Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Ubuntu 25.10 GLib Critical Denial of Service Arbitrary Code 2026-1484

ubuntu
Calendar Grey February 5, 2026
Dist Ubuntu Esm H88
Several critical security issues fixed in GLib for Ubuntu 25.10, 24.04 LTS and 22.04 LTS. Urgent update recommended.
Several security issues were fixed in GLib.

Summary

Several security issues were fixed in GLib.

Software Description:

- glib2.0: GLib library of C routines

Details:

It was discovered that GLib incorrectly parsed large Base64 data. An

attacker could use this issue to cause GLib to crash, resulting in a

denial of service, or possibly execute arbitrary code. (CVE-2026-1484)

It was discovered that GLib incorrectly parsed certain treemagic files.

An attacker could use this issue to cause GLib to crash, resulting in a

denial of service, or possibly execute arbitrary code. (CVE-2026-1485)

It was discovered that GLib incorrectly handled Unicode case conversion.

An attacker could use this issue to cause GLib to crash, resulting in a

denial of service, or possibly execute arbitrary code. (CVE-2026-1489)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  libglib2.0-0t64                 2.86.0-2ubuntu0.3
  libglib2.0-bin                  2.86.0-2ubuntu0.3

Ubuntu 24.04 LTS
  libglib2.0-0t64                 2.80.0-6ubuntu3.8
  libglib2.0-bin                  2.80.0-6ubuntu3.8

Ubuntu 22.04 LTS
  libglib2.0-0                    2.72.4-0ubuntu2.9
  libglib2.0-bin                  2.72.4-0ubuntu2.9

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8017-1

CVE-2026-1484, CVE-2026-1485, CVE-2026-1489

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8017-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here