Alerts This Week
Warning Icon 1 1,111
Alerts This Week
Warning Icon 1 1,111

Ubuntu 7579-1 important: Godot Engine remote code execution risks

ubuntu
Calendar Grey June 18, 2025
Dist Ubuntu Esm H88
Multiple vulnerabilities have been addressed in Godot Engine impacting Ubuntu systems. Ensure your update is completed promptly to mitigate potential threats.
Several security issues were fixed in Godot Engine.

Summary

Several security issues were fixed in Godot Engine.

Software Description:

- godot: Full 2D and 3D game engine with editor

Details:

It was discovered that the Godot Engine did not properly handle

certain malformed WebM media files. If the Godot Engine opened a

specially crafted WebM file, a remote attacker could cause a denial

of service, or possibly execute arbitrary code. (CVE-2019-2126)

It was discovered that the Godot Engine did not properly handle

certain malformed TGA image files. If the Godot Engine opened a

specially crafted TGA image file, a remote attacker could cause

a denial of service, or possibly execute arbitrary code. This

issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

(CVE-2021-26825, CVE-2021-26826)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  godot3                          3.6+ds-2ubuntu0.1
  godot3-runner                   3.6+ds-2ubuntu0.1

Ubuntu 24.10
  godot3                          3.5.2-stable-2ubuntu0.24.10.1
  godot3-runner                   3.5.2-stable-2ubuntu0.24.10.1

Ubuntu 24.04 LTS
  godot3                          3.5.2-stable-2ubuntu0.24.04.1~esm1
                                  Available with Ubuntu Pro
  godot3-runner                   3.5.2-stable-2ubuntu0.24.04.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  godot3                          3.2.3-stable-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  godot3-runner                   3.2.3-stable-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  godot3                          3.2-stable-2ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  godot3-runner                   3.2-stable-2ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7579-1

CVE-2019-2126, CVE-2021-26825, CVE-2021-26826

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7579-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here