USN-7959-1: klibc vulnerabilities
Ubuntu DesktopCanonical
USN-7959-1: klibc vulnerabilities
Publication date: 14 January 2026
Overview: klibc could be made to crash if it received specially crafted input.
Packages
- klibc - Minimalistic libc subset for use with initramfs
Details
It was discovered that zlib, vendored in klibc, did not properly handle
integer arithmetic. An attacker could possibly use this issue to execute
arbitrary code or cause a denial of service.
Update instructions
In general, a standard system update will make all the necessary changes.
The problem can be corrected by updating your system to the following package versions:
25.10 questing
- klibc-utils – 2.0.14-1ubuntu1.1
- libklibc – 2.0.14-1ubuntu1.1
25.04 plucky
- klibc-utils – 2.0.13-4ubuntu1.1
- libklibc – 2.0.13-4ubuntu1.1
24.04 LTS noble
- klibc-utils – 2.0.13-4ubuntu0.2
- libklibc – 2.0.13-4ubuntu0.2
-
22.04 LTS jammy - klibc-utils – 2.0.10-4ubuntu0.2
- libklibc – 2.0.10-4ubuntu0.2
20.04 LTS focal
- klibc-utils – 2.0.7-1ubuntu5.2+esm1
- libklibc – 2.0.7-1ubuntu5.2+esm1
18.04 LTS bionic
- klibc-utils – 2.0.4-9ubuntu2.2+esm2
- libklibc – 2.0.4-9ubuntu2.2+esm2
16.04 LTS xenial
- klibc-utils – 2.0.4-8ubuntu1.16.04.4+esm3
- libklibc – 2.0.4-8ubuntu1.16.04.4+esm3
14.04 LTS trusty
- klibc-utils – 2.0.3-0ubuntu1.14.04.3+esm4
- libklibc – 2.0.3-0ubuntu1.14.04.3+esm4
