[USN-8431-1] Ruby vulnerabilities
[USN-8432-1] FreeRDP vulnerabilities
[USN-8349-3] rsync regression
[USN-8437-1] rabbitmq-c vulnerabilities
[USN-8435-1] Squid vulnerabilities
[USN-8436-1] ca-certificates update
[USN-8434-1] Nova vulnerability
[USN-8438-1] OpenImageIO vulnerabilities
[USN-8440-1] Linux kernel (Azure) vulnerabilities
[USN-8426-2] Linux kernel (Azure) vulnerabilities
[USN-8412-2] QEMU regression
[USN-8433-1] OpenStack Keystone vulnerabilities
[USN-8439-1] Linux kernel (Oracle) vulnerabilities
[USN-8431-1] Ruby vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8431-1
June 15, 2026
ruby2.3, ruby2.5 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Ruby could allow unintended access to network services.
Software Description:
- ruby2.5: Object-oriented scripting language
- ruby2.3: Object-oriented scripting language
Details:
It was discovered that Ruby's Net::IMAP library did not properly verify
that Transport Layer Security (TLS) encryption was started after issuing a STARTTLS command. A remote
attacker could possibly use this issue to perform a machine-in-the-middle attack and silently
bypass TLS encryption. (CVE-2026-42246)
It was also discovered that Ruby's Net::IMAP library did not validate
string arguments passed to certain commands. A remote attacker could possibly use this issue to
inject arbitrary IMAP commands. (CVE-2026-42257)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
libruby2.5 2.5.1-1ubuntu1.16+esm8
Available with Ubuntu Pro
ruby2.5 2.5.1-1ubuntu1.16+esm8
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libruby2.3 2.3.1-2~ubuntu16.04.16+esm14
Available with Ubuntu Pro
ruby2.3 2.3.1-2~ubuntu16.04.16+esm14
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8431-1
CVE-2026-42246, CVE-2026-42257
[USN-8432-1] FreeRDP vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8432-1
June 16, 2026
freerdp2, freerdp3 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in FreeRDP.
Software Description:
- freerdp3: RDP client for Windows Terminal Services
- freerdp2: RDP client for Windows Terminal Services
Details:
It was discovered that FreeRDP incorrectly handled memory under certain
circumstances, which could lead to an out-of-bounds heap write. An
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. (CVE-2026-45700)
In addition, this update fixes a regression introduced in USN-8105-1.
The update introduces a complete fix for CVE-2026-22858, CVE-2026-23732
and CVE-2026-25952 in Ubuntu 24.04 LTS and Ubuntu 25.10.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
freerdp-x11 3.24.2+dfsg-1ubuntu1.1
freerdp3-x11 3.24.2+dfsg-1ubuntu1.1
libfreerdp3-3 3.24.2+dfsg-1ubuntu1.1
Ubuntu 25.10
freerdp3-x11 3.16.0+dfsg-2ubuntu0.5
libfreerdp3-3 3.16.0+dfsg-2ubuntu0.5
Ubuntu 24.04 LTS
freerdp2-x11 2.11.5+dfsg1-1ubuntu0.1~esm6
Available with Ubuntu Pro
freerdp3-x11 3.5.1+dfsg1-0ubuntu1.6
libfreerdp2-2t64 2.11.5+dfsg1-1ubuntu0.1~esm6
Available with Ubuntu Pro
libfreerdp3-3 3.5.1+dfsg1-0ubuntu1.6
Ubuntu 22.04 LTS
freerdp2-x11 2.6.1+dfsg1-3ubuntu2.11
libfreerdp2-2 2.6.1+dfsg1-3ubuntu2.11
Ubuntu 20.04 LTS
freerdp2-x11 2.6.1+dfsg1-0ubuntu0.20.04.2+esm4
Available with Ubuntu Pro
libfreerdp2-2 2.6.1+dfsg1-0ubuntu0.20.04.2+esm4
Available with Ubuntu Pro
Ubuntu 18.04 LTS
freerdp2-x11 2.2.0+dfsg1-0ubuntu0.18.04.4+esm6
Available with Ubuntu Pro
libfreerdp2-2 2.2.0+dfsg1-0ubuntu0.18.04.4+esm6
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8432-1
CVE-2026-45700, https://launchpad.net/bugs/2149819
Package Information:
https://launchpad.net/ubuntu/+source/freerdp3/3.24.2+dfsg-1ubuntu1.1
https://launchpad.net/ubuntu/+source/freerdp3/3.16.0+dfsg-2ubuntu0.5
https://launchpad.net/ubuntu/+source/freerdp2/2.6.1+dfsg1-3ubuntu2.11
[USN-8349-3] rsync regression
==========================================================================
Ubuntu Security Notice USN-8349-3
June 16, 2026
rsync regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
USN-8349-1 introduced regressions in rsync.
Software Description:
- rsync: fast, versatile, remote (and local) file-copying tool
Details:
USN-8349-1 fixed vulnerabilities in rsync. Unfortunately that update introduced multiple
regressions in rsync functionality. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Calum Hutton discovered that rsync contained a heap-based out-of-bounds
read when handling file transfers. A remote attacker with read access
to an rsync server could possibly use this issue to cause a denial of
service. (CVE-2025-10158)
Batuhan Sancak, Damien Neil, and Michael Stapelberg discovered that
rsync daemons configured without chroot protection were exposed to a
race condition on parent path components. A local attacker with write
access to a module could possibly use this issue to overwrite files,
obtain sensitive information, or escalate privileges.
(CVE-2026-29518)
It was discovered that rsync did not properly validate a length value
while sorting extended attributes. An attacker could possibly use this
issue to cause a denial of service. (CVE-2026-41035)
It was discovered that rsync performed reverse-DNS lookups after
chrooting in some daemon configurations. A remote attacker could
possibly use this issue to bypass hostname-based access controls and
access network services. (CVE-2026-43617)
Omar Elsayed discovered that rsync did not properly check for integer
overflows while decoding compressed tokens. A remote attacker could
possibly use this issue to obtain sensitive information.
(CVE-2026-43618)
Andrew Tridgell discovered that rsync did not fully fix a symlink race
condition in path-based system calls for daemons configured without
chroot protection. A local attacker could possibly use this issue to
overwrite files, obtain sensitive information, or escalate privileges.
(CVE-2026-43619)
Pratham Gupta discovered that rsync did not properly validate an index
while processing file lists. A remote attacker could possibly use this
issue to cause rsync to crash, resulting in a denial of service.
(CVE-2026-43620)
Michal Ruprich discovered that rsync contained an off-by-one error
while handling HTTP proxy responses. An attacker able to intercept network
communications or a malicious proxy server could possibly use this issue to
cause a denial of service. (CVE-2026-45232)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
rsync 3.1.3-8ubuntu0.9+esm2
Available with Ubuntu Pro
Ubuntu 18.04 LTS
rsync 3.1.2-2.1ubuntu1.6+esm4
Available with Ubuntu Pro
Ubuntu 16.04 LTS
rsync 3.1.1-3ubuntu1.3+esm6
Available with Ubuntu Pro
Ubuntu 14.04 LTS
rsync 3.1.0-2ubuntu0.4+esm4
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
After a standard system update you need to restart rsync daemons to make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8349-3
https://ubuntu.com/security/notices/USN-8349-2
https://ubuntu.com/security/notices/USN-8349-1
https://launchpad.net/bugs/2155874
[USN-8437-1] rabbitmq-c vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8437-1
June 16, 2026
librabbitmq vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in rabbitmq-c.
Software Description:
- librabbitmq: AMQP client library written in C
Details:
It was discovered that rabbitmq-c exposed credentials in command-line
arguments under certain circumstances. A local attacker could possibly use
this issue to obtain sensitive information. This issue only affected Ubuntu
22.04 LTS and Ubuntu 24.04 LTS. (CVE-2023-35789)
It was discovered that rabbitmq-c incorrectly handled AMQP frame lengths
under certain circumstances, which could lead to an out-of-bounds read. A
remote attacker could possibly use this issue to cause rabbitmq-c to crash,
resulting in a denial of service. (CVE-2026-44235)
It was discovered that rabbitmq-c incorrectly handled AMQP login handshakes
under certain circumstances, which could lead to a heap buffer overflow. A
remote attacker could possibly use this issue to cause rabbitmq-c to crash,
resulting in a denial of service, or execute arbitrary code.
