Ubuntu alert USN-7959-1 (klibc)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7959-1] klibc vulnerabilities | |
| Date: | Wed, 14 Jan 2026 22:48:45 +0000 | |
| Message-ID: | <E1vg9fR-0008IB-6I@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-7959-1 January 14, 2026 klibc vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: klibc could be made to crash if it received specially crafted input. Software Description: - klibc: Minimalistic libc subset for use with initramfs Details: It was discovered that zlib, vendored in klibc, did not properly handle integer arithmetic. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 klibc-utils 2.0.14-1ubuntu1.1 libklibc 2.0.14-1ubuntu1.1 Ubuntu 25.04 klibc-utils 2.0.13-4ubuntu1.1 libklibc 2.0.13-4ubuntu1.1 Ubuntu 24.04 LTS klibc-utils 2.0.13-4ubuntu0.2 libklibc 2.0.13-4ubuntu0.2 Ubuntu 22.04 LTS klibc-utils 2.0.10-4ubuntu0.2 libklibc 2.0.10-4ubuntu0.2 Ubuntu 20.04 LTS klibc-utils 2.0.7-1ubuntu5.2+esm1 Available with Ubuntu Pro libklibc 2.0.7-1ubuntu5.2+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS klibc-utils 2.0.4-9ubuntu2.2+esm2 Available with Ubuntu Pro libklibc 2.0.4-9ubuntu2.2+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS klibc-utils 2.0.4-8ubuntu1.16.04.4+esm3 Available with Ubuntu Pro libklibc 2.0.4-8ubuntu1.16.04.4+esm3 Available with Ubuntu Pro Ubuntu 14.04 LTS klibc-utils 2.0.3-0ubuntu1.14.04.3+esm4 Available with Ubuntu Pro libklibc 2.0.3-0ubuntu1.14.04.3+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7959-1 CVE-2016-9843 Package Information: https://launchpad.net/ubuntu/+source/klibc/2.0.14-1ubuntu1.1 https://launchpad.net/ubuntu/+source/klibc/2.0.13-4ubuntu1.1 https://launchpad.net/ubuntu/+source/klibc/2.0.13-4ubuntu0.2 https://launchpad.net/ubuntu/+source/klibc/2.0.10-4ubuntu0.2
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmloHKkACgkQcpJm3tlz hgGuog/6A5CiIjbqUPWwXk4M8dchbxnqJ0iPXAybAs7Vov/2znIWfQo9qYN8MHFD FLqm0HGPsQVze4EelDC6NFiv+nMDw7wTeHNuwGYAzBJfW0Emd4KV7SjTU54XjPTH 9D2j1OyCibmDqtP8BnSvFhFHy93/r/mCfy1lsQM6NqUoQJbZmTd7kCdBcYQYJTBR KPNgWFJuCQCh8jviN7m5E2ZgUOTSC3aiFHgYp55An1ofbIi/g1OqY1X681vWIcDA 1qDYRkJf9Mf7nc6ePkiKGX6R5IkJ08HMbun1W2ADKOmf9NRov8lklS1cx2ivPPJi TRlberZqY79qiyNOOzEGFicwX/m20NebD/Xi1MvOqdH4lAT+5zru16N2kOto0mZA Jn1q7NoEx3tNs/yQZHSDb/2QH9dtDtUDps7tqMyH6sW5uJ2tOtMEQMNmC7dH7tDT uyByKpLgFn67Jk+DeVl5ubYKgtFY58Z1hKh2b1uE6DS8Sa/MN6aM36cbeaCG00ne xG09cCbIr3pVK4AEyRvblLLXOIW1n+uLjWRNKoA0hQyd1UftFHNVI1QhFHE0qF13 01Zzs9hge/dqG4kNGg5KrCZlZ7hCayD6IS1JtaUY6zPQskr6bnno/H828PoWykRm Rv4Uwk90D8XmbwZ7WuUHkW9Ko6h25VwSWCCpLAmdtLYo/7e4EQA= =waDC -----END PGP SIGNATURE-----