[USN-8349-1] rsync vulnerabilities
[USN-8357-1] Qt Declarative vulnerability
[USN-8055-2] Evolution Data Server vulnerability
[USN-8350-1] Linux kernel (NVIDIA Tegra) vulnerabilities
[USN-8351-1] Linux kernel (Low Latency) vulnerabilities
[LSN-0120-1] Linux kernel vulnerability
[USN-8361-1] Linux kernel vulnerability
[USN-8209-2] Little CMS vulnerability
[USN-8360-1] sslh vulnerability
[USN-8359-1] NNCP vulnerability
[USN-8358-1] haveged vulnerability
[USN-8355-1] SSSD vulnerability
[USN-8352-1] LibreOffice vulnerability
[USN-8356-1] GNU SASL vulnerability
[USN-8354-1] nginx vulnerabilities
[USN-8353-1] Exim vulnerability
[USN-8349-1] rsync vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8349-1
June 01, 2026
rsync vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in rsync.
Software Description:
- rsync: fast, versatile, remote (and local) file-copying tool
Details:
Calum Hutton discovered that rsync contained a heap-based out-of-bounds
read when handling file transfers. A remote attacker with read access
to an rsync server could possibly use this issue to cause a denial of
service. (CVE-2025-10158)
Batuhan Sancak, Damien Neil, and Michael Stapelberg discovered that
rsync daemons configured without chroot protection were exposed to a
race condition on parent path components. A local attacker with write
access to a module could possibly use this issue to overwrite files,
obtain sensitive information, or escalate privileges.
(CVE-2026-29518)
It was discovered that rsync did not properly validate a length value
while sorting extended attributes. An attacker could possibly use this
issue to cause a denial of service. (CVE-2026-41035)
It was discovered that rsync performed reverse-DNS lookups after
chrooting in some daemon configurations. A remote attacker could
possibly use this issue to bypass hostname-based access controls and
access network services. (CVE-2026-43617)
Omar Elsayed discovered that rsync did not properly check for integer
overflows while decoding compressed tokens. A remote attacker could
possibly use this issue to obtain sensitive information.
(CVE-2026-43618)
Andrew Tridgell discovered that rsync did not fully fix a symlink race
condition in path-based system calls for daemons configured without
chroot protection. A local attacker could possibly use this issue to
overwrite files, obtain sensitive information, or escalate privileges.
(CVE-2026-43619)
Pratham Gupta discovered that rsync did not properly validate an index
while processing file lists. A remote attacker could possibly use this
issue to cause rsync to crash, resulting in a denial of service.
(CVE-2026-43620)
Michal Ruprich discovered that rsync contained an off-by-one error
while handling HTTP proxy responses. An attacker able to intercept network
communications or a malicious proxy server could possibly use this issue to
cause a denial of service. (CVE-2026-45232)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
rsync 3.1.3-8ubuntu0.9+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
rsync 3.1.2-2.1ubuntu1.6+esm3
Available with Ubuntu Pro
Ubuntu 16.04 LTS
rsync 3.1.1-3ubuntu1.3+esm5
Available with Ubuntu Pro
Ubuntu 14.04 LTS
rsync 3.1.0-2ubuntu0.4+esm3
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
After a standard system update you need to restart rsync daemons if configured
to make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8349-1
CVE-2025-10158, CVE-2026-29518, CVE-2026-41035, CVE-2026-43617,
CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-45232
[USN-8357-1] Qt Declarative vulnerability
==========================================================================
Ubuntu Security Notice USN-8357-1
June 01, 2026
qtdeclarative-opensource-src vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
Qt Declarative could be made to use excessive resources if it received
specially crafted input.
Software Description:
- qtdeclarative-opensource-src: Qt 5 declarative modules
Details:
It was discovered that Qt Declarative did not properly validate the
width and height attributes of image tags in the Text component of Qt
Quick. An attacker could possibly use this issue to cause Qt Declarative
to use excessive resources, leading to a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
libqt5quick5 5.15.13+dfsg-1ubuntu0.1+esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
libqt5quick5 5.15.3+dfsg-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
libqt5quick5 5.12.8-0ubuntu1+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8357-1
CVE-2025-12385
[USN-8055-2] Evolution Data Server vulnerability
==========================================================================
Ubuntu Security Notice USN-8055-2
June 01, 2026
evolution-data-server vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Evolution Data Server could be made to remove files.
