Alerts This Week
Warning Icon 1 1,308
Alerts This Week
Warning Icon 1 1,308

Ubuntu: Python Important Denial Of Service Issue USN-7951-1 CVE-2025-13836

ubuntu
Calendar Grey January 12, 2026
Dist Ubuntu Esm H88
Critical Python security issue in Ubuntu can cause crashes with crafted traffic. Updates recommended.
Python could be made to crash if it received specially crafted network traffic.

Summary

Python could be made to crash if it received specially crafted network

traffic.

Software Description:

- python3.13: An interactive high-level object-oriented language

- python3.14: An interactive high-level object-oriented language

- python3.12: An interactive high-level object-oriented language

- python3.10: An interactive high-level object-oriented language

- python3.11: An interactive high-level object-oriented language

- python3.8: An interactive high-level object-oriented language

- python3.9: An interactive high-level object-oriented language

Details:

It was discovered that Python's http.client did not properly handle the

Content-Length header in HTTP responses. A malicious server could exploit

this to cause Python to allocate excessive memory, leading to a denial of

service.

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu important network traffic python

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  libpython3.13                   3.13.7-1ubuntu0.2
  libpython3.14                   3.14.0-1ubuntu0.1
  python3.13                      3.13.7-1ubuntu0.2
  python3.14                      3.14.0-1ubuntu0.1

Ubuntu 25.04
  libpython3.13                   3.13.3-1ubuntu0.5
  python3.13                      3.13.3-1ubuntu0.5

Ubuntu 24.04 LTS
  libpython3.12t64                3.12.3-1ubuntu0.10
  python3.12                      3.12.3-1ubuntu0.10

Ubuntu 22.04 LTS
  libpython3.10                   3.10.12-1~22.04.13
  libpython3.11                   3.11.0~rc1-1~22.04.1~esm7
                                  Available with Ubuntu Pro
  python3.10                      3.10.12-1~22.04.13
  python3.11                      3.11.0~rc1-1~22.04.1~esm7
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  libpython3.8                    3.8.10-0ubuntu1~20.04.18+esm4
                                  Available with Ubuntu Pro
  libpython3.9                    3.9.5-3ubuntu0~20.04.1+esm8
                                  Available with Ubuntu Pro
  python3.8                       3.8.10-0ubuntu1~20.04.18+esm4
                                  Available with Ubuntu Pro
  python3.9                       3.9.5-3ubuntu0~20.04.1+esm8
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libpython3.8                    3.8.0-3ubuntu1~18.04.2+esm8
                                  Available with Ubuntu Pro
  python3.8                       3.8.0-3ubuntu1~18.04.2+esm8
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7951-1

CVE-2025-13836

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7951-1

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu important network traffic python

Package Information

https://launchpad.net/ubuntu/+source/python3.13/3.13.7-1ubuntu0.2
https://launchpad.net/ubuntu/+source/python3.14/3.14.0-1ubuntu0.1
https://launchpad.net/ubuntu/+source/python3.13/3.13.3-1ubuntu0.5
https://launchpad.net/ubuntu/+source/python3.12/3.12.3-1ubuntu0.10

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here