Curl, Kernel, Ceph, Protocol Buffers, MongoDB updates for Ubuntu

Ubuntu 6998 Published by

Several security issues were fixed in various Ubuntu packages, including curl, the Linux kernel, and Ceph. The vulnerabilities include improperly handled cookies and WebSocket communications in curl, and flaws in GPU drivers, MMC subsystems, and SMB network file system in the Linux kernel. Additionally, Ceph's RADOS Gateway did not properly handle certain header parameters, and Protocol Buffers incorrectly handled recursion when parsing JSON format. Users are advised to update their systems to the latest package versions to address these issues and prevent potential security risks.

[USN-8062-1] curl vulnerabilities
[USN-8060-4] Linux kernel (FIPS) vulnerabilities
[USN-8059-5] Linux kernel (FIPS) vulnerabilities
[USN-8059-4] Linux kernel (Real-time) vulnerabilities
[USN-8059-3] Linux kernel vulnerabilities
[USN-8045-1] Ceph vulnerabilities
[USN-8063-1] Protocol Buffers vulnerability
[USN-8064-1] MongoDB vulnerabilities




[USN-8062-1] curl vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8062-1
February 25, 2026

curl vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in curl.

Software Description:
- curl: HTTP, HTTPS, and FTP client and client libraries

Details:

It was discovered that curl incorrectly handled cookies when redirected
from secure to insecure connections. An attacker could possibly use this
issue to cause a denial of service, or obtain sensitive information.
This issue only affected Ubuntu 25.10. (CVE-2025-9086)

Calvin Ruocco discovered that curl did not properly handle WebSocket
communications under certain circumstances. A malicious server could
possibly use this issue to poison proxy caches with malicious content.
This issue only affected Ubuntu 24.04 LTS and Ubuntu 25.10.
(CVE-2025-10148)

Stanislav Fort discovered that wcurl did not properly handle URLs with
certain encoded characters. If a user were tricked into processing
a specially crafted URL, an attacker could possibly use this issue to
write files outside the intended directory. This issue only affected
Ubuntu 25.10. (CVE-2025-11563)

Stanislav Fort discovered that curl did not properly validate pinned
public keys under certain circumstances. A remote attacker could
possibly use this issue to perform a machine-in-the-middle attack. This
issue only affected Ubuntu 25.10.(CVE-2025-13034)

Stanislav Fort discovered that curl did not properly manage TLS options
when performing LDAP over TLS transfers in multi-threaded environments.
Under certain circumstances, certificate verification could be
unintentionally and unknowingly disabled. (CVE-2025-14017)

It was discovered that curl incorrectly handled Oauth2 bearer tokens
when following redirects. A remote attacker could possibly use this
issue to obtain authentication credentials. (CVE-2025-14524)

Stanislav Fort discovered that curl did not properly validate TLS
certificates when reusing connections. A remote attacker could possibly
use this issue to bypass expected certificate verification. This issue
only affected Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2025-14819)

Harry Sintonen discovered that curl did not properly validate SSH host
keys when performing SSH-based file transfers. This issue could lead to
unintended bypass of custom known_hosts file. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-15079)

Harry Sintonen discovered that curl built with libssh did not properly
handle authentication when performing SSH-based file transfers. This
could result in unintended authentication operations. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-15224)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
curl 8.14.1-2ubuntu1.1
libcurl3t64-gnutls 8.14.1-2ubuntu1.1
libcurl4-gnutls-dev 8.14.1-2ubuntu1.1
libcurl4-openssl-dev 8.14.1-2ubuntu1.1
libcurl4t64 8.14.1-2ubuntu1.1

Ubuntu 24.04 LTS
curl 8.5.0-2ubuntu10.7
libcurl3t64-gnutls 8.5.0-2ubuntu10.7
libcurl4-gnutls-dev 8.5.0-2ubuntu10.7
libcurl4-openssl-dev 8.5.0-2ubuntu10.7
libcurl4t64 8.5.0-2ubuntu10.7

Ubuntu 22.04 LTS
curl 7.81.0-1ubuntu1.22
libcurl3-gnutls 7.81.0-1ubuntu1.22
libcurl3-nss 7.81.0-1ubuntu1.22
libcurl4 7.81.0-1ubuntu1.22
libcurl4-gnutls-dev 7.81.0-1ubuntu1.22
libcurl4-nss-dev 7.81.0-1ubuntu1.22
libcurl4-openssl-dev 7.81.0-1ubuntu1.22