Software Description:
- evolution-data-server: Evolution suite data server
Details:
USN-8055-1 fixed a vulnerability in Evolution Data Server. This update
provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu
20.04 LTS.
Original advisory details:
It was discovered that Evolution Data Server incorrectly handled
removing local cache files. An attacker could possibly use this issue
to cause Evolution Data Server to remove arbitrary files.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
evolution-data-server 3.36.5-0ubuntu1+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
evolution-data-server 3.28.5-0ubuntu0.18.04.3+esm1
Available with Ubuntu Pro
After a standard system update you need to restart your session to make all
the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8055-2
https://ubuntu.com/security/notices/USN-8055-1
CVE-2026-2604
[USN-8350-1] Linux kernel (NVIDIA Tegra) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8350-1
June 01, 2026
linux-nvidia-tegra vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-nvidia-tegra: Linux kernel for NVIDIA Tegra systems
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Ethernet bonding driver;
- Packet sockets;
- TLS protocol;
(CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078, CVE-2026-46028)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
linux-image-6.8.0-1025-nvidia-tegra 6.8.0-1025.25
linux-image-6.8.0-1025-nvidia-tegra-rt 6.8.0-1025.25
linux-image-nvidia-tegra 6.8.0-1025.25
linux-image-nvidia-tegra-6.8 6.8.0-1025.25
linux-image-nvidia-tegra-rt 6.8.0-1025.25
linux-image-nvidia-tegra-rt-6.8 6.8.0-1025.25
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8350-1
CVE-2026-31419, CVE-2026-31431, CVE-2026-31504, CVE-2026-31533,
CVE-2026-43033, CVE-2026-43077, CVE-2026-43078, CVE-2026-46028
Package Information:
https://launchpad.net/ubuntu/+source/linux-nvidia-tegra/6.8.0-1025.25
[USN-8351-1] Linux kernel (Low Latency) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8351-1
June 01, 2026
linux-lowlatency vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-lowlatency: Linux low latency kernel
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Ethernet bonding driver;
- Packet sockets;
- TLS protocol;
(CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078, CVE-2026-46028)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
linux-image-5.15.0-179-lowlatency 5.15.0-179.189
linux-image-5.15.0-179-lowlatency-64k 5.15.0-179.189
linux-image-lowlatency 5.15.0.179.151
linux-image-lowlatency-5.15 5.15.0.179.151
linux-image-lowlatency-64k 5.15.0.179.151
linux-image-lowlatency-64k-5.15 5.15.0.179.151
linux-image-lowlatency-64k-hwe-20.04 5.15.0.179.151
linux-image-lowlatency-hwe-20.04 5.15.0.179.151
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8351-1
CVE-2026-31419, CVE-2026-31431, CVE-2026-31504, CVE-2026-31533,
CVE-2026-43033, CVE-2026-43077, CVE-2026-43078, CVE-2026-46028
Package Information:
https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-179.189
[LSN-0120-1] Linux kernel vulnerability
Linux kernel vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary
Several security issues were fixed in the kernel.
Software Description
- linux - Linux kernel
- linux-aws - Linux kernel for Amazon Web Services (AWS) systems
- linux-azure - Linux kernel for Microsoft Azure Cloud systems
- linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke - Linux kernel for Google Container Engine (GKE) systems
- linux-ibm - Linux kernel for IBM cloud systems
- linux-oracle - Linux kernel for Oracle Cloud systems
Details
In the Linux kernel, the following vulnerability has been resolved: KVM:
arm64: Tear down vGIC on failed vCPU creation If kvm_arch_vcpu_create()
fails to share the vCPU page with the hypervisor, we propagate the error
back to the ioctl but leave the vGIC vCPU data initialised.
