{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [ "linux-headers-7.0.0-22", "linux-headers-7.0.0-22-generic", "linux-image-7.0.0-22-generic", "linux-main-modules-zfs-7.0.0-22-generic", "linux-modules-7.0.0-22-generic", "linux-tools-7.0.0-22", "linux-tools-7.0.0-22-generic" ], "removed": [ "linux-headers-7.0.0-15", "linux-headers-7.0.0-15-generic", "linux-image-7.0.0-15-generic", "linux-main-modules-zfs-7.0.0-15-generic", "linux-modules-7.0.0-15-generic", "linux-tools-7.0.0-15", "linux-tools-7.0.0-15-generic" ], "diff": [ "bind9-dnsutils", "bind9-host", "bind9-libs:ppc64el", "bpftool", "inetutils-telnet", "libgcrypt20:ppc64el", "libssh2-1t64:ppc64el", "libssl3t64:ppc64el", "linux-headers-generic", "linux-headers-virtual", "linux-image-virtual", "linux-libc-dev:ppc64el", "linux-perf", "linux-tools-common", "linux-virtual", "nano", "openssl", "openssl-provider-legacy", "python3-twisted", "python3-urllib3", "rsync", "snapd", "telnet", "vim", "vim-common", "vim-runtime", "vim-tiny", "xxd" ] } }, "diff": { "deb": [ { "name": "bind9-dnsutils", "from_version": { "source_package_name": "bind9", "source_package_version": "1:9.20.18-1ubuntu2", "version": "1:9.20.18-1ubuntu2" }, "to_version": { "source_package_name": "bind9", "source_package_version": "1:9.20.18-1ubuntu2.1", "version": "1:9.20.18-1ubuntu2.1" }, "cves": [ { "cve": "CVE-2026-3039", "url": "https://ubuntu.com/security/CVE-2026-3039", "cve_description": "BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments. This issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3592", "url": "https://ubuntu.com/security/CVE-2026-3592", "cve_description": "BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3593", "url": "https://ubuntu.com/security/CVE-2026-3593", "cve_description": "A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5946", "url": "https://ubuntu.com/security/CVE-2026-5946", "cve_description": "Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5947", "url": "https://ubuntu.com/security/CVE-2026-5947", "cve_description": "Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. If, during that validation, the \"recursive-clients\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5950", "url": "https://ubuntu.com/security/CVE-2026-5950", "cve_description": "An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-1519", "url": "https://ubuntu.com/security/CVE-2026-1519", "cve_description": "If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" }, { "cve": "CVE-2026-3104", "url": "https://ubuntu.com/security/CVE-2026-3104", "cve_description": "A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-3039", "url": "https://ubuntu.com/security/CVE-2026-3039", "cve_description": "BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments. This issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3592", "url": "https://ubuntu.com/security/CVE-2026-3592", "cve_description": "BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3593", "url": "https://ubuntu.com/security/CVE-2026-3593", "cve_description": "A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5946", "url": "https://ubuntu.com/security/CVE-2026-5946", "cve_description": "Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5947", "url": "https://ubuntu.com/security/CVE-2026-5947", "cve_description": "Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. If, during that validation, the \"recursive-clients\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5950", "url": "https://ubuntu.com/security/CVE-2026-5950", "cve_description": "An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-1519", "url": "https://ubuntu.com/security/CVE-2026-1519", "cve_description": "If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" }, { "cve": "CVE-2026-3104", "url": "https://ubuntu.com/security/CVE-2026-3104", "cve_description": "A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: BIND 9 server memory