Ubuntu Linux has received security updates that address various vulnerabilities, including those related to the Linux kernel, Poppler, Python, and WEBrick:

[USN-7701-3] Linux kernel (IoT) vulnerabilities
[USN-7708-1] poppler vulnerability
[USN-7710-1] Python vulnerabilities
[USN-7703-3] Linux kernel (Oracle) vulnerabilities
[USN-7704-4] Linux kernel (NVIDIA) vulnerabilities
[USN-7709-1] WEBrick vulnerability

[USN-7701-3] Linux kernel (IoT) vulnerabilities

==========================================================================
Ubuntu Security Notice USN-7701-3
August 21, 2025

linux-iot vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-iot: Linux kernel for IoT platforms

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Device tree and open firmware driver;
- SCSI subsystem;
- TTY drivers;
- SMB network file system;
- Bluetooth subsystem;
- Network traffic control;
(CVE-2023-52975, CVE-2024-38541, CVE-2025-37797, CVE-2024-49950,
CVE-2024-50073, CVE-2023-52757, CVE-2025-38083)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
linux-image-5.4.0-1053-iot 5.4.0-1053.56
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7701-3
https://ubuntu.com/security/notices/USN-7701-2
https://ubuntu.com/security/notices/USN-7701-1
CVE-2023-52757, CVE-2023-52975, CVE-2024-38541, CVE-2024-49950,
CVE-2024-50073, CVE-2025-37797, CVE-2025-38083

[USN-7708-1] poppler vulnerability

=======================================================================
Ubuntu Security Notice USN-7708-1
August 20, 2025

poppler vulnerability
=======================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

poppler could be made to denial of service if it received a
specially crafted PDF file.

Software Description:
- poppler: PDF rendering library

Details:

It was discovered that poppler incorrectly handled certain PDF files.
An attacker could possibly use this issue to cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  libpoppler147                   25.03.0-3ubuntu1.2
  poppler-utils                   25.03.0-3ubuntu1.2

Ubuntu 24.04 LTS
  libpoppler134                   24.02.0-1ubuntu9.6
  poppler-utils                   24.02.0-1ubuntu9.6

Ubuntu 22.04 LTS
  libpoppler118                   22.02.0-2ubuntu0.10
  poppler-utils                   22.02.0-2ubuntu0.10

Ubuntu 20.04 LTS
  libpoppler97                    0.86.1-0ubuntu1.7+esm2
                                  Available with Ubuntu Pro
  poppler-utils                   0.86.1-0ubuntu1.7+esm2
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libpoppler73                    0.62.0-2ubuntu2.14+esm8
                                  Available with Ubuntu Pro
  poppler-utils                   0.62.0-2ubuntu2.14+esm8
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  libpoppler58                    0.41.0-0ubuntu1.16+esm8
                                  Available with Ubuntu Pro
  poppler-utils                   0.41.0-0ubuntu1.16+esm8
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary
changes.

References:
  https://ubuntu.com/security/notices/USN-7708-1
  CVE-2025-50420

Package Information:
  https://launchpad.net/ubuntu/+source/poppler/25.03.0-3ubuntu1.2
  https://launchpad.net/ubuntu/+source/poppler/24.02.0-1ubuntu9.6
  https://launchpad.net/ubuntu/+source/poppler/22.02.0-2ubuntu0.10

[USN-7710-1] Python vulnerabilities

==========================================================================
Ubuntu Security Notice USN-7710-1
August 21, 2025

python3.13, python3.12, python3.11, python3.10, python3.9, python3.8,
python3.7, python3.6, python3.5, python3.4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Python.