(CVE-2026-44236)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
amqp-tools 0.15.0-1ubuntu0.26.04.1
librabbitmq4 0.15.0-1ubuntu0.26.04.1
Ubuntu 25.10
amqp-tools 0.15.0-1ubuntu0.25.10.1
librabbitmq4 0.15.0-1ubuntu0.25.10.1
Ubuntu 24.04 LTS
amqp-tools 0.11.0-1ubuntu0.1
librabbitmq4 0.11.0-1ubuntu0.1
Ubuntu 22.04 LTS
amqp-tools 0.10.0-1ubuntu2.1
librabbitmq4 0.10.0-1ubuntu2.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8437-1
CVE-2023-35789, CVE-2026-44235, CVE-2026-44236
Package Information:
https://launchpad.net/ubuntu/+source/librabbitmq/0.15.0-1ubuntu0.26.04.1
https://launchpad.net/ubuntu/+source/librabbitmq/0.15.0-1ubuntu0.25.10.1
https://launchpad.net/ubuntu/+source/librabbitmq/0.11.0-1ubuntu0.1
https://launchpad.net/ubuntu/+source/librabbitmq/0.10.0-1ubuntu2.1
[USN-8435-1] Squid vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8435-1
June 16, 2026
squid vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in Squid.
Software Description:
- squid: Web proxy cache server
Details:
It was discovered that Squid incorrectly handled FTP gateway processing
under certain circumstances, which could result in an out-of-bounds read. A
remote attacker could use this issue to cause Squid to crash, resulting in
a denial of service, or possibly obtain sensitive information.
(CVE-2026-47729)
It was discovered that Squid incorrectly handled cache digest processing
under certain circumstances, which could result in a heap-based buffer
overflow. A remote attacker could use this issue to cause Squid to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2026-50012)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
squid 7.2-2ubuntu2.2
Ubuntu 25.10
squid 6.14-0ubuntu0.25.10.4
Ubuntu 24.04 LTS
squid 6.14-0ubuntu0.24.04.4
Ubuntu 22.04 LTS
squid 5.9-0ubuntu0.22.04.7
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8435-1
CVE-2026-47729, CVE-2026-50012
Package Information:
https://launchpad.net/ubuntu/+source/squid/7.2-2ubuntu2.2
https://launchpad.net/ubuntu/+source/squid/6.14-0ubuntu0.25.10.4
https://launchpad.net/ubuntu/+source/squid/6.14-0ubuntu0.24.04.4
https://launchpad.net/ubuntu/+source/squid/5.9-0ubuntu0.22.04.7
[USN-8436-1] ca-certificates update
==========================================================================
Ubuntu Security Notice USN-8436-1
June 16, 2026
ca-certificates update
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
The CA certificates in the ca-certificates package were updated.
Software Description:
- ca-certificates: Common CA certificates
Details:
The ca-certificates package contained outdated CA certificates. This update
refreshes the included certificates to those contained in the 2.86 version
of the Mozilla certificate authority bundle.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
ca-certificates 20260601~26.04.1
Ubuntu 25.10
ca-certificates 20260601~25.10.1
Ubuntu 24.04 LTS
ca-certificates 20260601~24.04.1
Ubuntu 22.04 LTS
ca-certificates 20260601~22.04.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8436-1
https://launchpad.net/bugs/2156786
Package Information:
https://launchpad.net/ubuntu/+source/ca-certificates/20260601~26.04.1
https://launchpad.net/ubuntu/+source/ca-certificates/20260601~25.10.1
https://launchpad.net/ubuntu/+source/ca-certificates/20260601~24.04.1
https://launchpad.net/ubuntu/+source/ca-certificates/20260601~22.04.1
[USN-8434-1] Nova vulnerability
==========================================================================
Ubuntu Security Notice USN-8434-1
June 16, 2026
nova vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Nova could be made to bypass resource accounting.
Software Description:
- nova: OpenStack Compute cloud infrastructure
Details:
It was discovered that Nova did not strip internal _nova-prefixed
scheduler hints supplied by users on instance creation. An attacker could
possibly use this issue to bypass Placement resource claims and
scheduling constraint enforcement.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
nova-ajax-console-proxy 3:33.0.0-0ubuntu3.1
nova-api 3:33.0.0-0ubuntu3.1
nova-api-metadata 3:33.0.0-0ubuntu3.1
nova-api-os-compute 3:33.0.0-0ubuntu3.1
nova-api-os-volume 3:33.0.0-0ubuntu3.1
nova-cells 3:33.0.0-0ubuntu3.1
nova-common 3:33.0.0-0ubuntu3.1
nova-compute 3:33.0.0-0ubuntu3.1
nova-compute-ironic 3:33.0.0-0ubuntu3.1
nova-compute-kvm 3:33.0.0-0ubuntu3.1
nova-compute-libvirt 3:33.0.0-0ubuntu3.1
nova-compute-lxc 3:33.0.0-0ubuntu3.1
nova-compute-qemu 3:33.0.0-0ubuntu3.1
nova-compute-vmware 3:33.0.0-0ubuntu3.1
nova-compute-xen 3:33.0.0-0ubuntu3.1
nova-conductor 3:33.0.0-0ubuntu3.1
nova-doc 3:33.0.0-0ubuntu3.1
nova-novncproxy 3:33.0.0-0ubuntu3.1
nova-scheduler 3:33.0.0-0ubuntu3.1
nova-serialproxy 3:33.0.0-0ubuntu3.1
nova-spiceproxy 3:33.0.0-0ubuntu3.1
nova-volume 3:33.0.0-0ubuntu3.1
python3-nova 3:33.0.0-0ubuntu3.1
Ubuntu 25.10
nova-ajax-console-proxy 3:32.0.0-0ubuntu1.3
nova-api 3:32.0.0-0ubuntu1.3
nova-api-metadata 3:32.0.0-0ubuntu1.3
nova-api-os-compute 3:32.0.0-0ubuntu1.3
nova-api-os-volume 3:32.0.0-0ubuntu1.3
nova-cells 3:32.0.0-0ubuntu1.3
nova-common 3:32.0.0-0ubuntu1.3
nova-compute 3:32.0.0-0ubuntu1.3
nova-compute-ironic 3:32.0.0-0ubuntu1.3
nova-compute-kvm 3:32.0.0-0ubuntu1.3
nova-compute-libvirt 3:32.0.0-0ubuntu1.3
nova-compute-lxc 3:32.0.0-0ubuntu1.3
nova-compute-qemu 3:32.0.0-0ubuntu1.3
nova-compute-vmware 3:32.0.0-0ubuntu1.3
nova-compute-xen 3:32.0.0-0ubuntu1.3
nova-conductor 3:32.0.0-0ubuntu1.3
nova-doc 3:32.0.0-0ubuntu1.3
nova-novncproxy 3:32.0.0-0ubuntu1.3
nova-scheduler 3:32.0.0-0ubuntu1.3
nova-serialproxy 3:32.0.0-0ubuntu1.3
nova-spiceproxy 3:32.0.0-0ubuntu1.3
nova-volume 3:32.0.0-0ubuntu1.3
python3-nova 3:32.0.0-0ubuntu1.3
Ubuntu 24.04 LTS
nova-ajax-console-proxy 3:29.2.0-0ubuntu1.7
nova-api 3:29.2.0-0ubuntu1.7
nova-api-metadata 3:29.2.0-0ubuntu1.7
nova-api-os-compute 3:29.2.0-0ubuntu1.7
nova-api-os-volume 3:29.2.0-0ubuntu1.7
nova-cells 3:29.2.0-0ubuntu1.7
nova-common 3:29.2.0-0ubuntu1.7
nova-compute 3:29.2.0-0ubuntu1.7
nova-compute-ironic 3:29.2.0-0ubuntu1.7
nova-compute-kvm 3:29.2.0-0ubuntu1.7
nova-compute-libvirt 3:29.2.0-0ubuntu1.7
nova-compute-lxc 3:29.2.0-0ubuntu1.7
nova-compute-qemu 3:29.2.0-0ubuntu1.7
nova-compute-vmware 3:29.2.0-0ubuntu1.7
nova-compute-xen 3:29.2.0-0ubuntu1.7
nova-conductor 3:29.2.0-0ubuntu1.7
nova-doc 3:29.2.0-0ubuntu1.7
nova-novncproxy 3:29.2.0-0ubuntu1.7
nova-scheduler 3:29.2.0-0ubuntu1.7
nova-serialproxy 3:29.2.0-0ubuntu1.7
nova-spiceproxy 3:29.2.0-0ubuntu1.7
nova-volume 3:29.2.0-0ubuntu1.7
python3-nova 3:29.2.0-0ubuntu1.7
Ubuntu 22.04 LTS
nova-ajax-console-proxy 3:25.2.1-0ubuntu2.11
nova-api 3:25.2.1-0ubuntu2.11
nova-api-metadata 3:25.2.1-0ubuntu2.11
nova-api-os-compute 3:25.2.1-0ubuntu2.11
nova-api-os-volume 3:25.2.1-0ubuntu2.11
nova-cells 3:25.2.1-0ubuntu2.11
nova-common 3:25.2.1-0ubuntu2.11
nova-compute 3:25.2.1-0ubuntu2.11
nova-compute-ironic 3:25.2.1-0ubuntu2.11
nova-compute-kvm 3:25.2.1-0ubuntu2.11
nova-compute-libvirt 3:25.2.1-0ubuntu2.11
nova-compute-lxc 3:25.2.1-0ubuntu2.11
