Summary of Recent Ubuntu Security Updates
On June 5, 2025, Ubuntu released security updates addressing vulnerabilities in Bootstrap, the Linux kernel (specifically NVIDIA), and GStreamer Bad Plugins. These updates affect various Ubuntu versions, including 20.04 LTS, 22.04 LTS, 24.04 LTS, 24.10, and 25.04.
- Vulnerabilities identified: CVE-2024-6484, CVE-2024-6485, CVE-2024-6531.
- Users are advised to update their systems to the latest package versions specific to their Ubuntu release.
- Vulnerabilities include issues in GPU drivers and the Sun RPC protocol, identified as CVE-2024-53168, CVE-2024-56551, CVE-2024-56608.
- Users must update their kernel packages and reboot to apply changes, with a note on the necessity to recompile third-party kernel modules due to an ABI change.
- Identified vulnerabilities include CVE-2023-50186, CVE-2024-0444, CVE-2025-3887.
- Users should update their GStreamer plugins to the latest versions for their respective Ubuntu releases.
On June 5, 2025, Ubuntu released security updates addressing vulnerabilities in Bootstrap, the Linux kernel (specifically NVIDIA), and GStreamer Bad Plugins. These updates affect various Ubuntu versions, including 20.04 LTS, 22.04 LTS, 24.04 LTS, 24.10, and 25.04.
1. Bootstrap Vulnerabilities (USN-7556-1)
- Security issues were found in Twitter Bootstrap versions 3 and 4, allowing potential cross-site scripting (XSS) attacks.- Vulnerabilities identified: CVE-2024-6484, CVE-2024-6485, CVE-2024-6531.
- Users are advised to update their systems to the latest package versions specific to their Ubuntu release.
2. Linux Kernel (NVIDIA) Vulnerabilities (USN-7550-5)
- Security flaws in the Linux kernel for NVIDIA systems could allow attackers to compromise systems.- Vulnerabilities include issues in GPU drivers and the Sun RPC protocol, identified as CVE-2024-53168, CVE-2024-56551, CVE-2024-56608.
- Users must update their kernel packages and reboot to apply changes, with a note on the necessity to recompile third-party kernel modules due to an ABI change.
3. GStreamer Bad Plugins Vulnerabilities (USN-7558-1)
- Vulnerabilities in GStreamer’s AV1 and H265 codec plugins could lead to out-of-bounds writes, causing application crashes or even executing arbitrary code.- Identified vulnerabilities include CVE-2023-50186, CVE-2024-0444, CVE-2025-3887.
- Users should update their GStreamer plugins to the latest versions for their respective Ubuntu releases.
General Update Instructions
For all three updates, users are generally advised to perform a standard system update to receive the necessary patches. Specific package versions are provided for each affected release, and Ubuntu Pro users may have access to extended support packages.Conclusion
These updates highlight the importance of maintaining system security through regular updates, especially in response to discovered vulnerabilities that could be exploited by attackers. Users should ensure their systems are updated promptly to mitigate any risks associated with these vulnerabilities. For detailed package information and to view the security notices, users can refer to the provided linksBootstrap, Linux Kernel, GStreamer updates for Ubuntu
The recent update for Ubuntu Linux addresses vulnerabilities found in Bootstrap, NVIDIA, and GStreamer Bad Plugins:
[USN-7556-1] Bootstrap vulnerabilities
[USN-7550-5] Linux kernel (NVIDIA) vulnerabilities
[USN-7558-1] GStreamer Bad Plugins vulnerabilitiesBootstrap, Linux Kernel, GStreamer updates for Ubuntu @ Linux Compatible
