Ubuntu: urllib3 Critical DoS Regression USN-7927-2 CVE-2025-66471
ubuntu
January 12, 2026
USN-7927-1 introduced a regression in urllib3
Summary
USN-7927-1 introduced a regression in urllib3
Software Description:
- python-urllib3: HTTP library with thread-safe connection pooling
Details:
USN-7927-1 fixed vulnerabilities in urllib3. The update for CVE-2025-66471
introduced a regression in the zstd decompression component inside urllib3.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Illia Volochii discovered that urllib3 did not limit the steps in a
decompression chain. An attacker could possibly use this issue to cause
urllib3 to use excessive resources, causing a denial of service.
(CVE-2025-66418)
Rui Xi discovered that urllib3 incorrectly handled highly compressed data.
An attacker could possibly use this issue to cause urllib3 to use
excessive resources, causing a denial of service. This issue only affected
Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10. (CVE-2025-66471)
For the brotli encoding, the fix for CVE-2025-66471 requires an additional
security ...
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 python3-urllib3 2.3.0-3ubuntu0.3 Ubuntu 25.04 python3-urllib3 2.3.0-2ubuntu0.4 Ubuntu 24.04 LTS python3-urllib3 2.0.7-1ubuntu0.5 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-7927-2
https://ubuntu.com/security/notices/USN-7927-1
CVE-2025-66471, https://launchpad.net/bugs/2136906
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-7927-2
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!