nova-compute-qemu 3:25.2.1-0ubuntu2.11
nova-compute-vmware 3:25.2.1-0ubuntu2.11
nova-compute-xen 3:25.2.1-0ubuntu2.11
nova-conductor 3:25.2.1-0ubuntu2.11
nova-doc 3:25.2.1-0ubuntu2.11
nova-novncproxy 3:25.2.1-0ubuntu2.11
nova-scheduler 3:25.2.1-0ubuntu2.11
nova-serialproxy 3:25.2.1-0ubuntu2.11
nova-spiceproxy 3:25.2.1-0ubuntu2.11
nova-volume 3:25.2.1-0ubuntu2.11
python3-nova 3:25.2.1-0ubuntu2.11
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8434-1
CVE-2026-46448
Package Information:
https://launchpad.net/ubuntu/+source/nova/3:33.0.0-0ubuntu3.1
https://launchpad.net/ubuntu/+source/nova/3:32.0.0-0ubuntu1.3
https://launchpad.net/ubuntu/+source/nova/3:29.2.0-0ubuntu1.7
https://launchpad.net/ubuntu/+source/nova/3:25.2.1-0ubuntu2.11
[USN-8438-1] OpenImageIO vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8438-1
June 16, 2026
openimageio vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 24.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in OpenImageIO.
Software Description:
- openimageio: Library for reading and writing images
Details:
It was discovered that OpenImageIO incorrectly performed bounds
checking when processing SGI files. An attacker could possibly
use this issue to cause a denial of service or execute arbitrary
code. (CVE-2026-43903)
It was discovered that OpenImageIO incorrectly handled run-length
encoding when processing Softimage PIC files. An attacker
could possibly use this issue to cause a denial of service or
execute arbitrary code. (CVE-2026-43904)
It was discovered that OpenImageIO incorrectly validated subimage
metadata when processing HEIF files. An attacker could
possibly use this issue to cause a denial of service or execute
arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu
24.04 LTS and Ubuntu 26.04 LTS. (CVE-2026-43906)
It was discovered that OpenImageIO contained multiple integer
overflow vulnerabilities when processing DPX files. An
attacker could possibly use these issues to cause a denial of
service or execute arbitrary code. (CVE-2026-43907, CVE-2026-43908,
CVE-2026-43909)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
libopenimageio-dev 2.5.19.1+dfsg-2ubuntu0.1~esm1
Available with Ubuntu Pro
libopenimageio2.5 2.5.19.1+dfsg-2ubuntu0.1~esm1
Available with Ubuntu Pro
openimageio-tools 2.5.19.1+dfsg-2ubuntu0.1~esm1
Available with Ubuntu Pro
python3-openimageio 2.5.19.1+dfsg-2ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 24.04 LTS
libopenimageio-dev 2.4.17.0+dfsg-1.1ubuntu0.1~esm1
Available with Ubuntu Pro
libopenimageio2.4t64 2.4.17.0+dfsg-1.1ubuntu0.1~esm1
Available with Ubuntu Pro
openimageio-tools 2.4.17.0+dfsg-1.1ubuntu0.1~esm1
Available with Ubuntu Pro
python3-openimageio 2.4.17.0+dfsg-1.1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 20.04 LTS
libopenimageio-dev 2.1.12.0~dfsg0-1ubuntu0.1~esm1
Available with Ubuntu Pro
libopenimageio2.1 2.1.12.0~dfsg0-1ubuntu0.1~esm1
Available with Ubuntu Pro
openimageio-tools 2.1.12.0~dfsg0-1ubuntu0.1~esm1
Available with Ubuntu Pro
python3-openimageio 2.1.12.0~dfsg0-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libopenimageio-dev 1.7.17~dfsg0-1ubuntu2+esm1
Available with Ubuntu Pro
libopenimageio1.7 1.7.17~dfsg0-1ubuntu2+esm1
Available with Ubuntu Pro
openimageio-tools 1.7.17~dfsg0-1ubuntu2+esm1
Available with Ubuntu Pro
python-openimageio 1.7.17~dfsg0-1ubuntu2+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libopenimageio-dev 1.6.11~dfsg0-1ubuntu1+esm2
Available with Ubuntu Pro
libopenimageio1.6 1.6.11~dfsg0-1ubuntu1+esm2
Available with Ubuntu Pro
openimageio-tools 1.6.11~dfsg0-1ubuntu1+esm2
Available with Ubuntu Pro
python-openimageio 1.6.11~dfsg0-1ubuntu1+esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8438-1
CVE-2026-43903, CVE-2026-43904, CVE-2026-43906, CVE-2026-43907,
CVE-2026-43908, CVE-2026-43909
[USN-8440-1] Linux kernel (Azure) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8440-1
June 16, 2026
linux-azure-6.8 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure-6.8: Linux kernel for Microsoft Azure cloud systems
Details:
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo
Rizzo discovered that some AMD Zen processors did not properly verify the
signature of CPU microcode. This flaw is known as EntrySign. A privileged
attacker could possibly use this issue to cause load malicious CPU
microcode causing loss of integrity and confidentiality. (CVE-2024-36347)
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
It was discovered that the Linux kernel did not properly handle shared page
fragments during socket buffer operations, collectively known as Dirty
Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the
RxRPC networking subsystem when processing paged fragments. A local
attacker could use this to escalate privileges, or possibly escape a
container. (CVE-2026-43284, CVE-2026-43500, CVE-2026-45998, CVE-2026-46000)
It was discovered that a logic flaw existed in the XFRM ESP-in-TCP
subsystem in the Linux kernel when handling socket buffer fragments. This
flaw is known as Fragnesia. A local attacker could use this to escalate
privileges, or possibly escape a container. (CVE-2026-43503,
CVE-2026-46300)
Qualys discovered that a race condition existed in the ptrace subsystem of
the Linux kernel when privileged processes are exiting. An unprivileged
local attacker could use this issue to expose sensitive information.
(CVE-2026-46333)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contain a memory leak when handling AppArmor notifications. A local
attacker could use this to cause resource exhaustion. (CVE-2026-47326)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contain a NULL pointer dereference when handling AppArmor notifications. A
local attacker could use this to cause a kernel oops. (CVE-2026-47327)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contained an invalid free when handling AppArmor notifications. A local
attacker could use this to corrupt kernel memory. (CVE-2026-47328)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contained insufficient validation of AppArmor notification responses. A
local attacker could use this to allow crafted responses to be processed.
(CVE-2026-47329)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0 used
an uninitialized variable when handling AppArmor notifications. A local
attacker could use this to cause incorrect caching of data.
(CVE-2026-47330)
Tristan Madani discovered that Ubuntu Linux kernel 6.8 contained a use-
after-free (UAF) bug. A local attacker could use this to cause memory
corruption and, theoretically, arbitrary code execution. (CVE-2026-47331)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contained an out-of-bounds (OOB) read when handling AppArmor notifications.
A local attacker could use this to cause information disclosure of kernel
memory. (CVE-2026-47332)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contained a out-of-bounds (OOB) read when handling AppArmor notifications.