(CVE-2025-37849)
In the Linux kernel, the following vulnerability has been resolved:
nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec
nvmet_tcp_build_pdu_iovec() could walk past cmd->req.sg when a PDU
length or offset exceeds sg_cnt and then use bogus sg->length/offset
values, leading to _copy_to_iter() GPF/KASAN. (CVE-2026-23112)
It was discovered that the Linux kernel algif_aead module did not
properly handle in-place cryptographic operations. This flaw is known as
Copy Fail. A local attacker could use this to escalate privileges, or
possibly escape a container. (CVE-2026-31431)
Update instructions
The problem can be corrected by updating your kernel livepatch to the
following versions:
Ubuntu 20.04 LTS
aws - 120.2
azure - 120.2
gcp - 120.2
generic - 120.2
ibm - 120.2
lowlatency - 120.2
oracle - 120.2
Ubuntu 18.04 LTS
aws - 120.2
azure - 120.2
gcp - 120.2
generic - 120.2
lowlatency - 120.2
oracle - 120.2
Ubuntu 24.04 LTS
aws - 120.2
azure - 120.2
gcp - 120.2
generic - 120.2
ibm - 120.2
oracle - 120.2
Ubuntu 22.04 LTS
aws - 120.2
azure - 120.2
gcp - 120.2
generic - 120.2
gke - 120.2
ibm - 120.2
oracle - 120.2
Support Information
Livepatches for supported LTS kernels will receive upgrades for a period
of up to 13 months after the build date of the kernel.
Livepatches for supported HWE kernels which are not based on an LTS
kernel version will receive upgrades for a period of up to 9 months
after the build date of the kernel, or until the end of support for that
kernel’s non-LTS distro release version, whichever is sooner.
References
- CVE-2025-37849
- CVE-2026-23112
- CVE-2026-31431
[USN-8361-1] Linux kernel vulnerability
==========================================================================
Ubuntu Security Notice USN-8361-1
June 01, 2026
linux-aws, linux-lts-xenial vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
The system could be compromised under certain conditions.
Software Description:
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty
Details:
A security issue was discovered in the Linux kernel.
An attacker could possibly use this to compromise the system.
This update corrects flaws in the following subsystem:
- Packet sockets;
(CVE-2026-31504)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS
linux-image-4.4.0-1155-aws 4.4.0-1155.161
Available with Ubuntu Pro
linux-image-4.4.0-281-generic 4.4.0-281.315~14.04.1
Available with Ubuntu Pro
linux-image-4.4.0-281-lowlatency 4.4.0-281.315~14.04.1
Available with Ubuntu Pro
linux-image-aws 4.4.0.1155.152
Available with Ubuntu Pro
linux-image-generic-lts-xenial 4.4.0.281.315~14.04.1
Available with Ubuntu Pro
linux-image-lowlatency-lts-xenial 4.4.0.281.315~14.04.1
Available with Ubuntu Pro
linux-image-virtual-lts-xenial 4.4.0.281.315~14.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8361-1
CVE-2026-31504
[USN-8209-2] Little CMS vulnerability
==========================================================================
Ubuntu Security Notice USN-8209-2
June 01, 2026
lcms2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Little CMS could be made to crash or run programs if it opened a
specially crafted ICC profile.
Software Description:
- lcms2: Little CMS color management library
Details:
USN-8209-1 fixed vulnerabilities in Little CMS. This update contains the
fixes for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and
Ubuntu 20.04 LTS.
