1. Home
  2. OS

Subcategories

  • 2 Topics
    2 Posts
    peat_psuwitP
    Vulnerability During the periodic scanning of the local media, gst-hybris gets loaded by Gstreamer, a media framework, to perform HW-accelerated video decoding. gst-hybris expected the rendering element ("sink") to be HW-accelerated as well, but media scanning does not use HW-accelerated rendering. This results in memory corruption, which could potentially be exploited by a specifically-crafted media. Info The pipeline constructing process of Gstreamer is dynamic; it can automatically pick the demuxer, decoder(s), and sink(s) based on the file type, file content, and component's capability. In this case, Gstreamer picks gst-hybris' HW-accelerated decoder as the decoder, but "fakesink" as the sink (as the scanner only wants to know certain metadata). Now, to perform HW-accelerated video rendering, gst-hybris has a dedicated sink which co-operate with the decoder in order to pass decoded video frame without copying the memory. When Gstreamer connects the decoder with the sink, the decoder can access the sink to perform necessary co-ordination. However, the decoder forgot to check if the sink it accesses is the one it can co-operate, which results in the code writing into the memory it's not supposed to access. In order for this to be exploited, the video has to be on the device, which subsequently leads to it being scanned. Video playback in other cases is not affected, as they always use HW-accelerated video rendering. CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') Severity: Medium Affected versions Affected versions: All Ubuntu Touch versions up to and including 20.04 OTA-10, 24.04-1.0. Fixed in versions: Ubuntu Touch 20.04 OTA-11 and 24.04-1.1. Solution Starting in Ubuntu Touch 20.04 OTA-11 and 24.04-1.1, gst-hybris checks the type of the sink before casting to the expected type. Fixed in: https://gitlab.com/ubports/development/core/hybris-support/gst-hybris/-/commit/58bb0e1ba2169bd85ac0930bf074ab865553356f Recommendations Update your device to Ubuntu Touch 20.04 OTA-11, 24.04-1.1 or newer. Do not download videos from untrusted sources. Timeline The issue was discovered on 30 September 2025, during a debugging of another issue. The issue was discovered before the release of Ubuntu Touch 24.04-1.0, but we did not manage to work it through and fix it in time for that release. Ubuntu Touch 20.04 OTA-11 and 24.04-1.1 was released on 1 December 2025, coordinated with the publication of this advisory. Credit Reported-by: Ratchanan Srirattanamet Patched-by: Ratchanan Sirrattanamet

  • This forum is all about the ongoing efforts to upgrade UT to the 20.04 codebase of Ubuntu.

    132 Topics
    954 Posts
    A
    @Moem @Luksus This is good news as this was a good phone with UBPorts
Log in to post
Load new posts
  • C

    No notification from Cinny UT since Upgrade 24.04-1.0

    11
    0 Votes
    11 Posts
    1k Views
    C
    @jilly For a while it helped to turn the notifications off and on again for Cinny. Greetings Charly
  • B

    Bug report - new 24.04-1.1 release

    5
    8
    1 Votes
    5 Posts
    404 Views
    B
    @ikoz When looking through the Lomiri Weblate project i see that translation for Lomiri System Settings (Security/Privacy) is currently blocked due to maintenance.
  • pparentP

    Bug: data mobile interface looses ip

    6
    0 Votes
    6 Posts
    369 Views
    pparentP
    Actually I have had the bug once again, and this time the interface holding the IP "ccmni0" was down, but forcing it up did not restore the connexion, I could ping the gateway but nothing more.
  • peat_psuwitP

    Call for testing: Ubuntu Touch 20.04 OTA-11

    13
    5 Votes
    13 Posts
    2k Views
    W
    Maybe this is the wrong place to post this now that 20.04 OTA-11 is already released. If so, pardon me, I'll happily start a new post. Thanks to the team for another Focal release! Unfortunately I have lost the ability to receive SMS since updating to OTA-11 last night. Outgoing SMS works as normal. I've tried rebooting, powering off, etc. I'm using a Oneplus Nord N10, and was updating from OTA-10. VoLTE is not (and can not be) enabled. Both incoming and outgoing MMS also don't work, and while sometimes glitchy, these normally work for me too. I've tried restarting nuntium.service, which normally fixes things if MMS fail to arrive with no notification, as they presently are, but it's not changing anything here. I've also now re-flashed the system, again on 20.04 OTA-11, and no change. Having trouble finding anything relevant under Logviewer - Messages. Any suggestions appreciated. Also, while I'm replying here, I was sorry to hear about the flooding @peat_psuwit, that sounded like a major storm. Thanks for all you do for UT!
  • mariogripM