A local attacker could use this to cause kernel memory corruption and,
theoretically, influence processing of AppArmor policies. (CVE-2026-47333)
Tristan Madani discovered that Ubuntu Linux kernel 6.8, 6.17 and 7.0
contained incorrect holding of locks when handling AppArmor notifications.
A local attacker could use this to cause a kernel panic or deadlock.
(CVE-2026-47334)
Tristan Madani discovered that Ubuntu Linux kernel 6.8 contained a NULL
pointer dereference when handling AppArmor notifications. A local attacker
could use this to cause a kernel panic. (CVE-2026-47335)
Tristan Madani discovered that Ubuntu Linux kernel 6.8 used an
uninitialized variable when handling AppArmor AF_INET/AF_INET6 socket
mediation. A local attacker could use this to influence processing of fine-
grained network socket mediation. (CVE-2026-47336)
Tristan Madani and Trevor Lawrence have each independently discovered that
Ubuntu Linux kernel 6.8, 6.17 and 7.0 contained a NULL pointer dereference
when handling AppArmor network socket mediation. A local attacker could use
this to cause a kernel oops. (CVE-2026-47337)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- Compute Acceleration Framework;
- ACPI drivers;
- Drivers core;
- Network block device driver;
- Null block device driver;
- Ublk userspace block driver;
- Bluetooth drivers;
- Character device driver;
- TPM device driver;
- Clock framework and drivers;
- Data acquisition framework and drivers;
- Counter interface drivers;
- Hardware crypto device drivers;
- DMA engine subsystem;
- DPLL subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- Intel Trace Hub HW tracing drivers;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- On-Chip Interconnect management framework;
- IOMMU subsystem;
- IRQ chip drivers;
- Modular ISDN driver;
- LED subsystem;
- Macintosh device drivers;
- Multiple devices driver;
- Media drivers;
- UACCE accelerator framework;
- MMC subsystem;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- Ethernet team driver;
- MediaTek network drivers;
- NVME drivers;
- PA-RISC drivers;
- PHY drivers;
- Chrome hardware platform drivers;
- x86 platform drivers;
- i.MX PM domains;
- Voltage and Current Regulator drivers;
- SCSI subsystem;
- SLIMbus drivers;
- SPI subsystem;
- Media Oriented Systems Transport (MOST) driver;
- Realtek RTL8723BS SDIO drivers;
- TCM subsystem;
- USB Host Controller drivers;
- USB Type-C Connector System Software Interface driver;
- Backlight driver;
- W1 Dallas's 1-wire bus driver;
- Watchdog drivers;
- Xen hypervisor drivers;
- BFS file system;
- BTRFS file system;
- EFI Variable file system;
- exFAT file system;
- Ext4 file system;
- F2FS file system;
- FUSE (File system in Userspace);
- HFS+ file system;
- File systems infrastructure;
- Journaling layer for block devices (JBD2);
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- File system notification infrastructure;
- NTFS3 file system;
- OCFS2 file system;
- SMB network file system;
- BPF subsystem;
- Ethernet bridge;
- Scheduler infrastructure;
- Netfilter;
- NFC subsystem;
- Tracing infrastructure;
- io_uring subsystem;
- Perf events;
- Locking primitives;
- Shadow Call Stack mechanism;
- Floating proportions library;
- Memory management;
- Bluetooth subsystem;
- CAIF protocol;
- CAN network layer;
- Ceph Core library;
- Networking core;
- Ethtool driver;
- Handshake API;
- HSR network protocol;
- IPv4 networking;
- IPv6 networking;
- L2TP protocol;
- MAC80211 subsystem;
- Multipath TCP;
- NET/ROM layer;
- Open vSwitch;
- Packet sockets;
- RDS protocol;
- Rose network layer;
- RxRPC session sockets;
- Network traffic control;
- SCTP protocol;
- Network sockets;
- Sun RPC protocol;
- TLS protocol;
- Unix domain sockets;
- VMware vSockets driver;
- Wireless networking;
- Integrity Measurement Architecture(IMA) framework;
- Key management;
- Simplified Mandatory Access Control Kernel framework;
- ALSA AC97 driver;
- Generic PCM loopback sound driver;
- FireWire sound drivers;
- HD-audio driver;
- Turtle Beach Wavefront ALSA driver;
- Creative Sound Blaster X-Fi driver;
- AMD SoC Alsa drivers;
- Texas InstrumentS Audio (ASoC/HDA) drivers;
- STMicroelectronics SoC drivers;
- USB sound devices;
- KVM subsystem;
(CVE-2024-50004, CVE-2024-57795, CVE-2024-58096, CVE-2024-58097,
CVE-2025-22022, CVE-2025-22111, CVE-2025-37926, CVE-2025-38022,
CVE-2025-38201, CVE-2025-38234, CVE-2025-38591, CVE-2025-40039,
CVE-2025-40082, CVE-2025-40149, CVE-2025-40164, CVE-2025-40325,
CVE-2025-68206, CVE-2025-68254, CVE-2025-68255, CVE-2025-68256,
CVE-2025-68257, CVE-2025-68258, CVE-2025-68259, CVE-2025-68261,
CVE-2025-68263, CVE-2025-68264, CVE-2025-68265, CVE-2025-68266,
CVE-2025-68291, CVE-2025-68325, CVE-2025-68332, CVE-2025-68335,
CVE-2025-68336, CVE-2025-68337, CVE-2025-68344, CVE-2025-68345,
CVE-2025-68346, CVE-2025-68347, CVE-2025-68349, CVE-2025-68351,
CVE-2025-68354, CVE-2025-68358, CVE-2025-68362, CVE-2025-68363,
CVE-2025-68364, CVE-2025-68365, CVE-2025-68366, CVE-2025-68367,
CVE-2025-68369, CVE-2025-68371, CVE-2025-68372, CVE-2025-68374,
CVE-2025-68378, CVE-2025-68379, CVE-2025-68380, CVE-2025-68724,
CVE-2025-68725, CVE-2025-68727, CVE-2025-68728, CVE-2025-68732,
CVE-2025-68733, CVE-2025-68740, CVE-2025-68741, CVE-2025-68742,
CVE-2025-68744, CVE-2025-68746, CVE-2025-68749, CVE-2025-68753,
CVE-2025-68755, CVE-2025-68756, CVE-2025-68757, CVE-2025-68758,
CVE-2025-68759, CVE-2025-68763, CVE-2025-68764, CVE-2025-68765,
CVE-2025-68766, CVE-2025-68767, CVE-2025-68769, CVE-2025-68770,
CVE-2025-68771, CVE-2025-68772, CVE-2025-68773, CVE-2025-68774,
CVE-2025-68775, CVE-2025-68776, CVE-2025-68777, CVE-2025-68778,
CVE-2025-68780, CVE-2025-68782, CVE-2025-68783, CVE-2025-68785,
CVE-2025-68786, CVE-2025-68787, CVE-2025-68788, CVE-2025-68794,
CVE-2025-68795, CVE-2025-68796, CVE-2025-68797, CVE-2025-68798,
CVE-2025-68799, CVE-2025-68800, CVE-2025-68801, CVE-2025-68803,
CVE-2025-68804, CVE-2025-68806, CVE-2025-68808, CVE-2025-68809,
CVE-2025-68810, CVE-2025-68811, CVE-2025-68813, CVE-2025-68814,
