Little CMS vulnerability
Published: Thu, 07 May 2026 13:27
Summary
Little CMS could be made to crash if it opened a specially crafted ICC profile.
Details
It was discovered that Little CMS incorrectly handled certain malformed ICC profiles. An attacker could possibly use this issue to cause Little CMS to crash, resulting in a denial of service.
Recommended actions per Ubuntu release
StackPatch playbook auto-generated per release codename and per affected package.
Ubuntu questing
lcms2→2.16-2ubuntu0.2apt_upgradeStandard apt upgrade. Install 2.16-2ubuntu0.2 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y lcms2
Most apt upgrades restart their service automatically. needrestart lists anything else.
liblcms2-2→2.16-2ubuntu0.2apt_upgradeStandard apt upgrade. Install 2.16-2ubuntu0.2 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y liblcms2-2
Most apt upgrades restart their service automatically. needrestart lists anything else.
liblcms2-dev→2.16-2ubuntu0.2apt_upgradeStandard apt upgrade. Install 2.16-2ubuntu0.2 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y liblcms2-dev
Most apt upgrades restart their service automatically. needrestart lists anything else.
liblcms2-utils→2.16-2ubuntu0.2apt_upgradeStandard apt upgrade. Install 2.16-2ubuntu0.2 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y liblcms2-utils
Most apt upgrades restart their service automatically. needrestart lists anything else.
Ubuntu resolute
lcms2→2.17-1ubuntu0.2apt_upgradeStandard apt upgrade. Install 2.17-1ubuntu0.2 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y lcms2
Most apt upgrades restart their service automatically. needrestart lists anything else.
liblcms2-2→2.17-1ubuntu0.2apt_upgradeStandard apt upgrade. Install 2.17-1ubuntu0.2 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y liblcms2-2
Most apt upgrades restart their service automatically. needrestart lists anything else.
liblcms2-dev→2.17-1ubuntu0.2apt_upgradeStandard apt upgrade. Install 2.17-1ubuntu0.2 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y liblcms2-dev
Most apt upgrades restart their service automatically. needrestart lists anything else.
liblcms2-utils→2.17-1ubuntu0.2apt_upgradeStandard apt upgrade. Install 2.17-1ubuntu0.2 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y liblcms2-utils
Most apt upgrades restart their service automatically. needrestart lists anything else.
Are YOU affected by USN-8250-1?
5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether USN-8250-1 (and any other live CVE) applies. Anonymous, no signup.
curl https://mindsparkstack.com/scan.sh | bash
StackPatch runs this match against YOUR installed packages every hour
Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.