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8062-1
CVE-2025-10148, CVE-2025-11563, CVE-2025-13034, CVE-2025-14017,
CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224,
CVE-2025-9086

Package Information:
https://launchpad.net/ubuntu/+source/curl/8.14.1-2ubuntu1.1
https://launchpad.net/ubuntu/+source/curl/8.5.0-2ubuntu10.7
https://launchpad.net/ubuntu/+source/curl/7.81.0-1ubuntu1.22



[USN-8060-4] Linux kernel (FIPS) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8060-4
February 25, 2026

linux-fips vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-fips: Linux kernel with FIPS

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- MMC subsystem;
(CVE-2022-49267, CVE-2025-21780)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-5.15.0-171-fips 5.15.0-171.181+fips1
Available with Ubuntu Pro
linux-image-fips 5.15.0.171.98
Available with Ubuntu Pro
linux-image-fips-5.15 5.15.0.171.98
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-8060-4
https://ubuntu.com/security/notices/USN-8060-3
https://ubuntu.com/security/notices/USN-8060-2
https://ubuntu.com/security/notices/USN-8060-1
CVE-2022-49267, CVE-2025-21780

Package Information:
https://launchpad.net/ubuntu/+source/linux-fips/5.15.0-171.181+fips1



[USN-8059-5] Linux kernel (FIPS) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8059-5
February 25, 2026

linux-fips, linux-gcp-fips vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-fips: Linux kernel with FIPS
- linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with FIPS

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-101-fips 6.8.0-101.101+fips1
Available with Ubuntu Pro
linux-image-6.8.0-1048-gcp-fips 6.8.0-1048.51+fips1
Available with Ubuntu Pro
linux-image-fips 6.8.0-101.101+fips1
Available with Ubuntu Pro
linux-image-fips-6.8 6.8.0-101.101+fips1
Available with Ubuntu Pro
linux-image-gcp-fips 6.8.0-1048.51+fips1
Available with Ubuntu Pro
linux-image-gcp-fips-6.8 6.8.0-1048.51+fips1
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-8059-5
https://ubuntu.com/security/notices/USN-8059-4
https://ubuntu.com/security/notices/USN-8059-3
https://ubuntu.com/security/notices/USN-8059-2
https://ubuntu.com/security/notices/USN-8059-1
CVE-2025-22037, CVE-2025-37899

Package Information:
https://launchpad.net/ubuntu/+source/linux-fips/6.8.0-101.101+fips1
https://launchpad.net/ubuntu/+source/linux-gcp-fips/6.8.0-1048.51+fips1



[USN-8059-4] Linux kernel (Real-time) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8059-4
February 25, 2026

linux-realtime, linux-realtime-6.8 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-realtime: Linux kernel for Real-time systems
- linux-realtime-6.8: Linux kernel for Real-time systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.1-1042-realtime 6.8.1-1042.43
Available with Ubuntu Pro
linux-image-intel-iot-realtime 6.8.1-1042.43
Available with Ubuntu Pro
linux-image-realtime 6.8.1-1042.43
Available with Ubuntu Pro
linux-image-realtime-6.8.1 6.8.1-1042.43
Available with Ubuntu Pro

Ubuntu 22.04 LTS
linux-image-6.8.1-1042-realtime 6.8.1-1042.43~22.04.1
Available with Ubuntu Pro
linux-image-realtime-6.8.1 6.8.1-1042.43~22.04.1
Available with Ubuntu Pro
linux-image-realtime-hwe-22.04 6.8.1-1042.43~22.04.1
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-8059-4
https://ubuntu.com/security/notices/USN-8059-3
https://ubuntu.com/security/notices/USN-8059-2
https://ubuntu.com/security/notices/USN-8059-1
CVE-2025-22037, CVE-2025-37899

Package Information:
https://launchpad.net/ubuntu/+source/linux-realtime/6.8.1-1042.43
https://launchpad.net/ubuntu/+source/linux-realtime-6.8/6.8.1-1042.43~22.04.1