CVE-2025-68815, CVE-2025-68816, CVE-2025-68817, CVE-2025-68818,
CVE-2025-68819, CVE-2025-68820, CVE-2025-68821, CVE-2025-68823,
CVE-2025-71064, CVE-2025-71065, CVE-2025-71066, CVE-2025-71067,
CVE-2025-71068, CVE-2025-71069, CVE-2025-71071, CVE-2025-71072,
CVE-2025-71075, CVE-2025-71077, CVE-2025-71078, CVE-2025-71079,
CVE-2025-71081, CVE-2025-71082, CVE-2025-71083, CVE-2025-71084,
CVE-2025-71085, CVE-2025-71086, CVE-2025-71087, CVE-2025-71088,
CVE-2025-71089, CVE-2025-71091, CVE-2025-71093, CVE-2025-71094,
CVE-2025-71095, CVE-2025-71096, CVE-2025-71097, CVE-2025-71098,
CVE-2025-71101, CVE-2025-71102, CVE-2025-71104, CVE-2025-71105,
CVE-2025-71107, CVE-2025-71108, CVE-2025-71109, CVE-2025-71111,
CVE-2025-71112, CVE-2025-71113, CVE-2025-71114, CVE-2025-71116,
CVE-2025-71118, CVE-2025-71119, CVE-2025-71120, CVE-2025-71121,
CVE-2025-71122, CVE-2025-71123, CVE-2025-71125, CVE-2025-71126,
CVE-2025-71127, CVE-2025-71130, CVE-2025-71131, CVE-2025-71132,
CVE-2025-71133, CVE-2025-71135, CVE-2025-71136, CVE-2025-71137,
CVE-2025-71138, CVE-2025-71140, CVE-2025-71141, CVE-2025-71143,
CVE-2025-71144, CVE-2025-71147, CVE-2025-71148, CVE-2025-71150,
CVE-2025-71151, CVE-2025-71153, CVE-2025-71154, CVE-2025-71160,
CVE-2025-71162, CVE-2025-71163, CVE-2025-71180, CVE-2025-71182,
CVE-2025-71183, CVE-2025-71184, CVE-2025-71185, CVE-2025-71186,
CVE-2025-71188, CVE-2025-71189, CVE-2025-71190, CVE-2025-71191,
CVE-2025-71192, CVE-2025-71193, CVE-2025-71194, CVE-2025-71195,
CVE-2025-71196, CVE-2025-71197, CVE-2025-71198, CVE-2025-71199,
CVE-2025-71200, CVE-2025-71220, CVE-2025-71222, CVE-2025-71224,
CVE-2025-71225, CVE-2025-71268, CVE-2026-22976, CVE-2026-22977,
CVE-2026-22978, CVE-2026-22979, CVE-2026-22980, CVE-2026-22982,
CVE-2026-22984, CVE-2026-22990, CVE-2026-22991, CVE-2026-22992,
CVE-2026-22994, CVE-2026-22996, CVE-2026-22997, CVE-2026-22998,
CVE-2026-22999, CVE-2026-23000, CVE-2026-23001, CVE-2026-23003,
CVE-2026-23005, CVE-2026-23006, CVE-2026-23010, CVE-2026-23011,
CVE-2026-23019, CVE-2026-23020, CVE-2026-23021, CVE-2026-23025,
CVE-2026-23026, CVE-2026-23030, CVE-2026-23031, CVE-2026-23032,
CVE-2026-23033, CVE-2026-23035, CVE-2026-23037, CVE-2026-23038,
CVE-2026-23047, CVE-2026-23049, CVE-2026-23050, CVE-2026-23053,
CVE-2026-23054, CVE-2026-23056, CVE-2026-23057, CVE-2026-23058,
CVE-2026-23059, CVE-2026-23061, CVE-2026-23062, CVE-2026-23063,
CVE-2026-23064, CVE-2026-23065, CVE-2026-23068, CVE-2026-23069,
CVE-2026-23071, CVE-2026-23073, CVE-2026-23075, CVE-2026-23076,
CVE-2026-23078, CVE-2026-23080, CVE-2026-23083, CVE-2026-23084,
CVE-2026-23085, CVE-2026-23086, CVE-2026-23087, CVE-2026-23088,
CVE-2026-23089, CVE-2026-23090, CVE-2026-23091, CVE-2026-23093,
CVE-2026-23094, CVE-2026-23095, CVE-2026-23096, CVE-2026-23097,
CVE-2026-23098, CVE-2026-23099, CVE-2026-23101, CVE-2026-23102,
CVE-2026-23103, CVE-2026-23105, CVE-2026-23107, CVE-2026-23108,
CVE-2026-23110, CVE-2026-23112, CVE-2026-23113, CVE-2026-23116,
CVE-2026-23119, CVE-2026-23120, CVE-2026-23121, CVE-2026-23123,
CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128,
CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23135,
CVE-2026-23136, CVE-2026-23139, CVE-2026-23140, CVE-2026-23141,
CVE-2026-23142, CVE-2026-23144, CVE-2026-23145, CVE-2026-23146,
CVE-2026-23148, CVE-2026-23150, CVE-2026-23151, CVE-2026-23156,
CVE-2026-23159, CVE-2026-23160, CVE-2026-23163, CVE-2026-23164,
CVE-2026-23166, CVE-2026-23167, CVE-2026-23168, CVE-2026-23170,
CVE-2026-23172, CVE-2026-23173, CVE-2026-23176, CVE-2026-23178,
CVE-2026-23179, CVE-2026-23180, CVE-2026-23182, CVE-2026-23187,
CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198,
CVE-2026-23204, CVE-2026-23205, CVE-2026-23206, CVE-2026-23209,
CVE-2026-23212, CVE-2026-23213, CVE-2026-23214, CVE-2026-23215,
CVE-2026-23216, CVE-2026-23231, CVE-2026-23254, CVE-2026-23256,
CVE-2026-23257, CVE-2026-23258, CVE-2026-23260, CVE-2026-23261,
CVE-2026-23262, CVE-2026-23264, CVE-2026-23274, CVE-2026-23351,
CVE-2026-23394, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533,
CVE-2026-31676, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078,
CVE-2026-43362, CVE-2026-43494, CVE-2026-46028, CVE-2026-46323)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
linux-image-6.8.0-1059-azure 6.8.0-1059.65~22.04.1
linux-image-azure 6.8.0-1059.65~22.04.1
linux-image-azure-6.8 6.8.0-1059.65~22.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8440-1
CVE-2024-36347, CVE-2024-50004, CVE-2024-57795, CVE-2024-58096,
CVE-2024-58097, CVE-2025-22022, CVE-2025-22111, CVE-2025-37926,
CVE-2025-38022, CVE-2025-38201, CVE-2025-38234, CVE-2025-38591,
CVE-2025-40039, CVE-2025-40082, CVE-2025-40149, CVE-2025-40164,
CVE-2025-40325, CVE-2025-68206, CVE-2025-68254, CVE-2025-68255,
CVE-2025-68256, CVE-2025-68257, CVE-2025-68258, CVE-2025-68259,
CVE-2025-68261, CVE-2025-68263, CVE-2025-68264, CVE-2025-68265,
CVE-2025-68266, CVE-2025-68291, CVE-2025-68325, CVE-2025-68332,
CVE-2025-68335, CVE-2025-68336, CVE-2025-68337, CVE-2025-68344,
CVE-2025-68345, CVE-2025-68346, CVE-2025-68347, CVE-2025-68349,
CVE-2025-68351, CVE-2025-68354, CVE-2025-68358, CVE-2025-68362,
CVE-2025-68363, CVE-2025-68364, CVE-2025-68365, CVE-2025-68366,
CVE-2025-68367, CVE-2025-68369, CVE-2025-68371, CVE-2025-68372,
CVE-2025-68374, CVE-2025-68378, CVE-2025-68379, CVE-2025-68380,
CVE-2025-68724, CVE-2025-68725, CVE-2025-68727, CVE-2025-68728,
CVE-2025-68732, CVE-2025-68733, CVE-2025-68740, CVE-2025-68741,
CVE-2025-68742, CVE-2025-68744, CVE-2025-68746, CVE-2025-68749,
CVE-2025-68753, CVE-2025-68755, CVE-2025-68756, CVE-2025-68757,
CVE-2025-68758, CVE-2025-68759, CVE-2025-68763, CVE-2025-68764,
CVE-2025-68765, CVE-2025-68766, CVE-2025-68767, CVE-2025-68769,
CVE-2025-68770, CVE-2025-68771, CVE-2025-68772, CVE-2025-68773,
CVE-2025-68774, CVE-2025-68775, CVE-2025-68776, CVE-2025-68777,
CVE-2025-68778, CVE-2025-68780, CVE-2025-68782, CVE-2025-68783,
CVE-2025-68785, CVE-2025-68786, CVE-2025-68787, CVE-2025-68788,
