1. Home
  2. OS

Subcategories

  • 2 Topics
    2 Posts
    peat_psuwitP
    Vulnerability During the periodic scanning of the local media, gst-hybris gets loaded by Gstreamer, a media framework, to perform HW-accelerated video decoding. gst-hybris expected the rendering element ("sink") to be HW-accelerated as well, but media scanning does not use HW-accelerated rendering. This results in memory corruption, which could potentially be exploited by a specifically-crafted media. Info The pipeline constructing process of Gstreamer is dynamic; it can automatically pick the demuxer, decoder(s), and sink(s) based on the file type, file content, and component's capability. In this case, Gstreamer picks gst-hybris' HW-accelerated decoder as the decoder, but "fakesink" as the sink (as the scanner only wants to know certain metadata). Now, to perform HW-accelerated video rendering, gst-hybris has a dedicated sink which co-operate with the decoder in order to pass decoded video frame without copying the memory. When Gstreamer connects the decoder with the sink, the decoder can access the sink to perform necessary co-ordination. However, the decoder forgot to check if the sink it accesses is the one it can co-operate, which results in the code writing into the memory it's not supposed to access. In order for this to be exploited, the video has to be on the device, which subsequently leads to it being scanned. Video playback in other cases is not affected, as they always use HW-accelerated video rendering. CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') Severity: Medium Affected versions Affected versions: All Ubuntu Touch versions up to and including 20.04 OTA-10, 24.04-1.0. Fixed in versions: Ubuntu Touch 20.04 OTA-11 and 24.04-1.1. Solution Starting in Ubuntu Touch 20.04 OTA-11 and 24.04-1.1, gst-hybris checks the type of the sink before casting to the expected type. Fixed in: https://gitlab.com/ubports/development/core/hybris-support/gst-hybris/-/commit/58bb0e1ba2169bd85ac0930bf074ab865553356f Recommendations Update your device to Ubuntu Touch 20.04 OTA-11, 24.04-1.1 or newer. Do not download videos from untrusted sources. Timeline The issue was discovered on 30 September 2025, during a debugging of another issue. The issue was discovered before the release of Ubuntu Touch 24.04-1.0, but we did not manage to work it through and fix it in time for that release. Ubuntu Touch 20.04 OTA-11 and 24.04-1.1 was released on 1 December 2025, coordinated with the publication of this advisory. Credit Reported-by: Ratchanan Srirattanamet Patched-by: Ratchanan Sirrattanamet

  • This forum is all about the ongoing efforts to upgrade UT to the 20.04 codebase of Ubuntu.

    132 Topics
    954 Posts
    A
    @Moem @Luksus This is good news as this was a good phone with UBPorts
Log in to post
Load new posts
  • peat_psuwitP

    ubports/focal branching will happen on 14 February

    Pinned
    3
    4 Votes
    3 Posts
    4k Views
    D
    @peat_psuwit Thank you for all you do. It is much appreciated!
  • mariogripM

    The road(map) explained

    Pinned Moved
    25
    29 Votes
    25 Posts
    14k Views
    lduboeufL
    @jhackler You will find OTAs Project board here: https://github.com/orgs/ubports/projects
  • peat_psuwitP

    Call for testing: Ubuntu Touch 24.04-1.2

    64
    5 Votes
    64 Posts
    4k Views
    libremaxL
    @peat_psuwit "How to get Ubuntu Touch 24.04 1.1 and 20.04 OTA-11" = a little bug in last release announcement: https://ubports.com/blog/ubports-news-1/ubuntu-touch-24-04-1-2-and-20-04-ota-12-release-3987
  • lduboeufL

    Call for testing: calendar-app

    14
    4 Votes
    14 Posts
    700 Views
    lduboeufL
    @gandalf said in Call for testing: calendar-app: not sure if this is a calendar, cloud account, or other issue. I just installed your version, but I can't get my radicale dav calender to sync. I have removed the old accounts before the upgrade to 24.04 and I have cleaned the evolution sources. I also tried both the cal dav url with and without the full path to the calendar. The app very cheerfully declares sync finished and then displays the sync error in the status bar. The calendar server itself is working as I can sync it from the waydroid running on the phone (FP4, 24.04-1.2, from the RC channel), though there's a recently closed tickets that says a sync fix might have landed only in the daily channel yet? hmm, it should work on RC, tested that a week ago with my radicale server without issue ( my url was like http://192.168.1.345:5232 )
  • peat_psuwitP

    Call for testing: Ubuntu Touch 20.04 OTA-12

    3
    4 Votes
    3 Posts
    813 Views
    peat_psuwitP
    Ubuntu Touch 20.04 OTA-12 is released. Thank you everyone for testing. https://ubports.com/blog/ubports-news-1/ubuntu-touch-24-04-1-2-and-20-04-ota-12-release-3987
  • mariogripM