Software Description:
- python3.13: An interactive high-level object-oriented language
- python3.12: An interactive high-level object-oriented language
- python3.10: An interactive high-level object-oriented language
- python3.11: An interactive high-level object-oriented language
- python3.8: An interactive high-level object-oriented language
- python3.9: An interactive high-level object-oriented language
- python3.6: An interactive high-level object-oriented language
- python3.7: An interactive high-level object-oriented language
- python3.5: An interactive high-level object-oriented language
- python3.4: An interactive high-level object-oriented language

Details:

It was discovered that Python inefficiently parsed maliciously crafted HTML
input. An attacker could possibly use this issue to cause a denial of
service. (CVE-2025-6069)

It was discovered that Python incorrectly parsed maliciously crafted Tar
archives. An attacker could possibly use this issue to cause a denial of
service. (CVE-2025-8194)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
libpython3.13 3.13.3-1ubuntu0.3
python3.13 3.13.3-1ubuntu0.3

Ubuntu 24.04 LTS
libpython3.12t64 3.12.3-1ubuntu0.8
python3.12 3.12.3-1ubuntu0.8

Ubuntu 22.04 LTS
libpython3.10 3.10.12-1~22.04.11
libpython3.11 3.11.0~rc1-1~22.04.1~esm5
Available with Ubuntu Pro
python3.10 3.10.12-1~22.04.11
python3.11 3.11.0~rc1-1~22.04.1~esm5
Available with Ubuntu Pro

Ubuntu 20.04 LTS
libpython3.8 3.8.10-0ubuntu1~20.04.18+esm2
Available with Ubuntu Pro
libpython3.9 3.9.5-3ubuntu0~20.04.1+esm6
Available with Ubuntu Pro
python3.8 3.8.10-0ubuntu1~20.04.18+esm2
Available with Ubuntu Pro
python3.9 3.9.5-3ubuntu0~20.04.1+esm6
Available with Ubuntu Pro

Ubuntu 18.04 LTS
idle-python3.8 3.8.0-3ubuntu1~18.04.2+esm6
Available with Ubuntu Pro
libpython3.6 3.6.9-1~18.04ubuntu1.13+esm6
Available with Ubuntu Pro
libpython3.7 3.7.5-2ubuntu1~18.04.2+esm7
Available with Ubuntu Pro
python3.6 3.6.9-1~18.04ubuntu1.13+esm6
Available with Ubuntu Pro
python3.7 3.7.5-2ubuntu1~18.04.2+esm7
Available with Ubuntu Pro
python3.8 3.8.0-3ubuntu1~18.04.2+esm6
Available with Ubuntu Pro

Ubuntu 16.04 LTS
libpython3.5 3.5.2-2ubuntu0~16.04.13+esm19
Available with Ubuntu Pro
python3.5 3.5.2-2ubuntu0~16.04.13+esm19
Available with Ubuntu Pro

Ubuntu 14.04 LTS
libpython3.4 3.4.3-1ubuntu1~14.04.7+esm16
Available with Ubuntu Pro
libpython3.5 3.5.2-2ubuntu0~16.04.4~14.04.1+esm7
Available with Ubuntu Pro
python3.4 3.4.3-1ubuntu1~14.04.7+esm16
Available with Ubuntu Pro
python3.5 3.5.2-2ubuntu0~16.04.4~14.04.1+esm7
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7710-1
CVE-2025-6069, CVE-2025-8194

Package Information:
https://launchpad.net/ubuntu/+source/python3.13/3.13.3-1ubuntu0.3
https://launchpad.net/ubuntu/+source/python3.12/3.12.3-1ubuntu0.8

[USN-7703-3] Linux kernel (Oracle) vulnerabilities

==========================================================================
Ubuntu Security Notice USN-7703-3
August 21, 2025

