UBUNTU-CVE-2025-22869
- Source
- https://ubuntu.com/security/CVE-2025-22869
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-22869.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-22869
- Upstream
- Published
- 2025-02-26T08:14:00Z
- Modified
- 2025-09-08T17:08:05Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.
- References
Affected packages
Ubuntu:Pro:16.04:LTS / golang-go.crypto
Package
- Name
- golang-go.crypto
- Purl
- pkg:deb/ubuntu/golang-go.crypto@1:0.0~git20151201.0.7b85b09-2?arch=source&distro=esm-infra/xenial
Ubuntu:Pro:16.04:LTS / lxd
Package
- Name
- lxd
- Purl
- pkg:deb/ubuntu/lxd@2.0.11-0ubuntu1~16.04.4+esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.20-0ubuntu4
0.21-0ubuntu3
0.21-0ubuntu5
0.22-0ubuntu1
0.22-0ubuntu2
0.23-0ubuntu1
0.23-0ubuntu2
0.23-0ubuntu3
0.24-0ubuntu2
0.24-0ubuntu3
0.24-0ubuntu4
0.25-0ubuntu1
0.26-0ubuntu2
0.26-0ubuntu3
0.27-0ubuntu1
0.27-0ubuntu2
2.*
2.0.0~beta1-0ubuntu3
2.0.0~beta1-0ubuntu4
2.0.0~beta2-0ubuntu1
2.0.0~beta2-0ubuntu2
2.0.0~beta3-0ubuntu1
2.0.0~beta3-0ubuntu2
2.0.0~beta3-0ubuntu3
2.0.0~beta3-0ubuntu4
2.0.0~beta4-0ubuntu1
2.0.0~beta4-0ubuntu2
2.0.0~beta4-0ubuntu3
2.0.0~beta4-0ubuntu4
2.0.0~beta4-0ubuntu5
2.0.0~beta4-0ubuntu6
2.0.0~beta4-0ubuntu7
2.0.0~rc1-0ubuntu1
2.0.0~rc1-0ubuntu2
2.0.0~rc1-0ubuntu3
2.0.0~rc2-0ubuntu2
2.0.0~rc2-0ubuntu3
2.0.0~rc3-0ubuntu1
2.0.0~rc3-0ubuntu2
2.0.0~rc3-0ubuntu3
2.0.0~rc3-0ubuntu4
2.0.0~rc4-0ubuntu1
2.0.0~rc5-0ubuntu1
2.0.0~rc6-0ubuntu1
2.0.0~rc6-0ubuntu2
2.0.0~rc7-0ubuntu1
2.0.0~rc7-0ubuntu2
2.0.0~rc8-0ubuntu1
2.0.0~rc8-0ubuntu2
2.0.0~rc8-0ubuntu3
2.0.0~rc8-0ubuntu5
2.0.0~rc8-0ubuntu6
2.0.0~rc8-0ubuntu7
2.0.0~rc9-0ubuntu2
2.0.0~rc9-0ubuntu3
2.0.0~rc9-0ubuntu4
2.0.0~rc9-0ubuntu5
2.0.0-0ubuntu1
2.0.0-0ubuntu2
2.0.0-0ubuntu3
2.0.0-0ubuntu4
2.0.1-0ubuntu1~16.04.1
2.0.2-0ubuntu1~16.04.1
2.0.3-0ubuntu1~ubuntu16.04.2
2.0.4-0ubuntu1~ubuntu16.04.1
2.0.5-0ubuntu1~ubuntu16.04.1
2.0.8-0ubuntu1~ubuntu16.04.1
2.0.8-0ubuntu1~ubuntu16.04.2
2.0.9-0ubuntu1~16.04.1
2.0.9-0ubuntu1~16.04.2
2.0.10-0ubuntu1~16.04.1
2.0.10-0ubuntu1~16.04.2
2.0.11-0ubuntu1~16.04.2
2.0.11-0ubuntu1~16.04.4
2.0.11-0ubuntu1~16.04.4+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-lxc-lxd-dev",
"binary_version": "2.0.11-0ubuntu1~16.04.4+esm1"
},
{
"binary_name": "lxc2",
"binary_version": "2.0.11-0ubuntu1~16.04.4+esm1"
},
{
"binary_name": "lxd",
"binary_version": "2.0.11-0ubuntu1~16.04.4+esm1"
},
{
"binary_name": "lxd-client",
"binary_version": "2.0.11-0ubuntu1~16.04.4+esm1"
},
{
"binary_name": "lxd-tools",
"binary_version": "2.0.11-0ubuntu1~16.04.4+esm1"
}
]
}
Ubuntu:Pro:16.04:LTS / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.61.4ubuntu0.16.04.1+esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.9
1.9.1.1
1.9.2
2.*
2.0
2.0.1
2.0.2
2.0.3
2.0.5
2.0.8
2.0.9
2.0.10
2.11+0.16.04
2.12+0.16.04
2.13
2.14.2~16.04
2.15.2ubuntu1
2.16ubuntu3
2.17.1ubuntu1
2.20.1ubuntu1
2.21
2.22.2
2.22.3
2.22.6
2.23.1
2.24.1
2.25
2.26.10
2.27.5
2.28.5
2.29.4.2
2.32.3.2
2.32.9
2.33.1ubuntu2
2.34.2
2.34.2ubuntu0.1
2.37.4
2.37.4ubuntu0.1
2.38
2.39.2
2.39.2ubuntu0.2
2.40
2.42.1
2.45.1
2.45.1ubuntu0.2
2.46.1
2.47.1
2.48
2.48.3
2.54.3+16.04~esm2
2.54.3+16.04.0ubuntu0.1~esm3
2.54.3+16.04.0ubuntu0.1~esm4
2.54.3+16.04.0ubuntu0.1~esm5
2.54.3+16.04.0ubuntu0.1~esm6
2.61.4ubuntu0.16.04.1+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.61.4ubuntu0.16.04.1+esm1"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.61.4ubuntu0.16.04.1+esm1"
},
{
"binary_name": "snap-confine",
"binary_version": "2.61.4ubuntu0.16.04.1+esm1"
},
{
"binary_name": "snapd",
