Home / mailings [USN-7913-1] MAME vulnerabilities
Posted on 04 December 2025
Ubuntu Security==========================================================================Ubuntu Security Notice USN-7913-1
December 04, 2025
mame vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in MAME.
Software Description:
- mame: MAME is a multi-purpose emulation framework
Details:
It was discovered that the stb library, included in MAME, had a heap-based
buffer overflow. An attacker could possibly use this issue to crash the
program or execute arbitrary code. (CVE-2018-16981)
It was discovered that the tinyexr library, included in MAME, had a heap-
based buffer over-read in the function DecodePixelData. An attacker could
possibly use this issue to expose sensitive information or crash the
program. (CVE-2022-34300)
It was discovered that the expat library, included in MAME, had an
integer-overflow in the function doProlog. An attacker could possibly use
this issue to crash the program or execute arbitrary code.
(CVE-2021-46143)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
mame 0.277+dfsg.1-4ubuntu0.1
mame-data 0.277+dfsg.1-4ubuntu0.1
mame-tools 0.277+dfsg.1-4ubuntu0.1
Ubuntu 25.04
mame 0.275+dfsg.1-3ubuntu0.1
mame-data 0.275+dfsg.1-3ubuntu0.1
mame-tools 0.275+dfsg.1-3ubuntu0.1
Ubuntu 24.04 LTS
mame 0.264+dfsg.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
mame-data 0.264+dfsg.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
mame-tools 0.264+dfsg.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
mame 0.242+dfsg.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
mame-data 0.242+dfsg.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
mame-tools 0.242+dfsg.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
mame 0.220+dfsg.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
mame-data 0.220+dfsg.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
mame-tools 0.220+dfsg.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
mame 0.195+dfsg.1-2ubuntu0.1~esm1
Available with Ubuntu Pro
mame-data 0.195+dfsg.1-2ubuntu0.1~esm1
Available with Ubuntu Pro
mame-tools 0.195+dfsg.1-2ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7913-1
CVE-2018-16981, CVE-2021-46143, CVE-2022-34300
Package Information:
https://launchpad.net/ubuntu/+source/mame/0.277+dfsg.1-4ubuntu0.1
https://launchpad.net/ubuntu/+source/mame/0.275+dfsg.1-3ubuntu0.1
--===============4609178684844728773==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