linux-oracle, linux-oracle-6.8 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-oracle-6.8: Linux kernel for Oracle Cloud systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Input Device (Mouse) drivers;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- PCI subsystem;
- S/390 drivers;
- SPI subsystem;
- Trusted Execution Environment drivers;
- UFS subsystem;
- USB Device Class drivers;
- USB core drivers;
- USB Gadget drivers;
- Framebuffer layer;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- File systems infrastructure;
- SMB network file system;
- Networking core;
- L3 Master device support module;
- TCP network protocol;
- io_uring subsystem;
- Process Accounting mechanism;
- BPF subsystem;
- Timer subsystem;
- Workqueue subsystem;
- Memory management;
- Amateur Radio drivers;
- B.A.T.M.A.N. meshing protocol;
- IPv4 networking;
- IPv6 networking;
- Multipath TCP;
- Open vSwitch;
- Network traffic control;
- SOF drivers;
(CVE-2025-21776, CVE-2025-21768, CVE-2025-21848, CVE-2025-21855,
CVE-2025-21791, CVE-2025-21838, CVE-2025-21762, CVE-2025-21846,
CVE-2025-21765, CVE-2025-21869, CVE-2025-21783, CVE-2025-21868,
CVE-2025-21857, CVE-2025-21773, CVE-2024-54458, CVE-2025-21871,
CVE-2025-21763, CVE-2024-58088, CVE-2025-21835, CVE-2025-21793,
CVE-2025-21867, CVE-2025-21784, CVE-2025-21839, CVE-2025-21786,
CVE-2025-21764, CVE-2025-21761, CVE-2025-21767, CVE-2024-58020,
CVE-2025-21847, CVE-2025-21792, CVE-2025-21785, CVE-2025-21863,
CVE-2025-21854, CVE-2025-21704, CVE-2024-52559, CVE-2025-21775,
CVE-2025-21758, CVE-2025-21858, CVE-2025-21866, CVE-2025-21870,
CVE-2024-57977, CVE-2024-54456, CVE-2025-21759, CVE-2025-21781,
CVE-2025-21760, CVE-2025-21706, CVE-2024-57834, CVE-2025-21712,
CVE-2025-21864, CVE-2025-21780, CVE-2025-21790, CVE-2025-21856,
CVE-2025-21796, CVE-2025-21859, CVE-2025-21782, CVE-2024-58093,
CVE-2025-21844, CVE-2025-21795, CVE-2025-21823, CVE-2025-21853,
CVE-2025-21772, CVE-2025-21746, CVE-2025-21821, CVE-2024-58086,
CVE-2025-21787, CVE-2025-21836, CVE-2025-21861, CVE-2025-21766,
CVE-2025-21862, CVE-2025-21779)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-1032-oracle 6.8.0-1032.33
linux-image-6.8.0-1032-oracle-64k 6.8.0-1032.33
linux-image-oracle-6.8 6.8.0-1032.33
linux-image-oracle-64k-6.8 6.8.0-1032.33
linux-image-oracle-64k-lts-24.04 6.8.0-1032.33
linux-image-oracle-lts-24.04 6.8.0-1032.33

Ubuntu 22.04 LTS
linux-image-6.8.0-1032-oracle 6.8.0-1032.33~22.04.1
linux-image-6.8.0-1032-oracle-64k 6.8.0-1032.33~22.04.1
linux-image-oracle 6.8.0-1032.33~22.04.1
linux-image-oracle-6.8 6.8.0-1032.33~22.04.1
linux-image-oracle-64k 6.8.0-1032.33~22.04.1
linux-image-oracle-64k-6.8 6.8.0-1032.33~22.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7703-3
https://ubuntu.com/security/notices/USN-7703-2
https://ubuntu.com/security/notices/USN-7703-1
CVE-2024-52559, CVE-2024-54456, CVE-2024-54458, CVE-2024-57834,
CVE-2024-57977, CVE-2024-58020, CVE-2024-58086, CVE-2024-58088,
CVE-2024-58093, CVE-2025-21704, CVE-2025-21706, CVE-2025-21712,
CVE-2025-21746, CVE-2025-21758, CVE-2025-21759, CVE-2025-21760,
CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764,
CVE-2025-21765, CVE-2025-21766, CVE-2025-21767, CVE-2025-21768,
CVE-2025-21772, CVE-2025-21773, CVE-2025-21775, CVE-2025-21776,
CVE-2025-21779, CVE-2025-21780, CVE-2025-21781, CVE-2025-21782,
CVE-2025-21783, CVE-2025-21784, CVE-2025-21785, CVE-2025-21786,
CVE-2025-21787, CVE-2025-21790, CVE-2025-21791, CVE-2025-21792,
CVE-2025-21793, CVE-2025-21795, CVE-2025-21796, CVE-2025-21821,
CVE-2025-21823, CVE-2025-21835, CVE-2025-21836, CVE-2025-21838,
CVE-2025-21839, CVE-2025-21844, CVE-2025-21846, CVE-2025-21847,
CVE-2025-21848, CVE-2025-21853, CVE-2025-21854, CVE-2025-21855,
CVE-2025-21856, CVE-2025-21857, CVE-2025-21858, CVE-2025-21859,
CVE-2025-21861, CVE-2025-21862, CVE-2025-21863, CVE-2025-21864,
CVE-2025-21866, CVE-2025-21867, CVE-2025-21868, CVE-2025-21869,
CVE-2025-21870, CVE-2025-21871