Original advisory details:
It was discovered that Little CMS incorrectly handled certain malformed ICC
profiles. An attacker could use this issue to cause Little CMS to crash,
resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
liblcms2-2 2.9-4ubuntu0.1~esm1
Available with Ubuntu Pro
liblcms2-dev 2.9-4ubuntu0.1~esm1
Available with Ubuntu Pro
liblcms2-utils 2.9-4ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
liblcms2-2 2.9-1ubuntu0.1+esm1
Available with Ubuntu Pro
liblcms2-dev 2.9-1ubuntu0.1+esm1
Available with Ubuntu Pro
liblcms2-utils 2.9-1ubuntu0.1+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
liblcms2-2 2.6-3ubuntu2.1+esm1
Available with Ubuntu Pro
liblcms2-dev 2.6-3ubuntu2.1+esm1
Available with Ubuntu Pro
liblcms2-utils 2.6-3ubuntu2.1+esm1
Available with Ubuntu Pro
Ubuntu 14.04 LTS
liblcms2-2 2.5-0ubuntu4.2+esm1
Available with Ubuntu Pro
liblcms2-dev 2.5-0ubuntu4.2+esm1
Available with Ubuntu Pro
liblcms2-utils 2.5-0ubuntu4.2+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8209-2
https://ubuntu.com/security/notices/USN-8209-1
CVE-2026-41254
[USN-8360-1] sslh vulnerability
==========================================================================
Ubuntu Security Notice USN-8360-1
June 01, 2026
sslh vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
sslh could be made to overwrite files.
Software Description:
- sslh: Applicative protocol multiplexer
Details:
It was discovered that sslh did not properly handle symbolic
links when writing its PID file. A local attacker could
possibly use this issue to overwrite arbitrary files.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
sslh 2.1.4-1ubuntu0.26.04.1
Ubuntu 25.10
sslh 2.1.4-1ubuntu0.25.10.1
Ubuntu 24.04 LTS
sslh 1.22c-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
sslh 1.20-1+deb11u1build0.22.04.1
Ubuntu 20.04 LTS
sslh 1.20-1+deb11u1build0.20.04.1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
sslh 1.18-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
sslh 1.17-2ubuntu0.1~esm1
Available with Ubuntu Pro
After a standard system update you need to restart sslh to
make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8360-1
CVE-2025-52936
Package Information:
https://launchpad.net/ubuntu/+source/sslh/2.1.4-1ubuntu0.26.04.1
https://launchpad.net/ubuntu/+source/sslh/2.1.4-1ubuntu0.25.10.1
https://launchpad.net/ubuntu/+source/sslh/1.20-1+deb11u1build0.22.04.1
[USN-8359-1] NNCP vulnerability
==========================================================================
Ubuntu Security Notice USN-8359-1
June 01, 2026
nncp vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
NNCP could allow unintended access to files.
Software Description:
- nncp: package facilitating secure store-and-forward file and mail exchange
Details:
It was discovered that NNCP did not properly sanitize file paths
in packet data during file requesting and file saving operations. A
remote attacker could possibly use this issue to read or write
arbitrary files outside of the intended directory.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
nncp 8.11.0-4+deb13u1build0.25.10.1
Ubuntu 24.04 LTS
nncp 8.10.0-8ubuntu0.3+esm3
Available with Ubuntu Pro
Ubuntu 22.04 LTS
nncp 8.5.0-1ubuntu0.1+esm3
Available with Ubuntu Pro
In general, a standard system update will make all the necessary
changes.
References:
https://ubuntu.com/security/notices/USN-8359-1
CVE-2025-60020
Package Information:
https://launchpad.net/ubuntu/+source/nncp/8.11.0-4+deb13u1build0.25.10.1
[USN-8358-1] haveged vulnerability
==========================================================================
Ubuntu Security Notice USN-8358-1
June 01, 2026
haveged vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
haveged could be made to run programs as an administrator.
Software Description:
- haveged: userspace entropy daemon
Details:
It was discovered that haveged incorrectly handled credential
checks on its control socket. A local attacker could possibly
use this issue to execute privileged commands.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
haveged 1.9.19-14ubuntu0.1
libhavege2 1.9.19-14ubuntu0.1
Ubuntu 25.10
haveged 1.9.19-12+deb13u1build0.25.10.1
libhavege2 1.9.19-12+deb13u1build0.25.10.1
Ubuntu 24.04 LTS
haveged 1.9.14-1ubuntu2+esm1~24.04.1
Available with Ubuntu Pro
libhavege2 1.9.14-1ubuntu2+esm1~24.04.1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
haveged 1.9.14-1ubuntu1+esm1~22.04.1
Available with Ubuntu Pro
libhavege2 1.9.14-1ubuntu1+esm1~22.04.1
Available with Ubuntu Pro
After a standard system update you need to restart haveged to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8358-1
CVE-2026-41054
Package Information:
https://launchpad.net/ubuntu/+source/haveged/1.9.19-14ubuntu0.1
https://launchpad.net/ubuntu/+source/haveged/1.9.19-12+deb13u1build0.25.10.1
[USN-8355-1] SSSD vulnerability
==========================================================================
Ubuntu Security Notice USN-8355-1
June 01, 2026
sssd vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
Summary:
SSSD could be made to crash if it received specially crafted input.
