Ubuntu 25.x — End of Life

EOL Actively exploited
EOL: Jul 1, 20262 releases in this series12 CVEs

Ubuntu 25.x — All releases

VersionReleasedActive supportEOL dateLatest patchStatus
25.10Oct 9, 2025Jul 1, 2026Jul 1, 202625.10EOL
25.04Apr 17, 2025Jan 17, 2026Jan 17, 202625.04EOL

CVEs affecting Ubuntu 25.x (12)

CVESeverityCVSSEPSSKEVCycleDescriptionPublished
CVE-2026-47334MEDIUM5.50.08%25.10Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notifi…May 28, 2026
CVE-2026-47333HIGH7.80.11%25.10Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an i…May 28, 2026
CVE-2026-47332MEDIUM5.50.11%25.10Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structu…May 28, 2026
CVE-2026-47331HIGH7.80.11%25.10Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a linked list. An unprivile…May 28, 2026
CVE-2026-47330LOW3.30.09%25.10Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitializ…May 28, 2026
CVE-2026-47329LOW3.30.09%25.10Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor n…May 28, 2026
CVE-2026-47328MEDIUM6.10.09%25.10Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not …May 28, 2026
CVE-2026-47327LOW3.30.09%25.10Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmo…May 28, 2026
CVE-2026-47326MEDIUM5.50.09%25.10Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor not…May 28, 2026
CVE-2026-31431HIGH7.896.27% KEV 25.10In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-pla…Apr 22, 2026
CVE-2026-31431HIGH7.896.27% KEV 25.04In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-pla…Apr 22, 2026
CVE-2026-3497HIGH7.52.18%25.10Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI…Mar 12, 2026

Ubuntu 25.x is EOL — migrate to Ubuntu 26.x

Ubuntu 26.x is the next major release. Plan your upgrade before Ubuntu 25.x stops receiving security patches.

See Ubuntu 26.x

Frequently asked questions

Is Ubuntu 25 end of life?

Yes. All Ubuntu 25.x releases have reached end of life and no longer receive security patches. There are 12 known CVEs affecting Ubuntu 25.x. Migrate to Ubuntu 26.x as soon as possible.

What CVEs affect Ubuntu 25?

There are 12 CVEs tracked for Ubuntu 25.x and 2 listed in the CISA Known Exploited Vulnerabilities catalog. See the full list above with CVSS and EPSS scores.

What is the latest Ubuntu 25 version?

The latest Ubuntu 25.x patch release is 25.10, released on October 9, 2025. Always run the latest patch to benefit from all security fixes.

How to migrate from Ubuntu 25 to Ubuntu 26?

To migrate from Ubuntu 25 to Ubuntu 26: (1) review the official Ubuntu 26 migration guide for breaking changes, (2) update dependencies and configuration accordingly, (3) test thoroughly in a staging environment, (4) deploy with a rollback plan. Starting early gives you time to resolve compatibility issues before your current version reaches end of life.

Is it safe to run Ubuntu 25 in production?

No. Ubuntu 25 has reached end of life and security vulnerabilities are no longer patched. Critically, 2 CVEs affecting Ubuntu 25.x are in the CISA KEV catalog — meaning they are actively exploited in the wild. Upgrade to a supported version immediately.

Data sourced from endoflife.date · CVE data from NVD · EPSS from FIRST.org · KEV from CISA

© 2026 EOLCanary — Data from endoflife.date & NVD
Explore