing the Linux desktop experience, particularly for gaming and multimedia tasks. It introduces Zen Interactive Tuning for improved responsiveness, optimized I/O and memory management, and high-resolution scheduling. Key features include support for BFQ for managing disk I/O, TCP BBR2 for better data transfer during congestion, and Compressed Swap for efficient memory use. Installation is straightforward via PPA for Debian, Ubuntu, or Arch Linux, and an installation script is available on their website for ease of use.
Ubuntu Security Notice USN-7940-1 reports multiple security vulnerabilities fixed in the Linux kernel for Ubuntu 24.04 LTS. The vulnerabilities, including CVE-2025-40300 (VMSCAPE), allow an attacker to potentially expose sensitive information or compromise the system. To fix these issues, users need to update their system to the latest package versions and reboot their computer after a standard system update. Additionally, due to an ABI change, users may need to recompile and reinstall third-party kernel modules they have installed.
[USN-7940-1] Linux kernel (Azure FIPS) vulnerabilities
Several critical kernel updates are available for Ubuntu Linux. These include fixes for vulnerabilities in the standard Linux kernel as well as the Azure and Azure FIPS variants. The updates aim to address security concerns within these specific kernel versions. Users should consider installing these patches to ensure their system is up-to-date and secure.
[USN-7889-7] Linux kernel vulnerabilities
[USN-7938-1] Linux kernel (Azure) vulnerabilities
[USN-7939-2] Linux kernel (Azure FIPS) vulnerabilities
[USN-7939-1] Linux kernel (Azure) vulnerabilities
Liquorix has released version 6.17-14 of their custom-built Linux kernel, which is designed to optimize desktop performance for multimedia and gaming workloads by tapping into underutilized capabilities. This kernel includes various improvements, such as interactive tuning, optimized I/O and memory management, and changes to CPUFreq control, aiming to balance responsiveness with stability. Liquorix 6.17-14 also features additional performance enhancements like high-resolution scheduling, real-time system handling, and support for Budget Fair Queue (BFQ) and TCP BBR2 Congestion Control. Users can easily deploy the kernel on Debian, Ubuntu, or Arch Linux using pre-built binary packages from their PPA or an automated installation script.
A security issue has been fixed in the Linux kernel affecting Ubuntu 18.04 LTS, 16.04 LTS, and 14.04 LTS. This update corrects vulnerabilities in various subsystems, including the cryptographic API, ACPI drivers, and network file system (NFS) server daemon, among others.
[USN-7907-5] Linux kernel kernel vulnerabilities
Ubuntu Linux has released several security updates, including fixes for FIPS and non-FIPS Linux kernel vulnerabilities. Additionally, c-ares, Raspberry Pi, and real-time Linux kernel vulnerabilities have been addressed in the latest update. OpenStack Keystone and urllib3 also had vulnerabilities fixed in the recent security patches. Multiple other Linux kernel vulnerabilities were resolved as part of these updates.
[USN-7922-2] Linux kernel (FIPS) vulnerabilities
[USN-7925-1] c-ares vulnerability
[USN-7889-6] Linux kernel vulnerabilities
[USN-7906-3] Linux kernel (Raspberry Pi) vulnerabilities
[USN-7928-3] Linux kernel (Real-time) vulnerabilities
[USN-7928-2] Linux kernel (FIPS) vulnerabilities
[USN-7928-1] Linux kernel vulnerabilities
[USN-7926-1] OpenStack Keystone vulnerabilities
[USN-7927-1] urllib3 vulnerabilities
Ubuntu Linux has released several security updates to address various vulnerabilities. The updates include fixes for GNU binutils, libpng, Qt, and multiple issues in the Linux kernel. These patches aim to improve system security by addressing potential weaknesses that could be exploited by hackers.
[USN-7919-1] GNU binutils vulnerabilities
[USN-7924-1] libpng vulnerabilities
[USN-7923-1] Qt vulnerability
[USN-7921-1] Linux kernel vulnerabilities
[USN-7922-1] Linux kernel vulnerabilities
[USN-7920-1] Linux kernel vulnerabilities
Ubuntu has issued security notices for several vulnerabilities affecting various packages across different releases. The affected packages include Radare2, which contained memory leaks that could cause denial of service attacks; python-apt, which could crash when opening specially crafted files; and Netty, which had issues with HTTP message parsing and memory management. FontTools was also found to be vulnerable to XML External Entity (XEE) attacks and path traversal attacks that could lead to remote code execution. To fix these vulnerabilities, users are advised to update their systems to the latest package versions as specified in the security notices.
[USN-7915-1] Radare2 vulnerabilities
[USN-7916-1] python-apt vulnerability
[USN-7918-1] Netty vulnerabilities
[USN-7917-1] fontTools vulnerabilities
Ubuntu has released two separate security updates to address vulnerabilities in its system. The first update, USN-7914-1, fixes several security issues in WebKitGTK that could allow attackers to execute code or cause denial-of-service attacks. The second update, USN-7412-3, addresses a vulnerability in GnuPG on Ubuntu 18.04 LTS and 16.04 LTS that could be used to corrupt keyrings. Both updates require users to restart affected applications after installing the new packages.
