Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

Ubuntu 25.10 Protocol Buffers Important Resource Consumption DoS USN-8063-1

ubuntu
Calendar Grey February 25, 2026
Dist Ubuntu Esm H88
Addressing resource consumption issues in Protocol Buffers on Ubuntu through security updates for affected releases.
Protocol Buffers could be made to consume resources if it received specially crafted input.

Summary

Protocol Buffers could be made to consume resources if it received

specially crafted input.

Software Description:

- protobuf: protocol buffers data serialization library

Details:

It was discovered that Protocol Buffers incorrectly handled recursion when

the Python google.protobuf.json_format.ParseDict() function is being used.

An attacker could possibly use this issue to cause Protocol Buffers to

consume resources, resulting in a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  libprotobuf32t64                3.21.12-11ubuntu3.1
  python3-protobuf                3.21.12-11ubuntu3.1

Ubuntu 24.04 LTS
  libprotobuf32t64                3.21.12-8.2ubuntu0.3
  python3-protobuf                3.21.12-8.2ubuntu0.3

Ubuntu 22.04 LTS
  libprotobuf23                   3.12.4-1ubuntu7.22.04.6
  python3-protobuf                3.12.4-1ubuntu7.22.04.6

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8063-1

CVE-2026-0994

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8063-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.