    Smooth Edges (name pending) - Let's Fix the Bugs That Drive You Mad

    62
    12 Votes
    62 Posts
    6k Views
    arubislanderA
    @atarilinux said in Smooth Edges (name pending) - Let's Fix the Bugs That Drive You Mad: Lock Screen Widgets I play a lot of music on my phone, but everytime I need to change something, I have to unlock the screen. Having a quick way to play/pause, change tracks, etc. would be nice. Other widgets could be weather, etc. For the play / pause at least, if you pull down from the indicator panel on the lock screen, under the volume indicator you get media controls. ... 3. Hardware Docking stations Not sure about other phones, but I can't use a hardware dock with mine to turn it into a computer. Support for hardware docking is dependent on exactly that, the hardware of the device. Sharing Libraries between Waydroid and Ubuntu Touch Often times, I need to send a picture or download a picture in one OS and do something with the picture in another OS. Having an easy to find "Shared" folder between OS's and having folders that aren't shared could help with this scenario. I'm fine with transferring by USB if I need to. I can understand if this is not recommended for any security issues. Have you noticed the app waydroid files in the Open Store? I don't have any use for it myself, but it seems to do exactly what you need, based on the description. ... 7. Music File Formats The music player can't read ALAC. Some people transferring these file formats would need to look at other formats to play the music. What formats can or cannot be played on the device is also dependent on the codecs the device comes with.
  • poVoqP

    Most wanted features for Morph?

    52
    1 Votes
    52 Posts
    18k Views
    M
    I would apreciate something to get rid of the cookie questions. Something like addon "I still don't care about cookies". Maybe someone knows how to achieve it.
  • pparentP

    XWayland: Menu windows resized full screen and crash?

    14
    0 Votes
    14 Posts
    1k Views
    G
    @pparent did you notice that there are menus that are displaying fine in the ChromiumUT app ? the menus in the top bar are not working, but the Google application menu is working correctly (although there is a wobble the first time, maybe it's the automatic resizing you are referring to, but it's failing to stop it to work)
  • lduboeufL

    The Cell Broadcast story

    74
    1
    5 Votes
    74 Posts
    29k Views
    lduboeufL
    For the record, here are some test feedback from Ratchanan : https://forums.ubports.com/topic/11888/my-ubuntu-touch-devices-participated-in-thailand-nationwide-cell-broadcast-test
  • peat_psuwitP

    Call for testing: Ubuntu Touch 24.04-1.1

    63
    12 Votes
    63 Posts
    9k Views
    G
    @Charly I can only see SD cards connected via USB, not in the internal reader
  • pparentP

    Support for Hotspot wifi captive portal via RFC 8910 and RFC 8908

    1
    5 Votes
    1 Posts
    159 Views
    No one has replied
  • C

    No notification from Cinny UT since Upgrade 24.04-1.0

    11
    0 Votes
    11 Posts
    1k Views
    C
    @jilly For a while it helped to turn the notifications off and on again for Cinny. Greetings Charly
  • B

    Bug report - new 24.04-1.1 release

    5
    8
    1 Votes
    5 Posts
    370 Views
    B
    @ikoz When looking through the Lomiri Weblate project i see that translation for Lomiri System Settings (Security/Privacy) is currently blocked due to maintenance.
  • pparentP

    Bug: data mobile interface looses ip

    6
    0 Votes
    6 Posts
    283 Views
    pparentP
    Actually I have had the bug once again, and this time the interface holding the IP "ccmni0" was down, but forcing it up did not restore the connexion, I could ping the gateway but nothing more.
  • peat_psuwitP

    Call for testing: Ubuntu Touch 20.04 OTA-11

    13
    5 Votes
    13 Posts
    2k Views
    W
    Maybe this is the wrong place to post this now that 20.04 OTA-11 is already released. If so, pardon me, I'll happily start a new post. Thanks to the team for another Focal release! Unfortunately I have lost the ability to receive SMS since updating to OTA-11 last night. Outgoing SMS works as normal. I've tried rebooting, powering off, etc. I'm using a Oneplus Nord N10, and was updating from OTA-10. VoLTE is not (and can not be) enabled. Both incoming and outgoing MMS also don't work, and while sometimes glitchy, these normally work for me too. I've tried restarting nuntium.service, which normally fixes things if MMS fail to arrive with no notification, as they presently are, but it's not changing anything here. I've also now re-flashed the system, again on 20.04 OTA-11, and no change. Having trouble finding anything relevant under Logviewer - Messages. Any suggestions appreciated. Also, while I'm replying here, I was sorry to hear about the flooding @peat_psuwit, that sounded like a major storm. Thanks for all you do for UT!
  • C

    Keyboard Bar from the Terminal in any App?

    6
    0 Votes
    6 Posts
    790 Views
    G
    @CatWithUT Were you ever able to figure out a way? I'm very much used to Termux where I simply press a modifier button and then the other key, as if I had sticky keys enabled on a hardware keyboard...
  • mariogripM

    Smooth Edges: Bug Report (updated 25, 2025)

    1
    10 Votes
    1 Posts
    255 Views
    No one has replied
  • P

    SIM Toolkit Support

    1
    0 Votes
    1 Posts
    169 Views
    No one has replied
  • pparentP

    Idea: overlayfs for user terminal

    29
    0 Votes
    29 Posts
    2k Views
    G
    @Fuseteam I have tried to use crackle and have a few observations about it, do you prefer that I do it here (where it's a bit off-topic) or is there a better place where I should create a new topic ?
  • C

    Some shell programs are missing in 24.04-1

    11
    0 Votes
    11 Posts
    976 Views
    C
    @Bolly No, I'm just waiting now to see whether my suggestions are taken up. If necessary, I can use syncthing instead of rsync. But of course it's a shame if you have a shell but the programs are missing. greetings Charly