[USN-8496-3] cifs-utils vulnerability
[USN-8531-1] libexif vulnerabilities
[USN-8532-1] libssh2 vulnerabilities
[USN-8533-1] OpenSSH vulnerabilities
[USN-8534-1] LibreOffice vulnerabilities
[USN-8535-1] PipeWire vulnerabilities
[USN-8496-3] cifs-utils vulnerability
==========================================================================
Ubuntu Security Notice USN-8496-3
July 13, 2026
cifs-utils vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
cifs-utils could be made to run programs as an administrator.
Software Description:
- cifs-utils: Common Internet File System utilities
Details:
USN-8496-1 fixed vulnerabilities in cifs-utils. The update caused a
regression and was backed out in USN-8496-2. This update reintroduces the
security fix, along with a fix for the regression.
Original advisory details:
It was discovered that cifs-utils incorrectly dropped root privileges
before looking up user information. A local attacker could possibly use
this issue to execute arbitrary code as the root user.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
cifs-utils 2:7.4-1ubuntu0.26.04.3
Ubuntu 24.04 LTS
cifs-utils 2:7.0-2ubuntu0.5
Ubuntu 22.04 LTS
cifs-utils 2:6.14-1ubuntu0.6
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8496-3
https://ubuntu.com/security/notices/USN-8496-2
https://ubuntu.com/security/notices/USN-8496-1
CVE-2026-12505
Package Information:
https://launchpad.net/ubuntu/+source/cifs-utils/2:7.4-1ubuntu0.26.04.3
https://launchpad.net/ubuntu/+source/cifs-utils/2:7.0-2ubuntu0.5
https://launchpad.net/ubuntu/+source/cifs-utils/2:6.14-1ubuntu0.6
[USN-8531-1] libexif vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8531-1
July 13, 2026
libexif vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in libexif.
Software Description:
- libexif: library to parse EXIF files
Details:
It was discovered that libexif had an integer overflow in its MakerNote
decoder when called with a zero-length buffer. An attacker could possibly
use this issue to cause a denial of service or obtain sensitive
information. (CVE-2026-32775)
It was discovered that libexif had an integer overflow in its Nikon
MakerNote handler on 32-bit systems. A local attacker could possibly use
this issue to cause a denial of service or obtain sensitive information.
(CVE-2026-40385)
It was discovered that libexif had an integer underflow in its size
checking for Fuji and Olympus MakerNote decoding. An attacker could
possibly use this issue to cause a denial of service or obtain sensitive
information. (CVE-2026-40386)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libexif12 0.6.25-2ubuntu0.1
Ubuntu 24.04 LTS
libexif12 0.6.24-1ubuntu0.24.04.1
Ubuntu 22.04 LTS
libexif12 0.6.24-1ubuntu0.22.04.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8531-1
CVE-2026-32775, CVE-2026-40385, CVE-2026-40386
Package Information:
https://launchpad.net/ubuntu/+source/libexif/0.6.25-2ubuntu0.1
https://launchpad.net/ubuntu/+source/libexif/0.6.24-1ubuntu0.24.04.1
https://launchpad.net/ubuntu/+source/libexif/0.6.24-1ubuntu0.22.04.1
[USN-8532-1] libssh2 vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8532-1
July 13, 2026
libssh2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in libssh2.
Software Description:
- libssh2: Client-side C library implementing the SSH2 protocol
Details:
It was discovered that libssh2 incorrectly handled certain publickey
subsystem attributes. A remote attacker controlling a malicious SSH server
could use this issue to cause a denial of service or possibly execute
arbitrary code. (CVE-2026-58050)
It was discovered that libssh2 did not properly initialize publickey list
entries before parsing. A remote attacker controlling a malicious SSH
server could use this issue to cause a denial of service or possibly
execute arbitrary code. (CVE-2026-58051)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libssh2-1t64 1.11.1-1ubuntu0.26.04.3
Ubuntu 24.04 LTS
libssh2-1t64 1.11.0-4.1ubuntu0.24.04.3
In general, a standard system update will make all the necessary
changes.
References:
https://ubuntu.com/security/notices/USN-8532-1
CVE-2026-58050, CVE-2026-58051
Package Information:
https://launchpad.net/ubuntu/+source/libssh2/1.11.1-1ubuntu0.26.04.3
https://launchpad.net/ubuntu/+source/libssh2/1.11.0-4.1ubuntu0.24.04.3
[USN-8533-1] OpenSSH vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8533-1
July 13, 2026
openssh vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in OpenSSH.
Software Description:
- openssh: secure shell (SSH) for secure access to remote machines
Details:
It was discovered that OpenSSH sftp did not properly constrain the location
of downloaded files when connecting to an attacker-controlled server. An
attacker could possibly use this issue to write files to unintended
locations on the file system. (CVE-2026-59995)
It was discovered that OpenSSH scp could place files in the parent
directory of the intended destination when copying between two remote
hosts. An attacker could possibly use this issue to write files to
unintended locations. (CVE-2026-59996)
It was discovered that OpenSSH internal-sftp only recognized the first nine
command-line arguments, This could result in certain security-sensitive
arguments being ignored, contrary to expectations. (CVE-2026-59997)
It was discovered that OpenSSH had undocumented behaviour regarding the
GSSAPIStrictAcceptorCheck option in environments using Windows Active
Directory. The documentation has been updated to clarify use of the option.
(CVE-2026-59998)
It was discovered that OpenSSH did not properly enforce precedence of
DisableForwarding=yes over PermitTunnel=yes in server configurations. This
could possibly result in intended network forwarding restrictions being
bypassed, contrary to expectations. (CVE-2026-59999)
It was discovered that OpenSSH mishandled the MaxAuthTries limit for GSSAPI
authentication. A remote attacker could use this issue to perform excessive
authentication attempts. (CVE-2026-60000)
It was discovered that OpenSSH did not always honour the minimum
authentication delay. An attacker could possibly use this issue to perform
brute-force attacks more efficiently. (CVE-2026-60001)
It was discovered that the OpenSSH client had a use-after-free
vulnerability when a server changed its host key during a key re-exchange.