CVE-2025-68794, CVE-2025-68795, CVE-2025-68796, CVE-2025-68797,
CVE-2025-68798, CVE-2025-68799, CVE-2025-68800, CVE-2025-68801,
CVE-2025-68803, CVE-2025-68804, CVE-2025-68806, CVE-2025-68808,
CVE-2025-68809, CVE-2025-68810, CVE-2025-68811, CVE-2025-68813,
CVE-2025-68814, CVE-2025-68815, CVE-2025-68816, CVE-2025-68817,
CVE-2025-68818, CVE-2025-68819, CVE-2025-68820, CVE-2025-68821,
CVE-2025-68823, CVE-2025-71064, CVE-2025-71065, CVE-2025-71066,
CVE-2025-71067, CVE-2025-71068, CVE-2025-71069, CVE-2025-71071,
CVE-2025-71072, CVE-2025-71075, CVE-2025-71077, CVE-2025-71078,
CVE-2025-71079, CVE-2025-71081, CVE-2025-71082, CVE-2025-71083,
CVE-2025-71084, CVE-2025-71085, CVE-2025-71086, CVE-2025-71087,
CVE-2025-71088, CVE-2025-71089, CVE-2025-71091, CVE-2025-71093,
CVE-2025-71094, CVE-2025-71095, CVE-2025-71096, CVE-2025-71097,
CVE-2025-71098, CVE-2025-71101, CVE-2025-71102, CVE-2025-71104,
CVE-2025-71105, CVE-2025-71107, CVE-2025-71108, CVE-2025-71109,
CVE-2025-71111, CVE-2025-71112, CVE-2025-71113, CVE-2025-71114,
CVE-2025-71116, CVE-2025-71118, CVE-2025-71119, CVE-2025-71120,
CVE-2025-71121, CVE-2025-71122, CVE-2025-71123, CVE-2025-71125,
CVE-2025-71126, CVE-2025-71127, CVE-2025-71130, CVE-2025-71131,
CVE-2025-71132, CVE-2025-71133, CVE-2025-71135, CVE-2025-71136,
CVE-2025-71137, CVE-2025-71138, CVE-2025-71140, CVE-2025-71141,
CVE-2025-71143, CVE-2025-71144, CVE-2025-71147, CVE-2025-71148,
CVE-2025-71150, CVE-2025-71151, CVE-2025-71153, CVE-2025-71154,
CVE-2025-71160, CVE-2025-71162, CVE-2025-71163, CVE-2025-71180,
CVE-2025-71182, CVE-2025-71183, CVE-2025-71184, CVE-2025-71185,
CVE-2025-71186, CVE-2025-71188, CVE-2025-71189, CVE-2025-71190,
CVE-2025-71191, CVE-2025-71192, CVE-2025-71193, CVE-2025-71194,
CVE-2025-71195, CVE-2025-71196, CVE-2025-71197, CVE-2025-71198,
CVE-2025-71199, CVE-2025-71200, CVE-2025-71220, CVE-2025-71222,
CVE-2025-71224, CVE-2025-71225, CVE-2025-71268, CVE-2026-22976,
CVE-2026-22977, CVE-2026-22978, CVE-2026-22979, CVE-2026-22980,
CVE-2026-22982, CVE-2026-22984, CVE-2026-22990, CVE-2026-22991,
CVE-2026-22992, CVE-2026-22994, CVE-2026-22996, CVE-2026-22997,
CVE-2026-22998, CVE-2026-22999, CVE-2026-23000, CVE-2026-23001,
CVE-2026-23003, CVE-2026-23005, CVE-2026-23006, CVE-2026-23010,
CVE-2026-23011, CVE-2026-23019, CVE-2026-23020, CVE-2026-23021,
CVE-2026-23025, CVE-2026-23026, CVE-2026-23030, CVE-2026-23031,
CVE-2026-23032, CVE-2026-23033, CVE-2026-23035, CVE-2026-23037,
CVE-2026-23038, CVE-2026-23047, CVE-2026-23049, CVE-2026-23050,
CVE-2026-23053, CVE-2026-23054, CVE-2026-23056, CVE-2026-23057,
CVE-2026-23058, CVE-2026-23059, CVE-2026-23061, CVE-2026-23062,
CVE-2026-23063, CVE-2026-23064, CVE-2026-23065, CVE-2026-23068,
CVE-2026-23069, CVE-2026-23071, CVE-2026-23073, CVE-2026-23075,
CVE-2026-23076, CVE-2026-23078, CVE-2026-23080, CVE-2026-23083,
CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087,
CVE-2026-23088, CVE-2026-23089, CVE-2026-23090, CVE-2026-23091,
CVE-2026-23093, CVE-2026-23094, CVE-2026-23095, CVE-2026-23096,
CVE-2026-23097, CVE-2026-23098, CVE-2026-23099, CVE-2026-23101,
CVE-2026-23102, CVE-2026-23103, CVE-2026-23105, CVE-2026-23107,
CVE-2026-23108, CVE-2026-23110, CVE-2026-23112, CVE-2026-23113,
CVE-2026-23116, CVE-2026-23119, CVE-2026-23120, CVE-2026-23121,
CVE-2026-23123, CVE-2026-23124, CVE-2026-23125, CVE-2026-23126,
CVE-2026-23128, CVE-2026-23129, CVE-2026-23131, CVE-2026-23133,
CVE-2026-23135, CVE-2026-23136, CVE-2026-23139, CVE-2026-23140,
CVE-2026-23141, CVE-2026-23142, CVE-2026-23144, CVE-2026-23145,
CVE-2026-23146, CVE-2026-23148, CVE-2026-23150, CVE-2026-23151,
CVE-2026-23156, CVE-2026-23159, CVE-2026-23160, CVE-2026-23163,
CVE-2026-23164, CVE-2026-23166, CVE-2026-23167, CVE-2026-23168,
CVE-2026-23170, CVE-2026-23172, CVE-2026-23173, CVE-2026-23176,
CVE-2026-23178, CVE-2026-23179, CVE-2026-23180, CVE-2026-23182,
CVE-2026-23187, CVE-2026-23190, CVE-2026-23191, CVE-2026-23193,
CVE-2026-23198, CVE-2026-23204, CVE-2026-23205, CVE-2026-23206,
CVE-2026-23209, CVE-2026-23212, CVE-2026-23213, CVE-2026-23214,
CVE-2026-23215, CVE-2026-23216, CVE-2026-23231, CVE-2026-23254,
CVE-2026-23256, CVE-2026-23257, CVE-2026-23258, CVE-2026-23260,
CVE-2026-23261, CVE-2026-23262, CVE-2026-23264, CVE-2026-23274,
CVE-2026-23351, CVE-2026-23394, CVE-2026-31419, CVE-2026-31431,
CVE-2026-31504, CVE-2026-31533, CVE-2026-31676, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078, CVE-2026-43284, CVE-2026-43362,
CVE-2026-43494, CVE-2026-43500, CVE-2026-43503, CVE-2026-45998,
CVE-2026-46000, CVE-2026-46028, CVE-2026-46300, CVE-2026-46323,
CVE-2026-46333, CVE-2026-47326, CVE-2026-47327, CVE-2026-47328,
CVE-2026-47329, CVE-2026-47330, CVE-2026-47331, CVE-2026-47332,
CVE-2026-47333, CVE-2026-47334, CVE-2026-47335, CVE-2026-47336,
CVE-2026-47337
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure-6.8/6.8.0-1059.65~22.04.1
[USN-8426-2] Linux kernel (Azure) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8426-2
June 16, 2026
linux-azure vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
Details:
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges, or possibly escape
a container. (CVE-2026-31431)
It was discovered that the Linux kernel did not properly handle shared page
fragments during socket buffer operations, collectively known as Dirty
Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the
RxRPC networking subsystem when processing paged fragments. A local
attacker could use this to escalate privileges, or possibly escape a
container. (CVE-2026-43284, CVE-2026-43500)
It was discovered that a logic flaw existed in the XFRM ESP-in-TCP
subsystem in the Linux kernel when handling socket buffer fragments. This
flaw is known as Fragnesia. A local attacker could use this to escalate
privileges, or possibly escape a container. (CVE-2026-43503,
CVE-2026-46300)
Qualys discovered that a race condition existed in the ptrace subsystem of
the Linux kernel when privileged processes are exiting. An unprivileged
local attacker could use this issue to expose sensitive information.