exhaustion during GSS-API TKEY", " negotiation", " - debian/patches/CVE-2026-3039-pre1.patch: Release gnamebuf also on the", " error path in lib/dns/gssapictx.c.", " - debian/patches/CVE-2026-3039-1.patch: Fix GSS-API context leak in TKEY", " negotiation in lib/dns/gssapictx.c, lib/dns/include/dst/gssapi.h,", " lib/dns/tkey.c.", " - debian/patches/CVE-2026-3039-3.patch: Fix output token and GSS context", " leaks in TKEY/GSS-API error paths in lib/dns/gssapictx.c,", " lib/dns/tkey.c.", " - CVE-2026-3039", " * SECURITY UPDATE: Amplification vulnerabilities via self-pointed glue", " records", " - debian/patches/CVE-2026-3592-1.patch: Limit the number of addresses", " returned per ADB find in bin/named/main.c, lib/dns/adb.c.", " - debian/patches/CVE-2026-3592-2.patch: Remove duplicate addresses from", " the resolver SLIST in lib/dns/resolver.c.", " - debian/patches/CVE-2026-3592-3.patch: Add system test for self-pointed", " glue deduplication in bin/tests/system/selfpointedglue/ns1/named.conf.j2,", " bin/tests/system/selfpointedglue/ns1/root.db,", " bin/tests/system/selfpointedglue/ns2/named.conf.j2,", " bin/tests/system/selfpointedglue/ns2/tld.db,", " bin/tests/system/selfpointedglue/ns3/example.tld.db,", " bin/tests/system/selfpointedglue/ns3/example2.tld.db,", " bin/tests/system/selfpointedglue/ns3/named.conf.j2,", " bin/tests/system/selfpointedglue/ns4/named.args.j2,", " bin/tests/system/selfpointedglue/ns4/named.conf.j2,", " bin/tests/system/selfpointedglue/ns4/root.hint,", " bin/tests/system/selfpointedglue/tests_selfpointedglue.py.", " - debian/patches/CVE-2026-3592-4.patch: Add SRTT-based server selection", " system test in bin/tests/system/srtt/README,", " bin/tests/system/srtt/ans2/ans.py, bin/tests/system/srtt/ans3/ans.py,", " bin/tests/system/srtt/ans4/ans.py, bin/tests/system/srtt/ans5/ans.py,", " bin/tests/system/srtt/ns1/named.conf.j2,", " bin/tests/system/srtt/ns1/root.db, bin/tests/system/srtt/ns6/named.args,", " bin/tests/system/srtt/ns6/named.conf.j2,", " bin/tests/system/srtt/srtt_ans.py, bin/tests/system/srtt/tests_srtt.py.", " - CVE-2026-3592", " * SECURITY UPDATE: Heap use-after-free vulnerability in BIND 9", " DNS-over-HTTPS implementation", " - debian/patches/CVE-2026-3593-1.patch: Add system test for HTTP/2", " SETTINGS frame flood in bin/tests/system/doth/tests_malicious.py.", " - debian/patches/CVE-2026-3593-2.patch: Fix use-after-free in DoH write", " buffer after HTTP/2 send in lib/isc/netmgr/http.c.", " - CVE-2026-3593", " * SECURITY UPDATE: Invalid handling of CLASS != IN", " - debian/patches/CVE-2026-5946-1.patch: Disable recursion for non-IN", " classes in bin/named/server.c, lib/isccfg/check.c.", " - debian/patches/CVE-2026-5946-2.patch: Disable UPDATE and NOTIFY for", " non-IN classes in bin/named/server.c, lib/dns/adb.c,", " lib/ns/client.c, lib/ns/update.c.", " - debian/patches/CVE-2026-5946-3.patch: Validate DNS message CLASS early", " in request processing in bin/tests/system/unknown/tests.sh,", " lib/ns/client.c.", " - debian/patches/CVE-2026-5946-4.patch: Reject meta-classes in UPDATE and", " NOTIFY messages in lib/dns/message.c.", " - debian/patches/CVE-2026-5946-5.patch: Skip \"deny-answer-address\" for", " non-IN addresses in lib/dns/resolver.c.", " - debian/patches/CVE-2026-5946-6.patch: Test CHAOS view recursion behavior", " in bin/tests/system/checkconf/tests.sh,", " bin/tests/system/checkconf/warn-chaos-recursion.conf,", " bin/tests/system/class/ns1/chaos.db.in,", " bin/tests/system/class/ns1/named.conf.j2,", " bin/tests/system/class/ns2/example.db.in,", " bin/tests/system/class/ns2/localhost.db.in,", " bin/tests/system/class/ns2/named.conf.j2,", " bin/tests/system/class/ns3/named.conf.j2, bin/tests/system/class/setup.sh,", " bin/tests/system/class/tests_class_chaos.py,", " bin/tests/system/isctest/check.py.", " - debian/patches/CVE-2026-5946-7.patch: Test UPDATE behavior in CHAOS and", " other