"binary_version": "2.61.4ubuntu0.16.04.1+esm1"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.61.4ubuntu0.16.04.1+esm1"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.61.4ubuntu0.16.04.1+esm1"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.61.4ubuntu0.16.04.1+esm1"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.61.4ubuntu0.16.04.1+esm1"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.61.4ubuntu0.16.04.1+esm1"
}
]
}
Ubuntu:Pro:18.04:LTS / lxd
Package
- Name
- lxd
- Purl
- pkg:deb/ubuntu/lxd@3.0.3-0ubuntu1~18.04.2+esm1?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.18-0ubuntu6
2.19-0ubuntu1
2.20-0ubuntu3
2.20-0ubuntu4
2.21-0ubuntu1
2.21-0ubuntu2
2.21-0ubuntu3
2.21-0ubuntu4
3.*
3.0.0~beta2-0ubuntu3
3.0.0~beta3-0ubuntu3
3.0.0~beta5-0ubuntu2
3.0.0~beta7-0ubuntu1
3.0.0-0ubuntu1
3.0.0-0ubuntu2
3.0.0-0ubuntu3
3.0.0-0ubuntu4
3.0.1-0ubuntu1~18.04.1
3.0.2-0ubuntu1~18.04.1
3.0.3-0ubuntu1~18.04.1
3.0.3-0ubuntu1~18.04.2
3.0.3-0ubuntu1~18.04.2+esm1
Ubuntu:Pro:18.04:LTS / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.61.4ubuntu0.18.04.1+esm1?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.28.5+17.10
2.29.4.1+18.04
2.29.4.2+18.04
2.31.1+18.04
2.32+18.04~pre5
2.32+18.04~pre6
2.32+18.04
2.32.3.2+18.04
2.32.5+18.04
2.32.8+18.04
2.32.9+18.04
2.33.1+18.04ubuntu2
2.34.2+18.04
2.34.2+18.04.1
2.37.1+18.04
2.37.1.1+18.04
2.37.4+18.04
2.37.4+18.04.1
2.38+18.04
2.39.2+18.04
2.40+18.04
2.42.1+18.04
2.45.1+18.04
2.45.1+18.04.2
2.46.1+18.04
2.47.1+18.04
2.48+18.04
2.48.3+18.04
2.49.2+18.04
2.51.1+18.04
2.54.2+18.04ubuntu1
2.54.3+18.04
2.54.3+18.04.2ubuntu0.1
2.54.3+18.04.2ubuntu0.2
2.55.5+18.04
2.57.5+18.04
2.57.5+18.04ubuntu0.1
2.58+18.04
2.58+18.04.1
2.61.4ubuntu0.18.04.1+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.61.4ubuntu0.18.04.1+esm1"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.61.4ubuntu0.18.04.1+esm1"
},
{
"binary_name": "snap-confine",
"binary_version": "2.61.4ubuntu0.18.04.1+esm1"
},
{
"binary_name": "snapd",
"binary_version": "2.61.4ubuntu0.18.04.1+esm1"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.61.4ubuntu0.18.04.1+esm1"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.61.4ubuntu0.18.04.1+esm1"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.61.4ubuntu0.18.04.1+esm1"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.61.4ubuntu0.18.04.1+esm1"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.61.4ubuntu0.18.04.1+esm1"
}
]
}
Ubuntu:Pro:18.04:LTS / golang-go.crypto
Package
- Name
- golang-go.crypto
- Purl
- pkg:deb/ubuntu/golang-go.crypto@1:0.0~git20170629.0.5ef0053-2?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:20.04:LTS / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.67.1+20.04?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.41+19.10.1
2.42.1+20.04
2.43.3+git1.8109f8
2.44~pre1+20.04
2.44+20.04
2.44.2+20.04
2.44.3+20.04
2.45.1+20.04
2.45.1+20.04.2
2.46.1+20.04
2.47.1+20.04
2.48+20.04
2.48.3+20.04
2.49.2+20.04
2.51.1+20.04ubuntu2
2.54.2+20.04ubuntu2
2.54.3+20.04
2.54.3+20.04.1
2.54.3+20.04.1ubuntu0.1
2.54.3+20.04.1ubuntu0.2
2.54.3+20.04.1ubuntu0.3
2.55.5+20.04
2.57.5+20.04
2.57.5+20.04ubuntu0.1
2.58+20.04
2.58+20.04.1
2.61.3+20.04
2.62+20.04
2.63+20.04
2.63+20.04ubuntu0.1
2.65.3+20.04
2.66.1+20.04
2.67.1+20.04
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.67.1+20.04"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.67.1+20.04"
},
{
"binary_name": "snap-confine",
"binary_version": "2.67.1+20.04"
},
{
"binary_name": "snapd",
"binary_version": "2.67.1+20.04"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.67.1+20.04"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.67.1+20.04"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.67.1+20.04"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.67.1+20.04"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.67.1+20.04"