[USN-8059-3] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8059-3
February 25, 2026

linux-gcp, linux-gcp-6.8, linux-gke, linux-oracle-6.8 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-gcp-6.8: Linux kernel for Google Cloud Platform (GCP) systems
- linux-oracle-6.8: Linux kernel for Oracle Cloud systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file system;
(CVE-2025-22037, CVE-2025-37899)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-1044-gke 6.8.0-1044.49
linux-image-6.8.0-1044-gke-64k 6.8.0-1044.49
linux-image-6.8.0-1048-gcp 6.8.0-1048.51
linux-image-6.8.0-1048-gcp-64k 6.8.0-1048.51
linux-image-gcp-6.8 6.8.0-1048.51
linux-image-gcp-64k-6.8 6.8.0-1048.51
linux-image-gcp-64k-lts-24.04 6.8.0-1048.51
linux-image-gcp-lts-24.04 6.8.0-1048.51
linux-image-gke 6.8.0-1044.49
linux-image-gke-6.8 6.8.0-1044.49
linux-image-gke-64k 6.8.0-1044.49
linux-image-gke-64k-6.8 6.8.0-1044.49

Ubuntu 22.04 LTS
linux-image-6.8.0-1044-oracle 6.8.0-1044.45~22.04.1
linux-image-6.8.0-1044-oracle-64k 6.8.0-1044.45~22.04.1
linux-image-6.8.0-1048-gcp 6.8.0-1048.51~22.04.1
linux-image-6.8.0-1048-gcp-64k 6.8.0-1048.51~22.04.1
linux-image-gcp 6.8.0-1048.51~22.04.1
linux-image-gcp-6.8 6.8.0-1048.51~22.04.1
linux-image-gcp-64k 6.8.0-1048.51~22.04.1
linux-image-gcp-64k-6.8 6.8.0-1048.51~22.04.1
linux-image-oracle 6.8.0-1044.45~22.04.1
linux-image-oracle-6.8 6.8.0-1044.45~22.04.1
linux-image-oracle-64k 6.8.0-1044.45~22.04.1
linux-image-oracle-64k-6.8 6.8.0-1044.45~22.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-8059-3
https://ubuntu.com/security/notices/USN-8059-2
https://ubuntu.com/security/notices/USN-8059-1
CVE-2025-22037, CVE-2025-37899

Package Information:
https://launchpad.net/ubuntu/+source/linux-gcp/6.8.0-1048.51
https://launchpad.net/ubuntu/+source/linux-gke/6.8.0-1044.49
https://launchpad.net/ubuntu/+source/linux-gcp-6.8/6.8.0-1048.51~22.04.1
https://launchpad.net/ubuntu/+source/linux-oracle-6.8/6.8.0-1044.45~22.04.1



[USN-8045-1] Ceph vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8045-1
February 24, 2026

ceph vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Ceph.

Software Description:
- ceph: distributed storage and file system

Details:

Martin Schobert discovered that Ceph did not properly verify SSL
certificates when using Pybind for secure mail connections, which could
result in accepting invalid certificates. An attacker could possibly use
this issue to perform an intermediary attack and access mail server
credentials or message contents. This issue only affected Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2024-31884)

