USN-7913-1: MAME vulnerabilities
Ubuntu ServerCanonical
USN-7913-1: MAME vulnerabilities
Publication date: 4 December 2025
Overview: Several security issues were fixed in MAME.
Packages
mame - MAME is a multi-purpose emulation framework
Details
It was discovered that the stb library, included in MAME, had a heap-based
buffer overflow. An attacker could possibly use this issue to crash the
program or execute arbitrary code. (CVE-2018-16981)
It was discovered that the tinyexr library, included in MAME, had a heap-
based buffer over-read in the function DecodePixelData. An attacker could
possibly use this issue to expose sensitive information or crash the
program. (CVE-2022-34300)
It was discovered that the expat library, included in MAME, had an
integer-overflow in the function doProlog. An attacker could possibly use
this issue to crash the program or execute arbitrary code.
(CVE-2021-46143)
Update instructions
In general, a standard system update will make all the necessary changes.
The problem can be corrected by updating your system to the following package versions:
25.10 questing
- mame – 0.277+dfsg.1-4ubuntu0.1
- mame-data – 0.277+dfsg.1-4ubuntu0.1
- mame-tools – 0.277+dfsg.1-4ubuntu0.1
25.04 plucky
- mame – 0.275+dfsg.1-3ubuntu0.1
- mame-data – 0.275+dfsg.1-3ubuntu0.1
- mame-tools – 0.275+dfsg.1-3ubuntu0.1
24.04 LTS noble
- mame – 0.264+dfsg.1-1ubuntu0.1~esm1
- mame-data – 0.264+dfsg.1-1ubuntu0.1~esm1
- mame-tools – 0.264+dfsg.1-1ubuntu0.1~esm1
22.04 LTS jammy
- mame – 0.242+dfsg.1-1ubuntu0.1~esm1
- mame-data – 0.242+dfsg.1-1ubuntu0.1~esm1
- mame-tools – 0.242+dfsg.1-1ubuntu0.1~esm1
20.04 LTS focal
- mame – 0.220+dfsg.1-1ubuntu0.1~esm1
- mame-data – 0.220+dfsg.1-1ubuntu0.1~esm1
- mame-tools – 0.220+dfsg.1-1ubuntu0.1~esm1
18.04 LTS bionic
- mame – 0.195+dfsg.1-2ubuntu0.1~esm1
- mame-data – 0.195+dfsg.1-2ubuntu0.1~esm1
- mame-tools – 0.195+dfsg.1-2ubuntu0.1~esm1
