Explore top 10 tips to secure your open-source projects now. Read More
×
libjxl could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
- jpeg-xl: Reference codec implementation for JPEG XL compressed raster image format
Details:
Daniel Novomesk� discovered that libjxl did not properly manage memory when
decoding certain files. An attacker could use this issue to cause
libjxl to crash, resulting in denial of service, or possibly execute
arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libjpegxl-java 0.11.1-6ubuntu1.1 libjxl-tools 0.11.1-6ubuntu1.1 libjxl0.11 0.11.1-6ubuntu1.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-8146-1
CVE-2026-1837
Get the latest Linux and open source security news straight to your inbox.