It was discovered that Ceph's RADOS Gateway (RGW) did not properly handle
certain header parameters. An attacker could possibly use this issue to
cause the RGW service to crash, leading to a denial of service.
(CVE-2024-47866)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
ceph 19.2.3-0ubuntu1.25.10.3
ceph-base 19.2.3-0ubuntu1.25.10.3
ceph-common 19.2.3-0ubuntu1.25.10.3
ceph-exporter 19.2.3-0ubuntu1.25.10.3
ceph-fuse 19.2.3-0ubuntu1.25.10.3
ceph-grafana-dashboards 19.2.3-0ubuntu1.25.10.3
ceph-immutable-object-cache 19.2.3-0ubuntu1.25.10.3
ceph-mds 19.2.3-0ubuntu1.25.10.3
ceph-mgr 19.2.3-0ubuntu1.25.10.3
ceph-mgr-cephadm 19.2.3-0ubuntu1.25.10.3
ceph-mgr-dashboard 19.2.3-0ubuntu1.25.10.3
ceph-mgr-diskprediction-local 19.2.3-0ubuntu1.25.10.3
ceph-mgr-k8sevents 19.2.3-0ubuntu1.25.10.3
ceph-mgr-modules-core 19.2.3-0ubuntu1.25.10.3
ceph-mgr-rook 19.2.3-0ubuntu1.25.10.3
ceph-mon 19.2.3-0ubuntu1.25.10.3
ceph-osd 19.2.3-0ubuntu1.25.10.3
ceph-prometheus-alerts 19.2.3-0ubuntu1.25.10.3
ceph-resource-agents 19.2.3-0ubuntu1.25.10.3
ceph-volume 19.2.3-0ubuntu1.25.10.3
cephadm 19.2.3-0ubuntu1.25.10.3
cephfs-mirror 19.2.3-0ubuntu1.25.10.3
cephfs-shell 19.2.3-0ubuntu1.25.10.3
crimson-osd 19.2.3-0ubuntu1.25.10.3
libcephfs-dev 19.2.3-0ubuntu1.25.10.3
libcephfs-java 19.2.3-0ubuntu1.25.10.3
libcephfs-jni 19.2.3-0ubuntu1.25.10.3
libcephfs2 19.2.3-0ubuntu1.25.10.3
librados-dev 19.2.3-0ubuntu1.25.10.3
librados2 19.2.3-0ubuntu1.25.10.3
libradospp-dev 19.2.3-0ubuntu1.25.10.3
libradosstriper-dev 19.2.3-0ubuntu1.25.10.3
libradosstriper1 19.2.3-0ubuntu1.25.10.3
librbd-dev 19.2.3-0ubuntu1.25.10.3
librbd1 19.2.3-0ubuntu1.25.10.3
librgw-dev 19.2.3-0ubuntu1.25.10.3
librgw2 19.2.3-0ubuntu1.25.10.3
libsqlite3-mod-ceph 19.2.3-0ubuntu1.25.10.3
libsqlite3-mod-ceph-dev 19.2.3-0ubuntu1.25.10.3
python3-ceph 19.2.3-0ubuntu1.25.10.3
python3-ceph-argparse 19.2.3-0ubuntu1.25.10.3
python3-ceph-common 19.2.3-0ubuntu1.25.10.3
python3-cephfs 19.2.3-0ubuntu1.25.10.3
python3-rados 19.2.3-0ubuntu1.25.10.3
python3-rbd 19.2.3-0ubuntu1.25.10.3
python3-rgw 19.2.3-0ubuntu1.25.10.3
rados-objclass-dev 19.2.3-0ubuntu1.25.10.3
radosgw 19.2.3-0ubuntu1.25.10.3
rbd-fuse 19.2.3-0ubuntu1.25.10.3
rbd-mirror 19.2.3-0ubuntu1.25.10.3
rbd-nbd 19.2.3-0ubuntu1.25.10.3

