Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Ubuntu 24.04 LTS USN-8023-1 libxmltok Important Denial of Service

ubuntu
Calendar Grey February 11, 2026
Dist Ubuntu Esm H88
Several security issues in xmltok library affect Ubuntu users. Recommendations provided for updates to ensure protection.
Several security issues were fixed in the xmltok library.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in the xmltok library. Software Description: - libxmltok: XML Parser Toolkit, runtime libraries Details: It was discovered that Expat, contained within the xmltok library, incorrectly handled the initialization of parsers for external entities. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-24515) It was discovered that Expat, contained within the xmltok library, incorrectly handled integer calculations when allocating memory for XML tags. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-25210)

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu important xml library libxmltok

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS libxmltok1t64 1.2-4.1ubuntu2.24.0.4.1+esm4 Available with Ubuntu Pro Ubuntu 22.04 LTS libxmltok1 1.2-4ubuntu0.22.04.1~esm6 Available with Ubuntu Pro Ubuntu 20.04 LTS libxmltok1 1.2-4ubuntu0.20.04.1~esm6 Available with Ubuntu Pro Ubuntu 18.04 LTS libxmltok1 1.2-4ubuntu0.18.04.1~esm6 Available with Ubuntu Pro Ubuntu 16.04 LTS libxmltok1 1.2-3ubuntu0.16.04.1~esm5 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8023-1

CVE-2026-24515, CVE-2026-25210

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8023-1

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu important xml library libxmltok

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here