Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Ubuntu 22.04 TeX Live Important DOS Network Attacks USN-7985-1

ubuntu
Calendar Grey January 29, 2026
Dist Ubuntu Esm H88
Several security issues fixed in TeX Live, impacting Ubuntu 16.04 to 22.04 LTS, including DOS and network risks.
Several security issues were fixed in TeX Live.

Summary

Several security issues were fixed in TeX Live.

Software Description:

- texlive-bin: Binaries for TeX Live

Details:

Shin Ando discovered that the Xpdf toolkit embedded in TeX Live incorrectly

handled memory when decoding certain data streams. An attacker could

possibly use this issue to cause TeX Live to crash, resulting in a denial

of service, or execute arbitrary code. This issue only affected Ubuntu

20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24106, CVE-2022-24107)

It was discovered that TeX Live allowed documents to make arbitrary network

requests. If a user or automated system were tricked into opening a

specially crafted document, a remote attacker could possibly use this issue

to exfiltrate sensitive information, or perform other network-related

attacks. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

(CVE-2023-32668)

It was discovered that TeX Live incorrectly handled certain TrueType fonts.

If a user or automated system were tricked into opening a specia...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory DoS Ubuntu important network attack texlive-bin

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
  texlive-binaries                2021.20210626.59705-1ubuntu0.3

Ubuntu 20.04 LTS
  texlive-binaries                2019.20190605.51237-3ubuntu0.2+esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  texlive-binaries                2017.20170613.44572-8ubuntu0.2+esm1
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  texlive-binaries                2015.20160222.37495-1ubuntu0.1+esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7985-1

CVE-2022-24106, CVE-2022-24107, CVE-2023-32668, CVE-2024-25262

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7985-1

Topics%20covered

Topics Covered

security advisory DoS Ubuntu important network attack texlive-bin

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here