Ubuntu 24.04 LTS
ceph 19.2.3-0ubuntu0.24.04.3
ceph-base 19.2.3-0ubuntu0.24.04.3
ceph-common 19.2.3-0ubuntu0.24.04.3
ceph-fuse 19.2.3-0ubuntu0.24.04.3
ceph-grafana-dashboards 19.2.3-0ubuntu0.24.04.3
ceph-immutable-object-cache 19.2.3-0ubuntu0.24.04.3
ceph-mds 19.2.3-0ubuntu0.24.04.3
ceph-mgr 19.2.3-0ubuntu0.24.04.3
ceph-mgr-cephadm 19.2.3-0ubuntu0.24.04.3
ceph-mgr-dashboard 19.2.3-0ubuntu0.24.04.3
ceph-mgr-diskprediction-local 19.2.3-0ubuntu0.24.04.3
ceph-mgr-k8sevents 19.2.3-0ubuntu0.24.04.3
ceph-mgr-modules-core 19.2.3-0ubuntu0.24.04.3
ceph-mgr-rook 19.2.3-0ubuntu0.24.04.3
ceph-mon 19.2.3-0ubuntu0.24.04.3
ceph-osd 19.2.3-0ubuntu0.24.04.3
ceph-prometheus-alerts 19.2.3-0ubuntu0.24.04.3
ceph-resource-agents 19.2.3-0ubuntu0.24.04.3
ceph-volume 19.2.3-0ubuntu0.24.04.3
cephadm 19.2.3-0ubuntu0.24.04.3
cephfs-mirror 19.2.3-0ubuntu0.24.04.3
cephfs-shell 19.2.3-0ubuntu0.24.04.3
crimson-osd 19.2.3-0ubuntu0.24.04.3
libcephfs-dev 19.2.3-0ubuntu0.24.04.3
libcephfs-java 19.2.3-0ubuntu0.24.04.3
libcephfs-jni 19.2.3-0ubuntu0.24.04.3
libcephfs2 19.2.3-0ubuntu0.24.04.3
librados-dev 19.2.3-0ubuntu0.24.04.3
librados2 19.2.3-0ubuntu0.24.04.3
libradospp-dev 19.2.3-0ubuntu0.24.04.3
libradosstriper-dev 19.2.3-0ubuntu0.24.04.3
libradosstriper1 19.2.3-0ubuntu0.24.04.3
librbd-dev 19.2.3-0ubuntu0.24.04.3
librbd1 19.2.3-0ubuntu0.24.04.3
librgw-dev 19.2.3-0ubuntu0.24.04.3
librgw2 19.2.3-0ubuntu0.24.04.3
libsqlite3-mod-ceph 19.2.3-0ubuntu0.24.04.3
libsqlite3-mod-ceph-dev 19.2.3-0ubuntu0.24.04.3
python3-ceph 19.2.3-0ubuntu0.24.04.3
python3-ceph-argparse 19.2.3-0ubuntu0.24.04.3
python3-ceph-common 19.2.3-0ubuntu0.24.04.3
python3-cephfs 19.2.3-0ubuntu0.24.04.3
python3-rados 19.2.3-0ubuntu0.24.04.3
python3-rbd 19.2.3-0ubuntu0.24.04.3
python3-rgw 19.2.3-0ubuntu0.24.04.3
rados-objclass-dev 19.2.3-0ubuntu0.24.04.3
radosgw 19.2.3-0ubuntu0.24.04.3
rbd-fuse 19.2.3-0ubuntu0.24.04.3
rbd-mirror 19.2.3-0ubuntu0.24.04.3
rbd-nbd 19.2.3-0ubuntu0.24.04.3

Ubuntu 22.04 LTS
ceph 17.2.9-0ubuntu0.22.04.2
ceph-base 17.2.9-0ubuntu0.22.04.2
ceph-common 17.2.9-0ubuntu0.22.04.2
ceph-fuse 17.2.9-0ubuntu0.22.04.2
ceph-grafana-dashboards 17.2.9-0ubuntu0.22.04.2
ceph-immutable-object-cache 17.2.9-0ubuntu0.22.04.2
ceph-mds 17.2.9-0ubuntu0.22.04.2
ceph-mgr 17.2.9-0ubuntu0.22.04.2
ceph-mgr-cephadm 17.2.9-0ubuntu0.22.04.2
ceph-mgr-dashboard 17.2.9-0ubuntu0.22.04.2
ceph-mgr-diskprediction-local 17.2.9-0ubuntu0.22.04.2
ceph-mgr-k8sevents 17.2.9-0ubuntu0.22.04.2
ceph-mgr-modules-core 17.2.9-0ubuntu0.22.04.2
ceph-mgr-rook 17.2.9-0ubuntu0.22.04.2
ceph-mon 17.2.9-0ubuntu0.22.04.2
ceph-osd 17.2.9-0ubuntu0.22.04.2
ceph-prometheus-alerts 17.2.9-0ubuntu0.22.04.2
ceph-resource-agents 17.2.9-0ubuntu0.22.04.2
ceph-volume 17.2.9-0ubuntu0.22.04.2
cephadm 17.2.9-0ubuntu0.22.04.2
cephfs-mirror 17.2.9-0ubuntu0.22.04.2
cephfs-shell 17.2.9-0ubuntu0.22.04.2
crimson-osd 17.2.9-0ubuntu0.22.04.2
libcephfs-dev 17.2.9-0ubuntu0.22.04.2
libcephfs-java 17.2.9-0ubuntu0.22.04.2
libcephfs-jni 17.2.9-0ubuntu0.22.04.2
libcephfs2 17.2.9-0ubuntu0.22.04.2
librados-dev 17.2.9-0ubuntu0.22.04.2
librados2 17.2.9-0ubuntu0.22.04.2
libradospp-dev 17.2.9-0ubuntu0.22.04.2
libradosstriper-dev 17.2.9-0ubuntu0.22.04.2
libradosstriper1 17.2.9-0ubuntu0.22.04.2
librbd-dev 17.2.9-0ubuntu0.22.04.2
librbd1 17.2.9-0ubuntu0.22.04.2
librgw-dev 17.2.9-0ubuntu0.22.04.2
librgw2 17.2.9-0ubuntu0.22.04.2
libsqlite3-mod-ceph 17.2.9-0ubuntu0.22.04.2
libsqlite3-mod-ceph-dev 17.2.9-0ubuntu0.22.04.2
python3-ceph 17.2.9-0ubuntu0.22.04.2
python3-ceph-argparse 17.2.9-0ubuntu0.22.04.2
python3-ceph-common 17.2.9-0ubuntu0.22.04.2
python3-cephfs 17.2.9-0ubuntu0.22.04.2
python3-rados 17.2.9-0ubuntu0.22.04.2
python3-rbd 17.2.9-0ubuntu0.22.04.2
python3-rgw 17.2.9-0ubuntu0.22.04.2
rados-objclass-dev 17.2.9-0ubuntu0.22.04.2
radosgw 17.2.9-0ubuntu0.22.04.2
rbd-fuse 17.2.9-0ubuntu0.22.04.2
rbd-mirror 17.2.9-0ubuntu0.22.04.2
rbd-nbd 17.2.9-0ubuntu0.22.04.2