non-IN classes in bin/named/server.c,", " bin/tests/system/class/ns2/localhost.db.in,", " bin/tests/system/class/tests_class_update.py.", " - debian/patches/CVE-2026-5946-8.patch: Test server behavior when sending", " various UPDATE requests in bin/tests/system/class/tests_class_update.py,", " bin/tests/system/nsupdate/setup.sh, bin/tests/system/nsupdate/tests.sh,", " bin/tests/system/packet.pl.", " - debian/patches/CVE-2026-5946-9.patch: Make the RD flag optional in", " isctest.query() in bin/tests/system/isctest/query.py.", " - CVE-2026-5946", " * SECURITY UPDATE: SIG(0) validation during query flood may lead to", " undefined behavior", " - debian/patches/CVE-2026-5947.patch: Fix use-after-free in resolver SIG(0)", " async verification path in lib/dns/resolver.c.", " - CVE-2026-5947", " * SECURITY UPDATE: Unbounded resend loop in BIND 9 resolver", " - debian/patches/CVE-2026-5950-1.patch: Add reproducer for BADCOOKIE", " resend loop in bin/tests/system/resend_loop/ans3/ans.py,", " bin/tests/system/resend_loop/ns4/named.conf.j2,", " bin/tests/system/resend_loop/ns4/root.hint,", " bin/tests/system/resend_loop/tests_resend_loop.py.", " - debian/patches/CVE-2026-5950-2.patch: Refactor incrementing query", " counters in lib/dns/resolver.c.", " - debian/patches/CVE-2026-5950-3.patch: rctx_resend() increment query", " counters in lib/dns/resolver.c.", " - CVE-2026-5950", " * d/p/CVE-2026-1519-1.patch, d/p/CVE-2026-3104-1.patch: disable patches,", " quilt doesn't like patches that create symlinks apparently.", "" ], "package": "bind9", "version": "1:9.20.18-1ubuntu2.1", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Thu, 21 May 2026 08:23:48 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "bind9-host", "from_version": { "source_package_name": "bind9", "source_package_version": "1:9.20.18-1ubuntu2", "version": "1:9.20.18-1ubuntu2" }, "to_version": { "source_package_name": "bind9", "source_package_version": "1:9.20.18-1ubuntu2.1", "version": "1:9.20.18-1ubuntu2.1" }, "cves": [ { "cve": "CVE-2026-3039", "url": "https://ubuntu.com/security/CVE-2026-3039", "cve_description": "BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments. This issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3592", "url": "https://ubuntu.com/security/CVE-2026-3592", "cve_description": "BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3593", "url": "https://ubuntu.com/security/CVE-2026-3593", "cve_description": "A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5946", "url": "https://ubuntu.com/security/CVE-2026-5946", "cve_description": "Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5947", "url": "https://ubuntu.com/security/CVE-2026-5947", "cve_description": "Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. If, during that validation, the \"recursive-clients\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5950", "url": "https://ubuntu.com/security/CVE-2026-5950", "cve_description": "An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-1519", "url": "https://ubuntu.com/security/CVE-2026-1519", "cve_description": "If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" }, { "cve": "CVE-2026-3104", "url": "https://ubuntu.com/security/CVE-2026-3104", "cve_description": "A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-3039", "url": "https://ubuntu.com/security/CVE-2026-3039", "cve_description": "BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments. This issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3592", "url": "https://ubuntu.com/security/CVE-2026-3592", "cve_description": "BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3593", "url": "https://ubuntu.com/security/CVE-2026-3593", "cve_description": "A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5946", "url": "https://ubuntu.com/security/CVE-2026-5946", "cve_description": "Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5947", "url": "https://ubuntu.com/security/CVE-2026-5947", "cve_description": "Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. If, during