Alerts This Week
Warning Icon 1 938
Alerts This Week
Warning Icon 1 938

Ubuntu 16.04 LTS GDAL Important Denial Of Service CVE-2025-9900 USN-8345-1

ubuntu
Calendar Grey May 29, 2026
Dist Ubuntu Esm H88
GDAL for Ubuntu may crash or allow arbitrary code execution with crafted input. Update to secure your systems.
GDAL could be made to crash or run programs if it received specially crafted input.

Summary

GDAL could be made to crash or run programs if it received specially

crafted input.

Software Description:

- gdal: Geospatial Data Abstraction Library

Details:

It was discovered that the vendored LibTIFF in GDAL incorrectly handled

memory when parsing malformed TIFF image metadata. An attacker could

possibly use this issue to cause a denial of service, obtain sensitive

information, or execute arbitrary code.

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu important arbitrary code gdal

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS
  gdal-bin                        1.11.3+dfsg-3ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libgdal-dev                     1.11.3+dfsg-3ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libgdal-java                    1.11.3+dfsg-3ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libgdal-perl                    1.11.3+dfsg-3ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libgdal1i                       1.11.3+dfsg-3ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  python-gdal                     1.11.3+dfsg-3ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  python3-gdal                    1.11.3+dfsg-3ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 14.04 LTS
  gdal-bin                        1.10.1+dfsg-5ubuntu1+esm2
                                  Available with Ubuntu Pro
  libgdal-dev                     1.10.1+dfsg-5ubuntu1+esm2
                                  Available with Ubuntu Pro
  libgdal-java                    1.10.1+dfsg-5ubuntu1+esm2
                                  Available with Ubuntu Pro
  libgdal-perl                    1.10.1+dfsg-5ubuntu1+esm2
                                  Available with Ubuntu Pro
  libgdal1h                       1.10.1+dfsg-5ubuntu1+esm2
                                  Available with Ubuntu Pro
  python-gdal                     1.10.1+dfsg-5ubuntu1+esm2
                                  Available with Ubuntu Pro
  python3-gdal                    1.10.1+dfsg-5ubuntu1+esm2
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8345-1

CVE-2025-9900

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8345-1

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu important arbitrary code gdal

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here