Packages
- glibc - GNU C Library
Details
Vitaly Simonovich discovered that the GNU C Library did not properly
initialize the input when WRDE_REUSE is used. An attacker could possibly
use this issue to cause applications to crash, leading to a denial of
service. (CVE-2025-15281)
Anastasia Belova discovered that the GNU C Library incorrectly handled
the regcomp function when memory allocation failures occured. An attacker
could possibly use this issue to cause applications to crash, leading to
a denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2025-8058)
Igor Morgenstern discovered that the GNU C Library incorrectly handled
the memalign function when doing memory allocation. An attacker could
possibly use this issue to cause applications to crash, leading to a
denial of service, or possibly...
Vitaly Simonovich discovered that the GNU C Library did not properly
initialize the input when WRDE_REUSE is used. An attacker could possibly
use this issue to cause applications to crash, leading to a denial of
service. (CVE-2025-15281)
Anastasia Belova discovered that the GNU C Library incorrectly handled
the regcomp function when memory allocation failures occured. An attacker
could possibly use this issue to cause applications to crash, leading to
a denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2025-8058)
Igor Morgenstern discovered that the GNU C Library incorrectly handled
the memalign function when doing memory allocation. An attacker could
possibly use this issue to cause applications to crash, leading to a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu
25.10. (CVE-2026-0861)
Igor Morgenstern discovered that the GNU C Library incorrectly handled
certain DNS backend when queries for a zero-valued network. An attacker
could possibly use this issue to cause a denial of service or obtain
sensitive information. (CVE-2026-0915)
Update instructions
After a standard system update you need to reboot your computer to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 25.10 questing | libc6 – 2.42-0ubuntu3.1 | ||
| nscd – 2.42-0ubuntu3.1 | |||
| 24.04 LTS noble | libc6 – 2.39-0ubuntu8.7 | ||
| nscd – 2.39-0ubuntu8.7 | |||
| 22.04 LTS jammy | libc6 – 2.35-0ubuntu3.13 | ||
| nscd – 2.35-0ubuntu3.13 | |||
| 20.04 LTS focal | libc6 – 2.31-0ubuntu9.18+esm1 | ||
| nscd – 2.31-0ubuntu9.18+esm1 | |||
| 18.04 LTS bionic | libc6 – 2.27-3ubuntu1.6+esm6 | ||
| nscd – 2.27-3ubuntu1.6+esm6 | |||
| 16.04 LTS xenial | libc6 – 2.23-0ubuntu11.3+esm9 | ||
| nscd – 2.23-0ubuntu11.3+esm9 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.