that validation, the \"recursive-clients\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5950", "url": "https://ubuntu.com/security/CVE-2026-5950", "cve_description": "An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-1519", "url": "https://ubuntu.com/security/CVE-2026-1519", "cve_description": "If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" }, { "cve": "CVE-2026-3104", "url": "https://ubuntu.com/security/CVE-2026-3104", "cve_description": "A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: BIND 9 server memory exhaustion during GSS-API TKEY", " negotiation", " - debian/patches/CVE-2026-3039-pre1.patch: Release gnamebuf also on the", " error path in lib/dns/gssapictx.c.", " - debian/patches/CVE-2026-3039-1.patch: Fix GSS-API context leak in TKEY", " negotiation in lib/dns/gssapictx.c, lib/dns/include/dst/gssapi.h,", " lib/dns/tkey.c.", " - debian/patches/CVE-2026-3039-3.patch: Fix output token and GSS context", " leaks in TKEY/GSS-API error paths in lib/dns/gssapictx.c,", " lib/dns/tkey.c.", " - CVE-2026-3039", " * SECURITY UPDATE: Amplification vulnerabilities via self-pointed glue", " records", " - debian/patches/CVE-2026-3592-1.patch: Limit the number of addresses", " returned per ADB find in bin/named/main.c, lib/dns/adb.c.", " - debian/patches/CVE-2026-3592-2.patch: Remove duplicate addresses from", " the resolver SLIST in lib/dns/resolver.c.", " - debian/patches/CVE-2026-3592-3.patch: Add system test for self-pointed", " glue deduplication in bin/tests/system/selfpointedglue/ns1/named.conf.j2,", " bin/tests/system/selfpointedglue/ns1/root.db,", " bin/tests/system/selfpointedglue/ns2/named.conf.j2,", " bin/tests/system/selfpointedglue/ns2/tld.db,", " bin/tests/system/selfpointedglue/ns3/example.tld.db,", " bin/tests/system/selfpointedglue/ns3/example2.tld.db,", " bin/tests/system/selfpointedglue/ns3/named.conf.j2,", " bin/tests/system/selfpointedglue/ns4/named.args.j2,", " bin/tests/system/selfpointedglue/ns4/named.conf.j2,", " bin/tests/system/selfpointedglue/ns4/root.hint,", " bin/tests/system/selfpointedglue/tests_selfpointedglue.py.", " - debian/patches/CVE-2026-3592-4.patch: Add SRTT-based server selection", " system test in bin/tests/system/srtt/README,", " bin/tests/system/srtt/ans2/ans.py, bin/tests/system/srtt/ans3/ans.py,", " bin/tests/system/srtt/ans4/ans.py, bin/tests/system/srtt/ans5/ans.py,", " bin/tests/system/srtt/ns1/named.conf.j2,", " bin/tests/system/srtt/ns1/root.db, bin/tests/system/srtt/ns6/named.args,", " bin/tests/system/srtt/ns6/named.conf.j2,", " bin/tests/system/srtt/srtt_ans.py, bin/tests/system/srtt/tests_srtt.py.", " - CVE-2026-3592", " * SECURITY UPDATE: Heap use-after-free vulnerability in BIND 9", " DNS-over-HTTPS implementation", " - debian/patches/CVE-2026-3593-1.patch: Add system test for HTTP/2", " SETTINGS frame flood in bin/tests/system/doth/tests_malicious.py.", " - debian/patches/CVE-2026-3593-2.patch: Fix use-after-free in DoH write", " buffer after HTTP/2 send in lib/isc/netmgr/http.c.", " - CVE-2026-3593", " * SECURITY UPDATE: Invalid handling of CLASS != IN", " - debian/patches/CVE-2026-5946-1.patch: Disable recursion for non-IN", " classes in bin/named/server.c, lib/isccfg/check.c.", " - debian/patches/CVE-2026-5946-2.patch: Disable UPDATE and NOTIFY for", " non-IN classes in bin/named/server.c, lib/dns/adb.c,", " lib/ns/client.c, lib/ns/update.c.", " - debian/patches/CVE-2026-5946-3.patch: Validate DNS message CLASS early", " in request processing in bin/tests/system/unknown/tests.sh,", " lib/ns/client.c.", " - debian/patches/CVE-2026-5946-4.patch: Reject meta-classes in UPDATE and", " NOTIFY messages in lib/dns/message.c.", " - debian/patches/CVE-2026-5946-5.patch: Skip \"deny-answer-address\" for", " non-IN addresses in