Ubuntu 20.04 LTS
ceph 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-base 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-common 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-fuse 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-immutable-object-cache 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-mds 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-mgr 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-mgr-cephadm 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-mgr-dashboard 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-mgr-diskprediction-cloud 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-mgr-diskprediction-local 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-mgr-k8sevents 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-mgr-modules-core 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-mgr-rook 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-mon 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-osd 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
ceph-resource-agents 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
cephadm 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
cephfs-shell 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
libcephfs-dev 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
libcephfs-java 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
libcephfs-jni 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
libcephfs2 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
librados-dev 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
librados2 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
libradospp-dev 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
libradosstriper-dev 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
libradosstriper1 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
librbd-dev 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
librbd1 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
librgw-dev 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
librgw2 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
python3-ceph 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
python3-ceph-argparse 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
python3-ceph-common 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
python3-cephfs 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
python3-rados 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
python3-rbd 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
python3-rgw 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
rados-objclass-dev 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
radosgw 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
rbd-fuse 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
rbd-mirror 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro
rbd-nbd 15.2.17-0ubuntu0.20.04.6+esm1
Available with Ubuntu Pro

Ubuntu 18.04 LTS
ceph 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
ceph-base 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
ceph-common 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
ceph-fuse 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
ceph-mds 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
ceph-mgr 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
ceph-mon 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
ceph-osd 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
ceph-resource-agents 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
ceph-test 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
libcephfs-dev 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
libcephfs-java 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
libcephfs-jni 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
libcephfs2 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
librados-dev 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
librados2 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
libradosstriper-dev 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
libradosstriper1 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
librbd-dev 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
librbd1 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
librgw-dev 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
librgw2 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
python-ceph 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
python-cephfs 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
python-rados 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
python-rbd 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
python-rgw 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
python3-ceph-argparse 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
python3-cephfs 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
python3-rados 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
python3-rbd 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
python3-rgw 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
rados-objclass-dev 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
radosgw 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
rbd-fuse 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
rbd-mirror 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro
rbd-nbd 12.2.13-0ubuntu0.18.04.11+esm2
Available with Ubuntu Pro

Ubuntu 16.04 LTS
ceph 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
ceph-common 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
ceph-fs-common 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
ceph-fuse 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
ceph-mds 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
ceph-resource-agents 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
ceph-test 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
libcephfs-dev 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
libcephfs-java 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
libcephfs-jni 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
libcephfs1 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
librados-dev 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
librados2 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
libradosstriper-dev 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
libradosstriper1 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
librbd-dev 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
librbd1 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
librgw-dev 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
librgw2 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
python-ceph 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
python-cephfs 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
python-rados 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
python-rbd 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
radosgw 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
rbd-fuse 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
rbd-mirror 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro
rbd-nbd 10.2.11-0ubuntu0.16.04.3+esm3
Available with Ubuntu Pro