An attacker able to intercept communications could possibly use this issue
to execute arbitrary code or obtain sensitive information. (CVE-2026-60002)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
openssh-client 1:10.2p1-2ubuntu3.4
openssh-server 1:10.2p1-2ubuntu3.4
Ubuntu 24.04 LTS
openssh-client 1:9.6p1-3ubuntu13.18
openssh-server 1:9.6p1-3ubuntu13.18
Ubuntu 22.04 LTS
openssh-client 1:8.9p1-3ubuntu0.16
openssh-server 1:8.9p1-3ubuntu0.16
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8533-1
CVE-2026-59995, CVE-2026-59996, CVE-2026-59997, CVE-2026-59998,
CVE-2026-59999, CVE-2026-60000, CVE-2026-60001, CVE-2026-60002
Package Information:
https://launchpad.net/ubuntu/+source/openssh/1:10.2p1-2ubuntu3.4
https://launchpad.net/ubuntu/+source/openssh/1:9.6p1-3ubuntu13.18
https://launchpad.net/ubuntu/+source/openssh/1:8.9p1-3ubuntu0.16
[USN-8534-1] LibreOffice vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8534-1
July 13, 2026
libreoffice vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in LibreOffice.
Software Description:
- libreoffice: Office productivity suite
Details:
It was discovered that LibreOffice incorrectly handled importing DXF
drawings. An attacker could use this issue to cause LibreOffice to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2026-6039)
It was discovered that LibreOffice incorrectly handled certain ODF number
formats. An attacker could use this issue to cause LibreOffice to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. (CVE-2026-6040)
It was discovered that LibreOffice incorrectly handled importing EMF+
graphics. An attacker could use this issue to cause LibreOffice to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2026-6045)
It was discovered that LibreOffice incorrectly handled importing PPT
presentations. An attacker could use this issue to cause LibreOffice to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2026-8356)
It was discovered that LibreOffice Calc incorrectly handled compiling
certain formulas. An attacker could use this issue to cause LibreOffice to
crash, resulting in a denial of service, or possily execute arbitrary code.
(CVE-2026-8357)
It was discovered that LibreOffice Calc incorrectly handled importing
spreadsheet tracked changes. An attacker could use this issue to cause
LibreOffice to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2026-8358)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libreoffice 4:26.2.4.2-0ubuntu0.26.04.2
Ubuntu 24.04 LTS
libreoffice 4:24.2.7-0ubuntu0.24.04.6
Ubuntu 22.04 LTS
libreoffice 1:7.3.7-0ubuntu0.22.04.12
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8534-1
CVE-2026-6039, CVE-2026-6040, CVE-2026-6045, CVE-2026-8356,
CVE-2026-8357, CVE-2026-8358
Package Information:
https://launchpad.net/ubuntu/+source/libreoffice/4:26.2.4.2-0ubuntu0.26.04.2
https://launchpad.net/ubuntu/+source/libreoffice/4:24.2.7-0ubuntu0.24.04.6
https://launchpad.net/ubuntu/+source/libreoffice/1:7.3.7-0ubuntu0.22.04.12
[USN-8535-1] PipeWire vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8535-1
July 13, 2026
pipewire vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in PipeWire.
Software Description:
- pipewire: Low-latency, graph-based processing engine
Details:
It was discovered that PipeWire accepted unbounded Content-Length values
in its RAOP module. A remote attacker could possibly use this issue to cause
a denial of service. This issue only affected Ubuntu 24.04 LTS.
(CVE-2026-14324)
It was discovered that PipeWire performed multiple unbounded stack
allocations in its PulseAudio protocol server. A local attacker could
possibly use this issue to cause a denial of service. (CVE-2026-14330)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libpipewire-0.3-modules 1.6.2-1ubuntu1.1
libpipewire-0.3-modules-extra 1.6.2-1ubuntu1.1
libpipewire-0.3-modules-x11 1.6.2-1ubuntu1.1
libspa-0.2-modules 1.6.2-1ubuntu1.1
libspa-0.2-modules-extra 1.6.2-1ubuntu1.1
pipewire 1.6.2-1ubuntu1.1
pipewire-bin 1.6.2-1ubuntu1.1
pipewire-pulse 1.6.2-1ubuntu1.1
Ubuntu 24.04 LTS
libpipewire-0.3-modules 1.0.5-1ubuntu3.3
libpipewire-0.3-modules-x11 1.0.5-1ubuntu3.3
libspa-0.2-modules 1.0.5-1ubuntu3.3
pipewire 1.0.5-1ubuntu3.3
pipewire-bin 1.0.5-1ubuntu3.3
pipewire-pulse 1.0.5-1ubuntu3.3
Ubuntu 22.04 LTS
libpipewire-0.3-modules 0.3.48-1ubuntu3.2
libspa-0.2-modules 0.3.48-1ubuntu3.2
pipewire 0.3.48-1ubuntu3.2
pipewire-bin 0.3.48-1ubuntu3.2
pipewire-pulse 0.3.48-1ubuntu3.2
After a standard system update you need to restart pipewire to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8535-1
CVE-2026-14324, CVE-2026-14330
Package Information:
https://launchpad.net/ubuntu/+source/pipewire/1.6.2-1ubuntu1.1
https://launchpad.net/ubuntu/+source/pipewire/1.0.5-1ubuntu3.3
https://launchpad.net/ubuntu/+source/pipewire/0.3.48-1ubuntu3.2