lib/dns/resolver.c.", " - debian/patches/CVE-2026-5946-6.patch: Test CHAOS view recursion behavior", " in bin/tests/system/checkconf/tests.sh,", " bin/tests/system/checkconf/warn-chaos-recursion.conf,", " bin/tests/system/class/ns1/chaos.db.in,", " bin/tests/system/class/ns1/named.conf.j2,", " bin/tests/system/class/ns2/example.db.in,", " bin/tests/system/class/ns2/localhost.db.in,", " bin/tests/system/class/ns2/named.conf.j2,", " bin/tests/system/class/ns3/named.conf.j2, bin/tests/system/class/setup.sh,", " bin/tests/system/class/tests_class_chaos.py,", " bin/tests/system/isctest/check.py.", " - debian/patches/CVE-2026-5946-7.patch: Test UPDATE behavior in CHAOS and", " other non-IN classes in bin/named/server.c,", " bin/tests/system/class/ns2/localhost.db.in,", " bin/tests/system/class/tests_class_update.py.", " - debian/patches/CVE-2026-5946-8.patch: Test server behavior when sending", " various UPDATE requests in bin/tests/system/class/tests_class_update.py,", " bin/tests/system/nsupdate/setup.sh, bin/tests/system/nsupdate/tests.sh,", " bin/tests/system/packet.pl.", " - debian/patches/CVE-2026-5946-9.patch: Make the RD flag optional in", " isctest.query() in bin/tests/system/isctest/query.py.", " - CVE-2026-5946", " * SECURITY UPDATE: SIG(0) validation during query flood may lead to", " undefined behavior", " - debian/patches/CVE-2026-5947.patch: Fix use-after-free in resolver SIG(0)", " async verification path in lib/dns/resolver.c.", " - CVE-2026-5947", " * SECURITY UPDATE: Unbounded resend loop in BIND 9 resolver", " - debian/patches/CVE-2026-5950-1.patch: Add reproducer for BADCOOKIE", " resend loop in bin/tests/system/resend_loop/ans3/ans.py,", " bin/tests/system/resend_loop/ns4/named.conf.j2,", " bin/tests/system/resend_loop/ns4/root.hint,", " bin/tests/system/resend_loop/tests_resend_loop.py.", " - debian/patches/CVE-2026-5950-2.patch: Refactor incrementing query", " counters in lib/dns/resolver.c.", " - debian/patches/CVE-2026-5950-3.patch: rctx_resend() increment query", " counters in lib/dns/resolver.c.", " - CVE-2026-5950", " * d/p/CVE-2026-1519-1.patch, d/p/CVE-2026-3104-1.patch: disable patches,", " quilt doesn't like patches that create symlinks apparently.", "" ], "package": "bind9", "version": "1:9.20.18-1ubuntu2.1", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Thu, 21 May 2026 08:23:48 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "bind9-libs:ppc64el", "from_version": { "source_package_name": "bind9", "source_package_version": "1:9.20.18-1ubuntu2", "version": "1:9.20.18-1ubuntu2" }, "to_version": { "source_package_name": "bind9", "source_package_version": "1:9.20.18-1ubuntu2.1", "version": "1:9.20.18-1ubuntu2.1" }, "cves": [ { "cve": "CVE-2026-3039", "url": "https://ubuntu.com/security/CVE-2026-3039", "cve_description": "BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments. This issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3592", "url": "https://ubuntu.com/security/CVE-2026-3592", "cve_description": "BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3593", "url": "https://ubuntu.com/security/CVE-2026-3593", "cve_description": "A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5946", "url": "https://ubuntu.com/security/CVE-2026-5946", "cve_description": "Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5947", "url": "https://ubuntu.com/security/CVE-2026-5947", "cve_description": "Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. If, during that validation, the \"recursive-clients\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5950", "url": "https://ubuntu.com/security/CVE-2026-5950", "cve_description": "An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-1519", "url": "https://ubuntu.com/security/CVE-2026-1519", "cve_description": "If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" }, { "cve": "CVE-2026-3104", "url": "https://ubuntu.com/security/CVE-2026-3104", "cve_description": "A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-3039", "url": "https://ubuntu.com/security/CVE-2026-3039", "cve_description": "BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or Kerberos-secured DNS environments. This issue affects BIND 9 versions 9.0.