StackPatch is liveSee product

Back to CVE digest
Ubuntu USN · USN-8397-1

libjxl vulnerability

Published: Mon, 08 Jun 2026 12:20

CVE-2025-70103

Summary

libjxl could be made to crash or run programs if it opened a specially crafted file.

Details

It was discovered that libjxl did not properly handle certain crafted PBM images. An attacker could possibly use this issue to cause libjxl to crash, resulting in a denial of service, or execute arbitrary code.

Recommended actions per Ubuntu release

StackPatch playbook auto-generated per release codename and per affected package.

Ubuntu questing

  • jpeg-xl0.11.1-6ubuntu1.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu1.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y jpeg-xl

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • jpeg-xl-doc0.11.1-6ubuntu1.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu1.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y jpeg-xl-doc

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjpegxl-java0.11.1-6ubuntu1.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu1.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjpegxl-java

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjxl-dev0.11.1-6ubuntu1.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu1.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjxl-dev

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjxl-devtools0.11.1-6ubuntu1.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu1.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjxl-devtools

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjxl-gdk-pixbuf0.11.1-6ubuntu1.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu1.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjxl-gdk-pixbuf

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjxl-tools0.11.1-6ubuntu1.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu1.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjxl-tools

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjxl0.110.11.1-6ubuntu1.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu1.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjxl0.11

    Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu resolute

  • jpeg-xl0.11.1-6ubuntu4.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu4.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y jpeg-xl

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • jpeg-xl-doc0.11.1-6ubuntu4.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu4.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y jpeg-xl-doc

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjpegxl-java0.11.1-6ubuntu4.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu4.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjpegxl-java

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjxl-dev0.11.1-6ubuntu4.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu4.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjxl-dev

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjxl-devtools0.11.1-6ubuntu4.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu4.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjxl-devtools

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjxl-gdk-pixbuf0.11.1-6ubuntu4.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu4.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjxl-gdk-pixbuf

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjxl-tools0.11.1-6ubuntu4.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu4.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjxl-tools

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libjxl0.110.11.1-6ubuntu4.2apt_upgrade

    Standard apt upgrade. Install 0.11.1-6ubuntu4.2 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libjxl0.11

    Most apt upgrades restart their service automatically. needrestart lists anything else.

Are YOU affected by USN-8397-1?

5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether USN-8397-1 (and any other live CVE) applies. Anonymous, no signup.

curl https://mindsparkstack.com/scan.sh | bash
Form-based quickscan Read the bash source first
Want this automated for your servers?

StackPatch runs this match against YOUR installed packages every hour

Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.

Buy lifetime →See StackPatch →Live audit log →