Software Description:
- sssd: System Security Services Daemon
Details:
It was discovered that SSSD did not properly handle raw bytes in the PAM
passkey responder. A local attacker could possibly use this issue to cause
the SSSD PAM responder to crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
sssd 2.12.0-1ubuntu5.1
Ubuntu 25.10
sssd 2.10.1-2ubuntu5.2
Ubuntu 24.04 LTS
sssd 2.9.4-1.1ubuntu6.5
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8355-1
CVE-2026-6245
Package Information:
https://launchpad.net/ubuntu/+source/sssd/2.12.0-1ubuntu5.1
https://launchpad.net/ubuntu/+source/sssd/2.10.1-2ubuntu5.2
https://launchpad.net/ubuntu/+source/sssd/2.9.4-1.1ubuntu6.5
[USN-8352-1] LibreOffice vulnerability
==========================================================================
Ubuntu Security Notice USN-8352-1
June 01, 2026
libreoffice vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
Summary:
LibreOffice could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
- libreoffice: Office productivity suite
Details:
Duc Anh Nguyen discovered that LibreOffice incorrectly handled mismatched
encryption salt parameters in crafted OOXML documents. An attacker could
use this issue to cause LibreOffice to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libreoffice 4:26.2.3.2-0ubuntu0.26.04.1
Ubuntu 25.10
libreoffice 4:25.8.7-0ubuntu0.25.10.1
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References:
https://ubuntu.com/security/notices/USN-8352-1
CVE-2026-4430
Package Information:
https://launchpad.net/ubuntu/+source/libreoffice/4:26.2.3.2-0ubuntu0.26.04.1
https://launchpad.net/ubuntu/+source/libreoffice/4:25.8.7-0ubuntu0.25.10.1
[USN-8356-1] GNU SASL vulnerability
==========================================================================
Ubuntu Security Notice USN-8356-1
June 01, 2026
gsasl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
Summary:
GNU SASL could be made to crash if it received specially crafted input.
Software Description:
- gsasl: Simple Authentication and Security Layer framework
Details:
It was discovered that GNU SASL did not properly handle certain DIGEST-MD5
tokens. An attacker could possibly use this issue to cause GNU SASL to
crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
gsasl 2.2.2-4ubuntu1.1
libgsasl18 2.2.2-4ubuntu1.1
Ubuntu 25.10
gsasl 2.2.2-2ubuntu1.1
libgsasl18 2.2.2-2ubuntu1.1
Ubuntu 24.04 LTS
gsasl 2.2.1-1willsync1ubuntu0.1
libgsasl18 2.2.1-1willsync1ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8356-1
CVE-2026-48829
Package Information:
https://launchpad.net/ubuntu/+source/gsasl/2.2.2-4ubuntu1.1
https://launchpad.net/ubuntu/+source/gsasl/2.2.2-2ubuntu1.1
https://launchpad.net/ubuntu/+source/gsasl/2.2.1-1willsync1ubuntu0.1
[USN-8354-1] nginx vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8354-1
June 01, 2026
nginx vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in nginx.