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.9.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3592", "url": "https://ubuntu.com/security/CVE-2026-3592", "cve_description": "BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-3593", "url": "https://ubuntu.com/security/CVE-2026-3593", "cve_description": "A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5946", "url": "https://ubuntu.com/security/CVE-2026-5946", "cve_description": "Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change notifications (`NOTIFY`), or processing of `IN`-specific record types in non-`IN` data — can cause assertion failures in `named`. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.48, 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5947", "url": "https://ubuntu.com/security/CVE-2026-5947", "cve_description": "Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG(0), it begins work to validate that signature. If, during that validation, the \"recursive-clients\" limit is reached (as would occur during a query flood), and that same DNS message is discarded per the limit, there is a brief window of time while the SIG(0) validation may attempt to read the now-discarded DNS message. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.28 through 9.18.49 and 9.18.28-S1 through 9.18.49-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-5950", "url": "https://ubuntu.com/security/CVE-2026-5950", "cve_description": "An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 through 9.18.48, 9.20.8 through 9.20.22, 9.21.7 through 9.21.21, 9.18.36-S1 through 9.18.48-S1, and 9.20.9-S1 through 9.20.22-S1.", "cve_priority": "medium", "cve_public_date": "2026-05-20 13:16:00 UTC" }, { "cve": "CVE-2026-1519", "url": "https://ubuntu.com/security/CVE-2026-1519", "cve_description": "If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" }, { "cve": "CVE-2026-3104", "url": "https://ubuntu.com/security/CVE-2026-3104", "cve_description": "A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.", "cve_priority": "medium", "cve_public_date": "2026-03-25 14:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: BIND 9 server memory exhaustion during GSS-API TKEY", " negotiation", " - debian/patches/CVE-2026-3039-pre1.patch: Release gnamebuf also on the", " error path in lib/dns/gssapictx.c.", " - debian/patches/CVE-2026-3039-1.patch: Fix GSS-API context leak in TKEY", " negotiation in lib/dns/gssapictx.c, lib/dns/include/dst/gssapi.h,", " lib/dns/tkey.c.", " - debian/patches/CVE-2026-3039-3.patch: Fix output token and GSS context", " leaks in TKEY/GSS-API error paths in lib/dns/gssapictx.c,", " lib/dns/tkey.c.", " - CVE-2026-3039", " * SECURITY UPDATE: Amplification vulnerabilities via self-pointed glue", " records", " - debian/patches/CVE-2026-3592-1.patch: Limit the number of addresses", " returned per ADB find in bin/named/main.c, lib/dns/adb.c.", " - debian/patches/CVE-2026-3592-2.patch: Remove duplicate addresses from", " the resolver SLIST in lib/dns/resolver.c.", " - debian/patches/CVE-2026-3592-3.patch: Add system test for self-pointed", " glue deduplication in bin/tests/system/selfpointedglue/ns1/named.conf.j2,", " bin/tests/system/selfpointedglue/ns1/root.db,", " bin/tests/system/selfpointedglue/ns2/named.conf.j2,", " bin/tests/system/selfpointedglue/ns2/tld.db,", " bin/tests/system/selfpointedglue/ns3/example.tld.db,", " bin/tests/system/selfpointedglue/ns3/example2.tld.db,", " bin/tests/system/selfpointedglue/ns3/named.conf.j2,", " bin/tests/system/selfpointedglue/ns4/named.args.j2,", " bin/tests/system/selfpointedglue/ns4/named.conf.j2,", " bin/tests/system/selfpointedglue/ns4/root.hint,", " bin/tests/system/selfpointedglue/tests_selfpointedglue.py.", " - debian/patches/CVE-2026-3592-4.patch: