========================================================================= Ubuntu Security Notice USN-7423-2 April 29, 2025 binutils vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in GNU binutils. Software Description: - binutils: GNU assembler, linker and binary utilities Details: USN-7423-1 fixed several vulnerabilities in GNU. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2025-0840) It was discovered that GNU binutils incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash, expose sensitive information or execute arbitrary code. (CVE-2025-1153) It was discovered that ld in GNU binutils incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2025-1176) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS binutils 2.30-21ubuntu1~18.04.9+esm4 Available with Ubuntu Pro binutils-multiarch 2.30-21ubuntu1~18.04.9+esm4 Available with Ubuntu Pro Ubuntu 16.04 LTS binutils 2.26.1-1ubuntu1~16.04.8+esm11 Available with Ubuntu Pro binutils-multiarch 2.26.1-1ubuntu1~16.04.8+esm11 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7423-2 https://ubuntu.com/security/notices/USN-7423-1 CVE-2025-0840, CVE-2025-1153, CVE-2025-1176