rootio-linux: Unauthenticated Remote Code Execution via Specially Crafted HTTP Request

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

rootio-linux: Unauthenticated Remote Code Execution via Specially Crafted HTTP Request

ROOT-OS-UBUNTU-2404-CVE-2025-39931

Summary

A security patch has been released for the rootio-linux package on Ubuntu 24.04. It fixes a critical issue that could allow an attacker to execute code remotely without a password. You should update your rootio-linux package to the latest version to prevent potential attacks.

What to do

Update rootio-linux to version 6.8.0-110.110.root.io.62.

Affected software

Ecosystem	Vendor	Product	Affected versions
Root:Ubuntu:24.04	–	rootio-linux	< 6.8.0-110.110.root.io.62 Fix: upgrade to 6.8.0-110.110.root.io.62

Original title

CVE-2025-39931 in rootio-linux - Patched by Root

Original description

Root has patched CVE-2025-39931 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available.

Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026