==========================================================================
Ubuntu Security Notice USN-8400-1
June 08, 2026

poppler vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

poppler could be made to crash or run programs if it opened a specially
crafted file.

Software Description:
- poppler: PDF rendering library

Details:

It was discovered that poppler incorrectly handled certain malformed PDF
tiling patterns in the Splash backend. An attacker could possibly use this
issue to execute arbitrary code, obtain sensitive information, or cause a
denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  libpoppler156                   26.01.0-2ubuntu0.1
  poppler-utils                   26.01.0-2ubuntu0.1

Ubuntu 25.10
  libpoppler147                   25.03.0-10ubuntu0.2
  poppler-utils                   25.03.0-10ubuntu0.2

Ubuntu 24.04 LTS
  libpoppler134                   24.02.0-1ubuntu9.9
  poppler-utils                   24.02.0-1ubuntu9.9

Ubuntu 22.04 LTS
  libpoppler118                   22.02.0-2ubuntu0.13
  poppler-utils                   22.02.0-2ubuntu0.13

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-8400-1
  CVE-2026-10118

Package Information:
  https://launchpad.net/ubuntu/+source/poppler/26.01.0-2ubuntu0.1
  https://launchpad.net/ubuntu/+source/poppler/25.03.0-10ubuntu0.2
  https://launchpad.net/ubuntu/+source/poppler/24.02.0-1ubuntu9.9
  https://launchpad.net/ubuntu/+source/poppler/22.02.0-2ubuntu0.13

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to