Home / mailingsPDF  

[USN-8466-1] Perl DBI module vulnerabilities

Posted on 24 June 2026
Ubuntu Security

==========================================================================Ubuntu Security Notice USN-8466-1
June 24, 2026

libdbi-perl vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Perl DBI module.

Software Description:
- libdbi-perl: Perl Database Interface (DBI)

Details:

It was discovered that the Perl DBI module incorrectly handled certain
error messages. An attacker could use this issue to cause applications
using the Perl DBI module to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2026-9698)

It was discovered that the Perl DBI module incorrectly handled memory when
preparsing SQL statements that included more than nine binders. An attacker
could use this issue to cause applications using the Perl DBI module to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2026-10879)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
libdbi-perl 1.647-1ubuntu0.26.04.1

Ubuntu 25.10
libdbi-perl 1.647-1ubuntu0.25.10.1

Ubuntu 24.04 LTS
libdbi-perl 1.643-4ubuntu0.1

Ubuntu 22.04 LTS
libdbi-perl 1.643-3ubuntu0.1

Ubuntu 20.04 LTS
libdbi-perl 1.643-1ubuntu0.1+esm1
Available with Ubuntu Pro

Ubuntu 18.04 LTS
libdbi-perl 1.640-1ubuntu0.3+esm1
Available with Ubuntu Pro

Ubuntu 16.04 LTS
libdbi-perl 1.634-1ubuntu0.2+esm2
Available with Ubuntu Pro

Ubuntu 14.04 LTS
libdbi-perl 1.630-1ubuntu0.1~esm6
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8466-1
CVE-2026-10879, CVE-2026-9698

Package Information:
https://launchpad.net/ubuntu/+source/libdbi-perl/1.647-1ubuntu0.26.04.1
https://launchpad.net/ubuntu/+source/libdbi-perl/1.647-1ubuntu0.25.10.1
https://launchpad.net/ubuntu/+source/libdbi-perl/1.643-4ubuntu0.1
https://launchpad.net/ubuntu/+source/libdbi-perl/1.643-3ubuntu0.1

--===============0465876862871081400==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature

 

TOP

Mailings :

Exploits :