}
]
}
Ubuntu:Pro:20.04:LTS / golang-go.crypto
Package
- Name
- golang-go.crypto
- Purl
- pkg:deb/ubuntu/golang-go.crypto@1:0.0~git20200221.2aa609c-1?arch=source&distro=esm-apps/focal
Ubuntu:22.04:LTS / golang-go.crypto
Package
- Name
- golang-go.crypto
- Purl
- pkg:deb/ubuntu/golang-go.crypto@1:0.0~git20211202.5770296-1?arch=source&distro=jammy
Ubuntu:22.04:LTS / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.68.5+ubuntu22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.53+21.10ubuntu1
2.54.2+22.04ubuntu1
2.54.2+22.04ubuntu2
2.54.2+22.04ubuntu3
2.54.3+git19.g868fc21+22.04
2.54.3+git26.g360067e+22.04
2.55.2+22.04
2.55.2+22.04.1
2.55.3+22.04
2.55.3+22.04ubuntu1
2.55.5+22.04
2.56.2+22.04ubuntu1
2.57.4+22.04
2.57.5+22.04
2.57.5+22.04ubuntu0.1
2.58+22.04
2.58+22.04.1
2.61.3+22.04
2.62+22.04
2.63+22.04
2.63+22.04ubuntu0.1
2.65.3+22.04
2.66.1+22.04
2.67.1+22.04
2.68.5+ubuntu22.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.68.5+ubuntu22.04.1"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.68.5+ubuntu22.04.1"
},
{
"binary_name": "snap-confine",
"binary_version": "2.68.5+ubuntu22.04.1"
},
{
"binary_name": "snapd",
"binary_version": "2.68.5+ubuntu22.04.1"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.68.5+ubuntu22.04.1"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.68.5+ubuntu22.04.1"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.68.5+ubuntu22.04.1"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.68.5+ubuntu22.04.1"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.68.5+ubuntu22.04.1"
}
]
}
Ubuntu:24.04:LTS / golang-go.crypto
Package
- Name
- golang-go.crypto
- Purl
- pkg:deb/ubuntu/golang-go.crypto@1:0.19.0-1?arch=source&distro=noble
Ubuntu:24.04:LTS / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.68.5+ubuntu24.04.1?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.60.4+23.10
2.61.3+24.04
2.62+24.04build1
2.63+24.04
2.63+24.04ubuntu0.1
2.63.1+24.04
2.65.3+24.04
2.66.1+24.04
2.67.1+24.04
2.68.5+ubuntu24.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.68.5+ubuntu24.04.1"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.68.5+ubuntu24.04.1"
},
{
"binary_name": "snap-confine",
"binary_version": "2.68.5+ubuntu24.04.1"
},
{
"binary_name": "snapd",
"binary_version": "2.68.5+ubuntu24.04.1"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.68.5+ubuntu24.04.1"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.68.5+ubuntu24.04.1"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.68.5+ubuntu24.04.1"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.68.5+ubuntu24.04.1"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.68.5+ubuntu24.04.1"
}
]
}
Ubuntu:25.04 / golang-go.crypto
Package
- Name
- golang-go.crypto
- Purl
- pkg:deb/ubuntu/golang-go.crypto@1:0.25.0-1?arch=source&distro=plucky
Ubuntu:25.04 / snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.68.5+ubuntu25.04.2?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.68.5+ubuntu25.04.2"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.68.5+ubuntu25.04.2"
},
{
"binary_name": "snap-confine",
"binary_version": "2.68.5+ubuntu25.04.2"
},
{
"binary_name": "snapd",
"binary_version": "2.68.5+ubuntu25.04.2"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.68.5+ubuntu25.04.2"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.68.5+ubuntu25.04.2"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.68.5+ubuntu25.04.2"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.68.5+ubuntu25.04.2"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.68.5+ubuntu25.04.2"
}
]
}