[USN-7914-1] WebKitGTK vulnerabilities
[USN-7412-3] GnuPG vulnerability
Liquorix Linux kernel version 6.17-13 has been released, which is based on the stable Linux kernel 6.17.10 and designed to optimize desktop experiences for multimedia and gaming workloads. The new kernel has several important updates, like adjustments that make the system respond faster instead of saving power, better management of input/output and memory, and improved CPUFreq control for quicker responses when needed. Additionally, Liquorix 6.17-12 includes better scheduling for high-resolution tasks, a way to manage real-time processes, and support for Budget Fair Queue (BFQ) and TCP BBR2 Congestion Control The kernel can be easily installed on Debian, Ubuntu, or Arch Linux using a provided script or through their own PPA, making it a straightforward replacement for the standard kernel.
Multiple security vulnerabilities were discovered in the Linux kernel, affecting Ubuntu systems and their derivatives. These vulnerabilities were fixed in various updates, including USN-7910-2 for Linux kernel (Azure), USN-7909-4 for Linux kernel (GCP), GKE, and GKEOP, and USN-7889-5 for Linux kernel (IBM). The updates correct flaws in various subsystems, such as architecture-specific code, drivers, and file systems.
[USN-7910-2] Linux kernel (Azure) vulnerabilities
[USN-7909-4] Linux kernel vulnerabilities
[USN-7889-5] Linux kernel (IBM) vulnerabilities
[USN-7906-2] Linux kernel (GCP) vulnerabilities
Ubuntu Linux has released several security updates to address various vulnerabilities in its Linux kernel. These updates include fixes for FIPS-compliant versions of the kernel used by Google Cloud (USN-7907-4), Microsoft Azure (USN-7910-1), and generic FIPS (USN-7909-3). Additionally, other updates have been released to address vulnerabilities in the real-time Linux kernel (USN-7909-2) and IoT-focused versions of the kernel (USN-7874-3). Other software affected includes CUPS (with multiple advisories, USN-7912-1 and USN-7912-2), MAME (USN-7913-1), and various Linux kernel advisories.
[USN-7907-4] Linux kernel (GCP FIPS) vulnerabilities
[USN-7907-3] Linux kernel vulnerabilities
[USN-7911-1] Linux kernel vulnerabilities
[USN-7910-1] Linux kernel (Azure FIPS) vulnerabilities
[USN-7909-3] Linux kernel (FIPS) vulnerabilities
[USN-7909-2] Linux kernel (Real-time) vulnerabilities
[USN-7889-4] Linux kernel vulnerabilities
[USN-7879-4] Linux kernel vulnerabilities
[USN-7909-1] Linux kernel vulnerabilities
[USN-7912-2] CUPS vulnerability
[USN-7913-1] MAME vulnerabilities
[USN-7874-3] Linux kernel (IoT) vulnerabilities
[USN-7912-1] CUPS vulnerability
Ubuntu has released several security updates for various packages, including Linux kernel vulnerabilities (USN-7906-1, USN-7861-5, and USN-7907-2) that affect Ubuntu 25.10, 24.04 LTS, and 18.04 LTS versions. The updates fix multiple issues in the Linux kernel, such as insufficient branch predictor isolation, incorrect handling of memory operations, and flaws in various subsystems. Additionally, there are security notices for PostgreSQL vulnerabilities (USN-7908-1) that affect Ubuntu 25.10, 25.04, 24.04 LTS, and 22.04 LTS versions, and a KDE Connect vulnerability (USN-7905-1) affecting Ubuntu 25.10. The updates also include fixes for Ghostscript vulnerabilities (USN-7904-1) that affect various Ubuntu versions, including 20.04 LTS, 18.04 LTS, and 16.04 LTS.
[USN-7906-1] Linux kernel vulnerabilities
[USN-7908-1] PostgreSQL vulnerabilities
[USN-7861-5] Linux kernel vulnerabilities
[USN-7907-2] Linux kernel (FIPS) vulnerabilities
[USN-7907-1] Linux kernel vulnerabilities
[USN-7905-1] KDE Connect vulnerability
[USN-7904-1] Ghostscript vulnerabilities
USN-7855-1 partially fixed a regression issue in Unbound, which Ubuntu Security Notice USN-7855-2 addresses. The regression could lead to domain hijack attacks if an attacker exploited it. To resolve this issue, users need to update their system to the specified package versions for their Ubuntu release. Separately, Ubuntu Security Notice USN-7903-1 addresses several vulnerabilities in Django, including one that allowed arbitrary SQL commands and another that caused a denial of service due to inefficient deserialization of XML objects. The affected releases include multiple long-term support (LTS) versions of Ubuntu, with update instructions provided for each release.
[USN-7855-2] Unbound regression
[USN-7903-1] Django vulnerabilities
