Ubuntu alert USN-7913-1 (mame)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7913-1] MAME vulnerabilities | |
| Date: | Thu, 04 Dec 2025 18:51:42 +0000 | |
| Message-ID: | <E1vREQY-0000yb-9k@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-7913-1 December 04, 2025 mame vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in MAME. Software Description: - mame: MAME is a multi-purpose emulation framework Details: It was discovered that the stb library, included in MAME, had a heap-based buffer overflow. An attacker could possibly use this issue to crash the program or execute arbitrary code. (CVE-2018-16981) It was discovered that the tinyexr library, included in MAME, had a heap- based buffer over-read in the function DecodePixelData. An attacker could possibly use this issue to expose sensitive information or crash the program. (CVE-2022-34300) It was discovered that the expat library, included in MAME, had an integer-overflow in the function doProlog. An attacker could possibly use this issue to crash the program or execute arbitrary code. (CVE-2021-46143) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 mame 0.277+dfsg.1-4ubuntu0.1 mame-data 0.277+dfsg.1-4ubuntu0.1 mame-tools 0.277+dfsg.1-4ubuntu0.1 Ubuntu 25.04 mame 0.275+dfsg.1-3ubuntu0.1 mame-data 0.275+dfsg.1-3ubuntu0.1 mame-tools 0.275+dfsg.1-3ubuntu0.1 Ubuntu 24.04 LTS mame 0.264+dfsg.1-1ubuntu0.1~esm1 Available with Ubuntu Pro mame-data 0.264+dfsg.1-1ubuntu0.1~esm1 Available with Ubuntu Pro mame-tools 0.264+dfsg.1-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS mame 0.242+dfsg.1-1ubuntu0.1~esm1 Available with Ubuntu Pro mame-data 0.242+dfsg.1-1ubuntu0.1~esm1 Available with Ubuntu Pro mame-tools 0.242+dfsg.1-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS mame 0.220+dfsg.1-1ubuntu0.1~esm1 Available with Ubuntu Pro mame-data 0.220+dfsg.1-1ubuntu0.1~esm1 Available with Ubuntu Pro mame-tools 0.220+dfsg.1-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS mame 0.195+dfsg.1-2ubuntu0.1~esm1 Available with Ubuntu Pro mame-data 0.195+dfsg.1-2ubuntu0.1~esm1 Available with Ubuntu Pro mame-tools 0.195+dfsg.1-2ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7913-1 CVE-2018-16981, CVE-2021-46143, CVE-2022-34300 Package Information: https://launchpad.net/ubuntu/+source/mame/0.277+dfsg.1-4u... https://launchpad.net/ubuntu/+source/mame/0.275+dfsg.1-3u...
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmkx17MACgkQcpJm3tlz hgHbZxAAjE27kBVjV1uEx66q+SoU3UEwp1t1LNgk03DuMZa1YVKJ0fE4mwbrj/ig eqCBtZPslwdmZBfxLq0pnC6kZt8qCRNoVZrPM4/5lH05WgXnfHRRCJ4vQ37Yn6nV TJ7QQCvjBhbY8+u1RCCgGD1hVY3Rs0MblSEepWecduyWP3SPwICTXwQSpQUGN2xK TNDhRVixinZ0fJomYCnomw8M02pqeLlrH7JsU4/vQL/2HYywWXPI8afrU+RWSAM+ VhMqpBAiN2Q0r1FrgmpgH0pclGleYArnXqlTdpTVrcsNjWHn+ntzFpRFsVH6daj1 owYB9fBOAl6e4Ow8Bh7O7GAYtFIY0cCrJ82fG8tP9XCfCZPqgwAUEssMrgsAsDvX fYiYk+1mzS7NG/NBj8iAUkohbmSi/V2lu3qaelga6bBZ1ILUGGpcbnK0Y+7MZKAl bUQ5zsqutAEM7z3vZybt7iRNJhNONDq+GlGdLDMVJkyJ/Xeg16D2o3Aa0eyIo7QT X8l0dLmQNrke5PhwScmrTOLtyUnTqHCDivRxB/6LGeeAflF8hEYIrlSkCY5aBdmU 7TDw/npYuN1P/2+hwcLJZMMHjIAC9/tC95COyN096bBFuC9GpC6RnB680YYrbg+h 52JalgagU4ygq7vOg5Ov9dJiSFP58fupQZsbxBD4A1e+mI59A1w= =dvhH -----END PGP SIGNATURE-----