Add SRTT-based server selection", " system test in bin/tests/system/srtt/README,", " bin/tests/system/srtt/ans2/ans.py, bin/tests/system/srtt/ans3/ans.py,", " bin/tests/system/srtt/ans4/ans.py, bin/tests/system/srtt/ans5/ans.py,", " bin/tests/system/srtt/ns1/named.conf.j2,", " bin/tests/system/srtt/ns1/root.db, bin/tests/system/srtt/ns6/named.args,", " bin/tests/system/srtt/ns6/named.conf.j2,", " bin/tests/system/srtt/srtt_ans.py, bin/tests/system/srtt/tests_srtt.py.", " - CVE-2026-3592", " * SECURITY UPDATE: Heap use-after-free vulnerability in BIND 9", " DNS-over-HTTPS implementation", " - debian/patches/CVE-2026-3593-1.patch: Add system test for HTTP/2", " SETTINGS frame flood in bin/tests/system/doth/tests_malicious.py.", " - debian/patches/CVE-2026-3593-2.patch: Fix use-after-free in DoH write", " buffer after HTTP/2 send in lib/isc/netmgr/http.c.", " - CVE-2026-3593", " * SECURITY UPDATE: Invalid handling of CLASS != IN", " - debian/patches/CVE-2026-5946-1.patch: Disable recursion for non-IN", " classes in bin/named/server.c, lib/isccfg/check.c.", " - debian/patches/CVE-2026-5946-2.patch: Disable UPDATE and NOTIFY for", " non-IN classes in bin/named/server.c, lib/dns/adb.c,", " lib/ns/client.c, lib/ns/update.c.", " - debian/patches/CVE-2026-5946-3.patch: Validate DNS message CLASS early", " in request processing in bin/tests/system/unknown/tests.sh,", " lib/ns/client.c.", " - debian/patches/CVE-2026-5946-4.patch: Reject meta-classes in UPDATE and", " NOTIFY messages in lib/dns/message.c.", " - debian/patches/CVE-2026-5946-5.patch: Skip \"deny-answer-address\" for", " non-IN addresses in lib/dns/resolver.c.", " - debian/patches/CVE-2026-5946-6.patch: Test CHAOS view recursion behavior", " in bin/tests/system/checkconf/tests.sh,", " bin/tests/system/checkconf/warn-chaos-recursion.conf,", " bin/tests/system/class/ns1/chaos.db.in,", " bin/tests/system/class/ns1/named.conf.j2,", " bin/tests/system/class/ns2/example.db.in,", " bin/tests/system/class/ns2/localhost.db.in,", " bin/tests/system/class/ns2/named.conf.j2,", " bin/tests/system/class/ns3/named.conf.j2, bin/tests/system/class/setup.sh,", " bin/tests/system/class/tests_class_chaos.py,", " bin/tests/system/isctest/check.py.", " - debian/patches/CVE-2026-5946-7.patch: Test UPDATE behavior in CHAOS and", " other non-IN classes in bin/named/server.c,", " bin/tests/system/class/ns2/localhost.db.in,", " bin/tests/system/class/tests_class_update.py.", " - debian/patches/CVE-2026-5946-8.patch: Test server behavior when sending", " various UPDATE requests in bin/tests/system/class/tests_class_update.py,", " bin/tests/system/nsupdate/setup.sh, bin/tests/system/nsupdate/tests.sh,", " bin/tests/system/packet.pl.", " - debian/patches/CVE-2026-5946-9.patch: Make the RD flag optional in", " isctest.query() in bin/tests/system/isctest/query.py.", " - CVE-2026-5946", " * SECURITY UPDATE: SIG(0) validation during query flood may lead to", " undefined behavior", " - debian/patches/CVE-2026-5947.patch: Fix use-after-free in resolver SIG(0)", " async verification path in lib/dns/resolver.c.", " - CVE-2026-5947", " * SECURITY UPDATE: Unbounded resend loop in BIND 9 resolver", " - debian/patches/CVE-2026-5950-1.patch: Add reproducer for BADCOOKIE", " resend loop in bin/tests/system/resend_loop/ans3/ans.py,", " bin/tests/system/resend_loop/ns4/named.conf.j2,", " bin/tests/system/resend_loop/ns4/root.hint,", " bin/tests/system/resend_loop/tests_resend_loop.py.", " - debian/patches/CVE-2026-5950-2.patch: Refactor incrementing query", " counters in lib/dns/resolver.c.", " - debian/patches/CVE-2026-5950-3.patch: rctx_resend() increment query", " counters in lib/dns/resolver.c.", " - CVE-2026-5950", " * d/p/CVE-2026-1519-1.patch, d/p/CVE-2026-3104-1.patch: disable