(CVE-2026-46333)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
- Ethernet bonding driver;
- SMB network file system;
- Netfilter;
- io_uring subsystem;
- Packet sockets;
- RDS protocol;
- TLS protocol;
(CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351,
CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033,
CVE-2026-43077, CVE-2026-43078, CVE-2026-43494, CVE-2026-46028)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
linux-image-5.15.0-1114-azure 5.15.0-1114.123
linux-image-azure-5.15 5.15.0.1114.112
linux-image-azure-lts-22.04 5.15.0.1114.112
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8426-2
https://ubuntu.com/security/notices/USN-8426-1
CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351,
CVE-2026-31419, CVE-2026-31431, CVE-2026-31504, CVE-2026-31533,
CVE-2026-43033, CVE-2026-43077, CVE-2026-43078, CVE-2026-43284,
CVE-2026-43494, CVE-2026-43500, CVE-2026-43503, CVE-2026-46028,
CVE-2026-46300, CVE-2026-46333
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1114.123
[USN-8412-2] QEMU regression
==========================================================================
Ubuntu Security Notice USN-8412-2
June 16, 2026
qemu regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
USN-8412-1 introduced a regression in QEMU
Software Description:
- qemu: Machine emulator and virtualizer
Details:
USN-8412-1 fixed vulnerabilities in QEMU. On both Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS, the fix for CVE-2024-7409 was incomplete and resulted
in a regression that could cause qemu-nbd to crash when a client connected.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the
iSCSI block driver in QEMU incorrectly handled certain responses from an
iSCSI server. A remote attacker could possibly use this issue to cause QEMU
to crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-1711)
It was discovered that the iSCSI block driver in QEMU incorrectly handled
certain memory operations, leading to a heap-based buffer over-read. An
attacker could possibly use this issue to expose sensitive information from
the host. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-11947)
Ziming Zhang discovered that the SM501 display driver in QEMU contained an
integer overflow. A local attacker could possibly use this issue to cause
QEMU to crash, resulting in a denial of service. This issue only affected
Ubuntu 14.04 LTS. (CVE-2020-12829)
Gaoning Pan and Xingwei Li discovered that the USB xHCI controller
implementation in QEMU contained an infinite loop. An attacker inside the
guest could possibly use this issue to cause QEMU to hang, resulting in a
denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04
LTS, and Ubuntu 18.04 LTS. (CVE-2020-14394)
Lei Sun discovered that QEMU incorrectly handled certain MemoryRegionOps
objects, leading to a NULL pointer dereference. An attacker inside the
guest could possibly use this issue to cause QEMU to crash, resulting in a
denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu
16.04 LTS. (CVE-2020-15469)
Alexander Bulekov discovered that the e1000e network device implementation
in QEMU contained a use-after-free. An attacker inside the guest could
possibly use this issue to cause QEMU to crash, resulting in a denial of
service. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-15859)
Ziming Zhang discovered that the XGMAC Ethernet controller in QEMU
contained a buffer overflow. An attacker inside the guest could possibly
use this issue to cause QEMU to crash, resulting in a denial of service, or
possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS.
(CVE-2020-15863)
Alexander Bulekov discovered that the SDHCI device emulation in QEMU
contained a heap-based buffer overflow. An attacker inside the guest could
possibly use this issue to cause QEMU to crash, resulting in a denial of
service, or possibly execute arbitrary code. This issue only affected
Ubuntu 14.04 LTS. (CVE-2020-17380)
Sergej Schumilo, Cornelius Aschermann, and Simon Wörner discovered that the
USB xHCI controller implementation in QEMU did not check a return value,
leading to a use-after-free. An attacker inside the guest could possibly
use this issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 14.04 LTS. (CVE-2020-25084)
Gaoning Pan, Yongkang Jia, and Yi Ren discovered that the USB OHCI
controller implementation in QEMU contained a stack-based buffer over-read.
An attacker inside the guest could possibly use this issue to cause QEMU to
crash, resulting in a denial of service. This issue only affected Ubuntu
14.04 LTS. (CVE-2020-25624)
It was discovered that the USB OHCI controller implementation in QEMU
contained an infinite loop. An attacker inside the guest could possibly use
this issue to cause QEMU to consume resources, resulting in a denial of
service. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-25625)
Cheolwoo Myung discovered that the USB EHCI emulation in QEMU did not
handle DMA memory map failures, leading to a reachable assertion. An
attacker inside the guest could possibly use this issue to cause QEMU to
crash, resulting in a denial of service. This issue only affected Ubuntu
14.04 LTS. (CVE-2020-25723)
Gaoning Pan discovered that the network device emulation in QEMU could be
made to trigger an assertion failure when processing packets that lacked a
valid layer 3 protocol. An attacker inside the guest could possibly use
this issue to cause QEMU to crash, resulting in a denial of service. This
issue only affected Ubuntu 14.04 LTS. (CVE-2020-27617)
Wenxiang Qian discovered that the ATAPI emulation in QEMU did not properly
validate a buffer index, leading to an out-of-bounds read. An attacker
inside the guest could possibly use this issue to expose sensitive
information or cause QEMU to crash, resulting in a denial of service. This
issue only affected Ubuntu 14.04 LTS. (CVE-2020-29443)
Cheolwoo Myung discovered that the ESP SCSI emulation in QEMU contained a
NULL pointer dereference. An attacker inside the guest could possibly use
this issue to cause QEMU to crash, resulting in a denial of service. This
issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2020-35504)
Cheolwoo Myung discovered that the am53c974 SCSI host bus adapter emulation
in QEMU contained a NULL pointer dereference. An attacker inside the guest
could possibly use this issue to cause QEMU to crash, resulting in a denial
of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2020-35505)
It was discovered that the SDHCI controller emulation in QEMU contained
out-of-bounds read and write issues. An attacker inside the guest could
possibly use this issue to cause QEMU to crash, resulting in a denial of
service, or possibly execute arbitrary code. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2021-3409)
It was discovered that several network device emulations in QEMU contained
an infinite loop when operating in loopback mode. An attacker inside the
guest could possibly use this issue to cause QEMU to crash, resulting in a
denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu
16.04 LTS. (CVE-2021-3416)
Alexander Bulekov discovered that the floppy disk emulation in QEMU
contained a heap-based buffer overflow. An attacker inside the guest could
possibly use this issue to expose sensitive information or cause QEMU to
crash, resulting in a denial of service. This issue only affected Ubuntu
14.04 LTS and Ubuntu 16.04 LTS. (CVE-2021-3507)
Remy Noel discovered that the USB redirector device emulation in QEMU
performed an unbounded stack allocation when combining USB packets. An
attacker inside the guest could possibly use this issue to cause QEMU to
crash, resulting in a denial of service. This issue only affected Ubuntu
14.04 LTS and Ubuntu 16.04 LTS. (CVE-2021-3527)
It was discovered that the QXL display device emulation in QEMU contained
an integer overflow, leading to a heap-based buffer overflow. An attacker
inside the guest could possibly use this issue to cause QEMU to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2021-4206)
It was discovered that the QXL display device emulation in QEMU performed a
double fetch of guest-controlled values, leading to a heap-based buffer
overflow. An attacker inside the guest could possibly use this issue to
cause QEMU to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04
LTS. (CVE-2021-4207)
It was discovered that the 9pfs server implementation in QEMU contained a
race condition, leading to a use-after-free. A malicious 9p client could
possibly use this issue to escalate privileges. This issue only affected
Ubuntu 14.04 LTS. (CVE-2021-20181)
Gaoning Pan discovered that the floppy disk emulation in QEMU contained a
NULL pointer dereference. An attacker inside the guest could possibly use
this issue to cause QEMU to crash, resulting in a denial of service. This
issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2021-20196)
Gaoning Pan discovered that the vmxnet3 network device emulation in QEMU
contained an integer overflow. An attacker inside the guest could possibly
use this issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2021-20203)
It was discovered that the ARM Generic Interrupt Controller emulation in
QEMU contained an out-of-bounds heap access. An attacker inside the guest
could possibly use this issue to cause QEMU to crash, resulting in a denial
of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2021-20221)
Alexander Bulekov, Cheolwoo Myung, Sergej Schumilo, Cornelius Aschermann,
and Simon Wörner discovered that the e1000 network device emulation in QEMU
contained an infinite loop. An attacker inside the guest could possibly use
this issue to cause QEMU to consume resources, resulting in a denial of
service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2021-20257)
It was discovered that the 9p passthrough file system implementation in
QEMU did not prevent opening special files on the host. A malicious guest
could possibly use this issue to escape the exported 9p tree. This issue
only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS.
