Alerts This Week
Warning Icon 1 545
Alerts This Week
Warning Icon 1 545

Ubuntu OpenImageIO Significant Denial Of Service Security Flaws USN-8438-1

ubuntu
Calendar Grey June 16, 2026
Dist Ubuntu Esm H88
Security advisory for Ubuntu OpenImageIO addresses critical issues and provides essential updates to ensure system integrity.
Several security issues were fixed in OpenImageIO.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in OpenImageIO. Software Description: - openimageio: Library for reading and writing images Details: It was discovered that OpenImageIO incorrectly performed bounds checking when processing SGI files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-43903) It was discovered that OpenImageIO incorrectly handled run-length encoding when processing Softimage PIC files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-43904) It was discovered that OpenImageIO incorrectly validated subimage metadata when processing HEIF files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu important arbitrary code openimageio

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libopenimageio-dev 2.5.19.1+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro libopenimageio2.5 2.5.19.1+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro openimageio-tools 2.5.19.1+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro python3-openimageio 2.5.19.1+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 24.04 LTS libopenimageio-dev 2.4.17.0+dfsg-1.1ubuntu0.1~esm1 Available with Ubuntu Pro libopenimageio2.4t64 2.4.17.0+dfsg-1.1ubuntu0.1~esm1 Available with Ubuntu Pro openimageio-tools 2.4.17.0+dfsg-1.1ubuntu0.1~esm1 Available with Ubuntu Pro python3-openimageio 2.4.17.0+dfsg-1.1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS libopenimageio-dev 2.1.12.0~dfsg0-1ubuntu0.1~esm1 Available with Ubuntu Pro libopenimageio2.1 2.1.12.0~dfsg0-1ubuntu0.1~esm1 Available with Ubuntu Pro openimageio-tools 2.1.12.0~dfsg0-1ubuntu0.1~esm1 Available with Ubuntu Pro python3-openimageio 2.1.12.0~dfsg0-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS libopenimageio-dev 1.7.17~dfsg0-1ubuntu2+esm1 Available with Ubuntu Pro libopenimageio1.7 1.7.17~dfsg0-1ubuntu2+esm1 Available with Ubuntu Pro openimageio-tools 1.7.17~dfsg0-1ubuntu2+esm1 Available with Ubuntu Pro python-openimageio 1.7.17~dfsg0-1ubuntu2+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS libopenimageio-dev 1.6.11~dfsg0-1ubuntu1+esm2 Available with Ubuntu Pro libopenimageio1.6 1.6.11~dfsg0-1ubuntu1+esm2 Available with Ubuntu Pro openimageio-tools 1.6.11~dfsg0-1ubuntu1+esm2 Available with Ubuntu Pro python-openimageio 1.6.11~dfsg0-1ubuntu1+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8438-1

CVE-2026-43903, CVE-2026-43904, CVE-2026-43906, CVE-2026-43907,

CVE-2026-43908, CVE-2026-43909

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8438-1

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu important arbitrary code openimageio

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here