Package Information:
https://launchpad.net/ubuntu/+source/linux-oracle/6.8.0-1032.33
https://launchpad.net/ubuntu/+source/linux-oracle-6.8/6.8.0-1032.33~22.04.1

[USN-7704-4] Linux kernel (NVIDIA) vulnerabilities

==========================================================================
Ubuntu Security Notice USN-7704-4
August 21, 2025

linux-nvidia vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-nvidia: Linux kernel for NVIDIA systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Arm Firmware Framework for ARMv8-A(FFA);
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NVDIMM (Non-Volatile Memory Device) drivers;
- NVME drivers;
- x86 platform drivers;
- TCM subsystem;
- Virtio drivers;
- File systems infrastructure;
- SMB network file system;
- LZO compression library;
- Digital Audio (PCM) driver;
- Tracing infrastructure;
- Padata parallel execution mechanism;
- CAN network layer;
- Networking core;
- TIPC protocol;
- ALSA framework;
(CVE-2025-38079, CVE-2025-38048, CVE-2025-38075, CVE-2025-38077,
CVE-2025-38035, CVE-2025-38037, CVE-2025-38034, CVE-2025-38058,
CVE-2025-38004, CVE-2025-38031, CVE-2025-38078, CVE-2025-38044,
CVE-2025-38066, CVE-2025-38052, CVE-2025-38043, CVE-2025-38065,
CVE-2025-38003, CVE-2025-38061, CVE-2025-38051, CVE-2025-38072,
CVE-2025-38068)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-5.15.0-1085-nvidia 5.15.0-1085.86
linux-image-5.15.0-1085-nvidia-lowlatency 5.15.0-1085.86
linux-image-nvidia 5.15.0.1085.85
linux-image-nvidia-5.15 5.15.0.1085.85
linux-image-nvidia-lowlatency 5.15.0.1085.85
linux-image-nvidia-lowlatency-5.15 5.15.0.1085.85

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7704-4
https://ubuntu.com/security/notices/USN-7704-3
https://ubuntu.com/security/notices/USN-7704-2
https://ubuntu.com/security/notices/USN-7704-1
CVE-2025-38003, CVE-2025-38004, CVE-2025-38031, CVE-2025-38034,
CVE-2025-38035, CVE-2025-38037, CVE-2025-38043, CVE-2025-38044,
CVE-2025-38048, CVE-2025-38051, CVE-2025-38052, CVE-2025-38058,
CVE-2025-38061, CVE-2025-38065, CVE-2025-38066, CVE-2025-38068,
CVE-2025-38072, CVE-2025-38075, CVE-2025-38077, CVE-2025-38078,
CVE-2025-38079

Package Information:
https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1085.86

[USN-7709-1] WEBrick vulnerability

==========================================================================
Ubuntu Security Notice USN-7709-1
August 21, 2025

ruby-webrick vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

WEBrick could allow an HTTP request smuggling attack.

Software Description:
- ruby-webrick: HTTP server toolkit in Ruby

Details:

It was discovered that WEBrick incorrectly parsed HTTP headers. In
configurations where WEBrick is placed behind an HTTP proxy, a remote
attacker could possibly use this issue to perform an HTTP Request Smuggling
attack.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
ruby-webrick 1.8.1-1ubuntu1.1

Ubuntu 24.04 LTS
ruby-webrick 1.8.1-1ubuntu0.2

Ubuntu 22.04 LTS
ruby-webrick 1.7.0-3ubuntu0.2

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7709-1
CVE-2025-6442

Package Information:
https://launchpad.net/ubuntu/+source/ruby-webrick/1.8.1-1ubuntu1.1
https://launchpad.net/ubuntu/+source/ruby-webrick/1.8.1-1ubuntu0.2
https://launchpad.net/ubuntu/+source/ruby-webrick/1.7.0-3ubuntu0.2