(CVE-2023-2861)
It was discovered that the virtio crypto device emulation in QEMU did not
properly validate certain buffer lengths, leading to a heap buffer
overflow. An attacker inside the guest could possibly use this issue to
cause QEMU to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2023-3180)
It was discovered that the built-in VNC server in QEMU contained a NULL
pointer dereference when cleaning up a connection that failed during the
handshake. A remote attacker could possibly use this issue to cause QEMU to
crash, resulting in a denial of service. This issue only affected Ubuntu
18.04 LTS. (CVE-2023-3354)
It was discovered that QEMU could incorrectly direct a guest I/O operation
to disk offset 0 instead of the intended offset. An attacker inside the
guest could possibly use this issue to read or overwrite sensitive data,
potentially gaining control of the host. This issue only affected Ubuntu
14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. (CVE-2023-5088)
It was discovered that several virtio device emulations in QEMU did not
properly guard against DMA reentrancy, leading to a double free. An
attacker inside the guest could possibly use this issue to cause QEMU to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2024-3446)
It was discovered that the SDHCI device emulation in QEMU contained a heap-
based buffer overflow. An attacker inside the guest could possibly use this
issue to cause QEMU to crash, resulting in a denial of service.
(CVE-2024-3447)
It was discovered that the QEMU disk image utility (qemu-img) did not
properly handle certain crafted image files. An attacker could possibly use
this issue to cause qemu-img to consume excessive resources or access an
unintended external file, resulting in a denial of service. This issue only
affected Ubuntu 20.04 LTS. (CVE-2024-4467)
Cyrille Chatras discovered that the LSI53C895A SCSI Host Bus Adapter
emulation in QEMU contained a use-after-free. An attacker inside the guest
could possibly use this issue to cause QEMU to crash, resulting in a denial
of service, or possibly execute arbitrary code. (CVE-2024-6519)
It was discovered that the NBD server in QEMU contained an improper
synchronization issue during socket closure. A remote attacker could
possibly use this issue to cause QEMU to crash, resulting in a denial of
service. (CVE-2024-7409)
It was discovered that the USB emulation in QEMU contained a reachable
assertion. An attacker inside the guest could possibly use this issue to
cause QEMU to crash, resulting in a denial of service. (CVE-2024-8354)
It was discovered that QEMU incorrectly handled resources during the VNC
WebSocket handshake, leading to a use-after-free. A remote attacker could
possibly use this issue to cause QEMU to crash, resulting in a denial of
service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2025-11234)
It was discovered that QEMU could be made to read out of bounds when
reading VMDK images. An attacker could possibly use this issue to expose
sensitive information or cause QEMU to crash, resulting in a denial of
service. (CVE-2026-2243)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
qemu-block-extra 1:4.2-3ubuntu6.30+esm2
Available with Ubuntu Pro
qemu-utils 1:4.2-3ubuntu6.30+esm2
Available with Ubuntu Pro
Ubuntu 18.04 LTS
qemu-block-extra 1:2.11+dfsg-1ubuntu7.42+esm6
Available with Ubuntu Pro
qemu-utils 1:2.11+dfsg-1ubuntu7.42+esm6
Available with Ubuntu Pro
After a standard system update you need to restart all QEMU virtual
machines to make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8412-2
https://ubuntu.com/security/notices/USN-8412-1
CVE-2024-7409
[USN-8433-1] OpenStack Keystone vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8433-1
June 16, 2026
keystone vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Several security issues were fixed in OpenStack Keystone.
Software Description:
- keystone: OpenStack identity service
Details:
It was discovered that OpenStack Keystone allowed restricted application
credentials to create EC2 credentials. An authenticated attacker with only
a reader role could possibly use this issue to bypass the role restrictions
imposed on the application credential. (CVE-2026-33551)
It was discovered that the OpenStack Keystone LDAP identity backend did
not correctly convert the user enabled attribute to a boolean value.
An attacker could possibly use this issue to authenticate as a user disabled
in LDAP. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS,
and Ubuntu 25.10. (CVE-2026-40683)
It was discovered that OpenStack Keystone's application credential
authentication plugin did not verify that the user supplied in an
authentication request matched the credential owner. An authenticated
attacker could possibly impersonate another user and gain access to their
tokens and credentials. (CVE-2026-42998)
It was discovered that OpenStack Keystone's RBAC policy enforcer
unconditionally merged the raw JSON request body into the policy enforcement
dictionary, overwriting trusted target data. An authenticated attacker could
possibly use this issue to inject arbitrary policy attributes to bypass RBAC
checks. (CVE-2026-42999)
It was discovered that OpenStack Keystone allowed an attacker with the member
role to escalate privileges to admin by chaining application credential
impersonation with Keystone trusts. An attacker could possibly use this
issue to create a persistent trust delegating the victim's admin role to
themselves. (CVE-2026-43000)
It was discovered that OpenStack Keystone did not validate that the project_id
for an EC2 credential matched the project of the authenticating application
credential. An attacker with valid credentials for one project could possibly
use this issue to create EC2 credentials targeting a different project.
(CVE-2026-43001)
It was discovered that OpenStack Keystone's federated token rescoping mechanism
did not propagate the original token's expiry to the newly issued token. A
remote attacker could possibly use this issue to maintain access indefinitely by
repeatedly rescoping tokens before expiry. (CVE-2026-44394)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 26.04 LTS
keystone 2:29.0.0-0ubuntu1.2
keystone-common 2:29.0.0-0ubuntu1.2
keystone-doc 2:29.0.0-0ubuntu1.2
python3-keystone 2:29.0.0-0ubuntu1.2
Ubuntu 25.10
keystone 2:28.0.0-0ubuntu1.3
keystone-common 2:28.0.0-0ubuntu1.3
keystone-doc 2:28.0.0-0ubuntu1.3
python3-keystone 2:28.0.0-0ubuntu1.3
Ubuntu 24.04 LTS
keystone 2:25.0.0-0ubuntu1.4
keystone-common 2:25.0.0-0ubuntu1.4
keystone-doc 2:25.0.0-0ubuntu1.4
python3-keystone 2:25.0.0-0ubuntu1.4
Ubuntu 22.04 LTS
keystone 2:21.0.1-0ubuntu2.4
keystone-common 2:21.0.1-0ubuntu2.4
keystone-doc 2:21.0.1-0ubuntu2.4
python3-keystone 2:21.0.1-0ubuntu2.4
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8433-1
CVE-2026-33551, CVE-2026-40683, CVE-2026-42998, CVE-2026-42999,
CVE-2026-43000, CVE-2026-43001, CVE-2026-44394
Package Information:
https://launchpad.net/ubuntu/+source/keystone/2:29.0.0-0ubuntu1.2
https://launchpad.net/ubuntu/+source/keystone/2:28.0.0-0ubuntu1.3
https://launchpad.net/ubuntu/+source/keystone/2:25.0.0-0ubuntu1.4
https://launchpad.net/ubuntu/+source/keystone/2:21.0.1-0ubuntu2.4
[USN-8439-1] Linux kernel (Oracle) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-8439-1
June 16, 2026
linux-oracle-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-oracle-5.15: Linux kernel for Oracle Cloud systems
Details:
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS
implementation in the Ubuntu Linux kernel did not properly perform
permission checks in certain situations. A local attacker could possibly
use this to gain elevated privileges. (CVE-2023-2640)
Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in
the Ubuntu Linux kernel did not properly perform permission checks in
certain situations. A local attacker could possibly use this to gain
elevated privileges. (CVE-2023-32629)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- NVME drivers;
- SMB network file system;
- Netfilter;
- io_uring subsystem;
(CVE-2024-35862, CVE-2024-50060, CVE-2026-23112, CVE-2026-23273,
CVE-2026-23274, CVE-2026-23351)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.15.0-1104-oracle 5.15.0-1104.110~20.04.1
Available with Ubuntu Pro
linux-image-oracle 5.15.0.1104.110~20.04.1
Available with Ubuntu Pro
linux-image-oracle-5.15 5.15.0.1104.110~20.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-8439-1
CVE-2023-2640, CVE-2023-32629, CVE-2024-35862, CVE-2024-50060,
CVE-2026-23112, CVE-2026-23273, CVE-2026-23274, CVE-2026-23351