Ubuntu 14.04 LTS
ceph 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
ceph-common 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
ceph-fs-common 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
ceph-fuse 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
ceph-mds 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
ceph-resource-agents 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
ceph-test 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
libcephfs-dev 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
libcephfs-java 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
libcephfs-jni 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
libcephfs1 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
librados-dev 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
librados2 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
librbd-dev 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
librbd1 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
python-ceph 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
radosgw 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
rbd-fuse 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro
rest-bench 0.80.11-0ubuntu1.14.04.4+esm4
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8045-1
CVE-2024-31884, CVE-2024-47866

Package Information:
https://launchpad.net/ubuntu/+source/ceph/19.2.3-0ubuntu1.25.10.3
https://launchpad.net/ubuntu/+source/ceph/19.2.3-0ubuntu0.24.04.3
https://launchpad.net/ubuntu/+source/ceph/17.2.9-0ubuntu0.22.04.2



[USN-8063-1] Protocol Buffers vulnerability


==========================================================================
Ubuntu Security Notice USN-8063-1
February 25, 2026

protobuf vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Protocol Buffers could be made to consume resources if it received
specially crafted input.

Software Description:
- protobuf: protocol buffers data serialization library

Details:

It was discovered that Protocol Buffers incorrectly handled recursion when
the Python google.protobuf.json_format.ParseDict() function is being used.
An attacker could possibly use this issue to cause Protocol Buffers to
consume resources, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
libprotobuf32t64 3.21.12-11ubuntu3.1
python3-protobuf 3.21.12-11ubuntu3.1

Ubuntu 24.04 LTS
libprotobuf32t64 3.21.12-8.2ubuntu0.3
python3-protobuf 3.21.12-8.2ubuntu0.3

Ubuntu 22.04 LTS
libprotobuf23 3.12.4-1ubuntu7.22.04.6
python3-protobuf 3.12.4-1ubuntu7.22.04.6

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8063-1
CVE-2026-0994

Package Information:
https://launchpad.net/ubuntu/+source/protobuf/3.21.12-11ubuntu3.1
https://launchpad.net/ubuntu/+source/protobuf/3.21.12-8.2ubuntu0.3
https://launchpad.net/ubuntu/+source/protobuf/3.12.4-1ubuntu7.22.04.6



[USN-8064-1] MongoDB vulnerabilities


==========================================================================
Ubuntu Security Notice USN-8064-1
February 25, 2026

mongodb vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in MongoDB.

Software Description:
- mongodb: object/document-oriented database

Details:

Eliot Horowitz discovered that MongoDB may fail to validate some instances
of malformed BSON. A remote attacker could possibly use this issue to cause
MongoDB to crash, resulting in a denial of service. This issue only
affected Ubuntu 14.04 LTS. (CVE-2015-1609)

It was discovered that MongoDB read raw permissions from .dbshell history
files. A local attacker could possibly use this issue to obtain sensitive
information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04
LTS. (CVE-2016-6494)

Travis Brown discovered that MongoDB may be unable to parse specially
crafted UTF-8 strings in BSON requests. A remote attacker could possibly
use this issue to cause MongoDB to crash, resulting in a denial of service.
This issue only affected Ubuntu 18.04 LTS. (CVE-2018-20802)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
mongodb 1:3.6.3-0ubuntu1.4+esm1
Available with Ubuntu Pro
mongodb-server 1:3.6.3-0ubuntu1.4+esm1
Available with Ubuntu Pro

Ubuntu 16.04 LTS
mongodb 1:2.6.10-0ubuntu1+esm2
Available with Ubuntu Pro
mongodb-server 1:2.6.10-0ubuntu1+esm2
Available with Ubuntu Pro

Ubuntu 14.04 LTS
mongodb 1:2.4.9-1ubuntu2+esm2
Available with Ubuntu Pro
mongodb-server 1:2.4.9-1ubuntu2+esm2
Available with Ubuntu Pro

After a standard system update you need to restart MongoDB to make all the
necessary changes.

References:
https://ubuntu.com/security/notices/USN-8064-1
CVE-2018-20802


Chromium, Firefox, FreeRDP, and more updates for SUSE

Mesa 26.0.1 Released: Fix Out-of-Bounds Bug and Upgrade for Safer WebGPU Experience

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...