Software Description:
- nginx: small, powerful, scalable web/proxy server
Details:
It was discovered that nginx did not properly validate source addresses in
the HTTP/3 QUIC module. A remote attacker could possibly use this issue to
bypass authorization checks or rate limiting. This issue only affected
Ubuntu 25.04 and Ubuntu 25.10. (CVE-2026-40460)
It was discovered that nginx contained a use-after-free vulnerability in
the ngx_http_ssl_module module when client certificate verification and
OCSP validation were enabled. A remote attacker could use this issue to
cause nginx to crash, resulting in a denial of service, or possibly modify
data in memory. (CVE-2026-40701)
It was discovered that nginx did not properly handle certain proxied
responses in the ngx_http_charset_module module. A remote attacker could
possibly use this issue to obtain sensitive information or cause nginx to
crash, resulting in a denial of service. (CVE-2026-42934)
It was discovered that nginx did not properly process certain SCGI and
uWSGI responses. An attacker able to perform a machine-in-the-middle attack
could possibly use this issue to obtain sensitive information or cause
nginx to crash, resulting in a denial of service. (CVE-2026-42946)
It was discovered that nginx incorrectly handled certain rewrite rules in
the ngx_http_rewrite_module module. A remote attacker could use this issue
to cause nginx to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2026-9256)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
nginx 1.28.3-2ubuntu1.2
nginx-core 1.28.3-2ubuntu1.2
nginx-extras 1.28.3-2ubuntu1.2
nginx-full 1.28.3-2ubuntu1.2
nginx-light 1.28.3-2ubuntu1.2
Ubuntu 25.10
nginx 1.28.0-6ubuntu1.4
nginx-core 1.28.0-6ubuntu1.4
nginx-extras 1.28.0-6ubuntu1.4
nginx-full 1.28.0-6ubuntu1.4
nginx-light 1.28.0-6ubuntu1.4
Ubuntu 24.04 LTS
nginx 1.24.0-2ubuntu7.9
nginx-core 1.24.0-2ubuntu7.9
nginx-extras 1.24.0-2ubuntu7.9
nginx-full 1.24.0-2ubuntu7.9
nginx-light 1.24.0-2ubuntu7.9
Ubuntu 22.04 LTS
nginx 1.18.0-6ubuntu14.12
nginx-core 1.18.0-6ubuntu14.12
nginx-extras 1.18.0-6ubuntu14.12
nginx-full 1.18.0-6ubuntu14.12
nginx-light 1.18.0-6ubuntu14.12
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8354-1
CVE-2026-40460, CVE-2026-40701, CVE-2026-42934, CVE-2026-42946,
CVE-2026-9256
Package Information:
https://launchpad.net/ubuntu/+source/nginx/1.28.3-2ubuntu1.2
https://launchpad.net/ubuntu/+source/nginx/1.28.0-6ubuntu1.4
https://launchpad.net/ubuntu/+source/nginx/1.24.0-2ubuntu7.9
https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.12
[USN-8353-1] Exim vulnerability
==========================================================================
Ubuntu Security Notice USN-8353-1
June 01, 2026
exim4 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Exim could be made to expose sensitive information over the network.
Software Description:
- exim4: Exim is a mail transport agent
Details:
Warisjeet Singh discovered that Exim with SUPPORT_PROXY enabled did not
properly handle memory before SMTP authentication. A remote attacker could
possibly use this issue to obtain sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
exim4 4.99.1-1ubuntu1.3
exim4-base 4.99.1-1ubuntu1.3
eximon4 4.99.1-1ubuntu1.3
Ubuntu 25.10
exim4 4.98.2-1ubuntu2.3
exim4-base 4.98.2-1ubuntu2.3
eximon4 4.98.2-1ubuntu2.3
Ubuntu 24.04 LTS
exim4 4.97-4ubuntu4.6
exim4-base 4.97-4ubuntu4.6
eximon4 4.97-4ubuntu4.6
Ubuntu 22.04 LTS
exim4 4.95-4ubuntu2.9
exim4-base 4.95-4ubuntu2.9
eximon4 4.95-4ubuntu2.9
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8353-1
CVE-2026-48840
Package Information:
https://launchpad.net/ubuntu/+source/exim4/4.99.1-1ubuntu1.3
https://launchpad.net/ubuntu/+source/exim4/4.98.2-1ubuntu2.3
https://launchpad.net/ubuntu/+source/exim4/4.97-4ubuntu4.6
https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.9