    Smooth Edges: Bug Report (updated 25, 2025)

    1
    10 Votes
    1 Posts
    298 Views
    No one has replied
  • P

    SIM Toolkit Support

    1
    0 Votes
    1 Posts
    187 Views
    No one has replied
  • pparentP

    Idea: overlayfs for user terminal

    29
    0 Votes
    29 Posts
    3k Views
    G
    @Fuseteam I have tried to use crackle and have a few observations about it, do you prefer that I do it here (where it's a bit off-topic) or is there a better place where I should create a new topic ?
  • C

    Some shell programs are missing in 24.04-1

    11
    0 Votes
    11 Posts
    1k Views
    C
    @Bolly No, I'm just waiting now to see whether my suggestions are taken up. If necessary, I can use syncthing instead of rsync. But of course it's a shame if you have a shell but the programs are missing. greetings Charly
  • Z

    Input lag? Keyboard issues.

    9
    -1 Votes
    9 Posts
    777 Views
    G
    @zakafx revisiting this; I wonder if the root cause of the perceived slowness could be the haptic feedback.
  • TeckMonsterT

    Has anyone looked into porting to a foldable?

    4
    0 Votes
    4 Posts
    437 Views
    TeckMonsterT
    If a trusted & skilled dev wants to take this on I am will to buy them a used 1st gen Pixel Fold. I may be willing to pay $300 towards a Fold 9, but I hate how big those are, though they have display out which the smaller 1st gen doesn't have:( Ah shoot, I just realized Halium might be an issue for both those, as far as I can tell we don't have one for Android 14 or 15 yet. o7
  • C

    ubports-pdk

    1
    0 Votes
    1 Posts
    157 Views
    No one has replied
  • V

    UT 24.04 is good, and that's good ( great ) news

    1
    1 Votes
    1 Posts
    293 Views
    No one has replied
  • pparentP

    Xmir: Lomiri High CPU usage + battery drain.

    1
    1 Votes
    1 Posts
    237 Views
    No one has replied
  • peat_psuwitP

    Call for testing: Ubuntu Touch 24.04-1.0

    126
    10 Votes
    126 Posts
    37k Views
    V
    Thanks @danfro , that's a helpful hint to know.
  • E

    WhatsApp not working

    5
    0 Votes
    5 Posts
    2k Views
    pparentP
    @ToxyPoxy Although it seems that calls could possibly make its way to Whatsapp web one day, which would be amazing, and then we will probably be able to support it inside the app. https://beebom.com/whatsapp-web-voice-and-video-calling-coming-soon/ https://3dvf.com/en/whatsapp-will-soon-allow-making-calls-directly-from-your-web-browser/
  • YamiYukiSenpaiY

    Snap issues on Ubuntu Touch

    9
    0 Votes
    9 Posts
    1k Views
    J
    @arubislander @Keneda OK, good to know
  • L

    How do I get to 24.04-1.0 from testing?

    3
    0 Votes
    3 Posts
    621 Views
    R
    @lsitongia with the installer you can install UT again and choose 'do NOT wipe data'. I had to do the same. it went smoothly. I lost no data, nothing broke.
  • peat_psuwitP

    Call for testing: Ubuntu Touch 20.04 OTA-10

    16
    7 Votes
    16 Posts
    6k Views
    W
    @bestenaizena Yes, while the option to upgrade to 24.04 was talked about as a major aspect of 20.04 OTA 10, 24.04 isn't released quite yet. From what I understand, now that you have OTA-10 the option will appear to upgrade to 24.04 once it's released.
  • peat_psuwitP

    Ubuntu Touch 24.04-1.0 is scheduled to be released on 24 September

    14
    23 Votes
    14 Posts
    5k Views
    Vlad NirkyV
    @oldpaint The framework is set in the clickable.yaml file framework: ubuntu-touch-24.04-1.x And the apparmor version in [yourprojectname].apparmor "policy_version": 2404.1 And to update clickable use clickable update-images Then you can remove unused images with clickable clean-images
  • D

    unknown filesystem type 'overlay'.

    8
    0 Votes
    8 Posts
    2k Views
    D
    @arubislander said in unknown filesystem type 'overlay'.: @dafeihong you probably want to run those tools in a LXD container. Try searching for LXD on Ubuntu Touch in the forum. Thank you very much. It sounds like the container solution I need. I'll go check its support for these tools.