[USN-7367-1] zvbi vulnerabilities

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEELOLXZEFYQHcSWEHiyfW2m9Ldu6sFAmfhm8QFAwAAAAAACgkQyfW2m9Ldu6t6
IxAAnMAeY45sUz/Glp/3+/KKocQzROvz65wJMtRWxf0W+B855MtKOZ/tIoJSiVBR2fexf3KEcOET
0+ZyqC6PH2dfjFdVjusNH/DwP0hx4LhrYA4YxLWFnZKkZo8Oao5K0pjbEmIOX1Pat65oX23ZEiqI
wV5ZA9ugWspcU3FFwXHiLzSvYhnGLbrABnidweFsojBc+5QkqRq6RVCx3u5kTaT06i33wCzjmHZe
YUxDKr1wgd1ubf/PcoNOjS5sWaoZTix+QAPTwcmmbx21ZH6XzrXQTp+L3jvsFlolark060EcCW1d
V9KaW/Tkn/DJMw512zz6FvHhPOXWRCMeiFGsDAc6XPMgclxgCjOEDkyp5cZ2Hcg/qMJP+Rb9Ek4s
/SOsl2nRYZ+FW2FSe2aYpcJjvAz326GiLm9l6P+Bw0Zq5hs4CFj8pcFJLPtc9g03k4JP7Q0j/0dP
U59pxgifZT//FTiHeNbOmxG1o1NDWJVvd380/GIQeqy29oe/0lJdjztEe//5Gw2uVnd/JKwOUdVU
gbdqhbnSKKxdaE5rNH1kWw7okJzVS6Q8B4XgQsIOx72NTm2gOmZxuN+G1UGeLTAyLh+M6clP5i1c
F7mrbqZcctlkMe6Pct/bHzyFpntWXyHEaczhAOGWJlva3Yvj6ky+/0/T1XJ+mz+MZRJ2ArRI0fMj
qB4=
=d68s
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7367-1
March 24, 2025

zvbi vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

zvbi could be made to crash or run programs if it received specially
crafted input.

Software Description:
- zvbi: Vertical Blanking Interval (VBI) utilities

Details:

It was discovered that zvbi incorrectly handled memory when processing user
input. An attacker could possibly use this issue to cause a denial of
service or execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
  libzvbi0t64                     0.2.42-2ubuntu0.24.10.2
  zvbi                            0.2.42-2ubuntu0.24.10.2

Ubuntu 24.04 LTS
  libzvbi0t64                     0.2.42-2ubuntu0.24.04.1~esm1
                                  Available with Ubuntu Pro
  zvbi                            0.2.42-2ubuntu0.24.04.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  libzvbi0                        0.2.35-19ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  zvbi                            0.2.35-19ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  libzvbi0                        0.2.35-17ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  zvbi                            0.2.35-17ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libzvbi0                        0.2.35-13ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  zvbi                            0.2.35-13ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  libzvbi0                        0.2.35-10ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  zvbi                            0.2.35-10ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7367-1
  CVE-2025-2173, CVE-2025-2174, CVE-2025-2175, CVE-2025-2176,
  CVE-2025-2177

Package Information:
https://launchpad.net/ubuntu/+source/zvbi/0.2.42-2ubuntu0.24.10.2