UBUNTU-CVE-2025-67858

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2025-67858

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-67858.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-67858

Upstream

CVE-2025-67858

Published

2026-01-08T16:15:00Z

Modified

2026-01-14T22:16:33.178792Z

Severity

7.0 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity loss of the firewall configuration or further unspecified impact by manipulating the JSON configuration passed to nft. This issue affects Foomuuri: from ? before 0.31.

References

Affected packages

Ubuntu:24.04:LTS / foomuuri

Package

Name: foomuuri
Purl: pkg:deb/ubuntu/foomuuri@0.22-1?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.20-1

0.21-1

0.21-2

0.22-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "foomuuri",
            "binary_version": "0.22-1"
        },
        {
            "binary_name": "foomuuri-firewalld",
            "binary_version": "0.22-1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-67858.json"

Ubuntu:25.10 / foomuuri

Package

Name: foomuuri
Purl: pkg:deb/ubuntu/foomuuri@0.27-2?arch=source&distro=questing

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.27-2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "foomuuri",
            "binary_version": "0.27-2"
        },
        {
            "binary_name": "foomuuri-firewalld",
            "binary_version": "0.27-2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-67858.json"

Ubuntu:25.04 / foomuuri

Package

Name: foomuuri
Purl: pkg:deb/ubuntu/foomuuri@0.27-2?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.24-2

0.25-2

0.26-1

0.27-1

0.27-2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "foomuuri",
            "binary_version": "0.27-2"
        },
        {
            "binary_name": "foomuuri-firewalld",
            "binary_version": "0.27-2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-67858.json"