patches,", " quilt doesn't like patches that create symlinks apparently.", "" ], "package": "bind9", "version": "1:9.20.18-1ubuntu2.1", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Thu, 21 May 2026 08:23:48 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "bpftool", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": "7.7.0+7.0.0-15.15" }, "to_version": { "source_package_name": "linux", "source_package_version": "7.0.0-22.22", "version": "7.7.0+7.0.0-22.22" }, "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "launchpad_bugs_fixed": [ 2154172, 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747, 2153786, 1786013, 2153962 ], "changes": [ { "cves": [], "log": [ "", " * GRO managed-frag use-after-free leading to local privilege escalation", " (LP: #2154172)", " - net: gro: don't merge zcopy skbs", "" ], "package": "linux", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2154172 ], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:41:37 +0200" }, { "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" } ], "log": [ "", " * apparmor (LP: #2151747)", " - SAUCE: apparmor: pass big_resp to handler", " - SAUCE: apparmor: remove redundant kref_init for listener->count", " - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb", "", " * apparmor (LP: #2151747) // CVE-2026-47337", " - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr", "", " * apparmor (LP: #2151747) // CVE-2026-47334", " - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock", "", " * apparmor (LP: #2151747) // CVE-2026-47333", " - SAUCE: apparmor: fix dfa unpacking size of the notification filter", "", " * apparmor (LP: #2151747) // CVE-2026-47332", " - SAUCE: apparmor: fix size check against type instead of pointer", "", " * apparmor: LLVM/clang build failure due to uninitialized variable in", " notify.c (LP: #2148809) // CVE-2026-47330", " - SAUCE: apparmor: initialize variable used in uninitialized context", "", " * apparmor (LP: #2151747) // CVE-2026-47329", " - SAUCE: apparmor: fix name validation bypass on notification", "", " * apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328", " - SAUCE: apparmor: fix glob memory leak after kstrdup", "", " * apparmor (LP: #2151747) // CVE-2026-47326", " - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer", "" ], "package": "linux", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 22:58:06 +0200" }, { "cves": [ { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "log": [ "", " * resolute/linux: 7.0.0-19.19 -proposed tracker (LP: #2153786)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update annotations scripts", " - [Packaging] debian.master/dkms-versions -- remove dkms-versions", " (main/s2026.05.11)", "", " * CVE-2026-46300", " - net: skbuff: preserve shared-frag marker during coalescing", " - net: skbuff: propagate shared-frag marker through frag-transfer helpers", "", " * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)", " - net/rds: reset op_nents when zerocopy page pin fails", "", " * CVE-2026-46333", " - ptrace: slightly saner 'get_dumpable()' logic", "", " * CVE-2026-43500", " - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets", " - rxrpc: Fix potential UAF after skb_unshare() failure", " - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets", " - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present", "", " * CVE-2026-43284", " - xfrm: esp: avoid in-place decrypt on shared skb frags", "" ], "package": "linux", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2153786, 1786013, 2153962 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:12:08 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "inetutils-telnet", "from_version": { "source_package_name": "inetutils", "source_package_version": "2:2.7-2ubuntu1", "version": "2:2.7-2ubuntu1" }, "to_version": { "source_package_name": "inetutils", "source_package_version": "2:2.7-2ubuntu1.1", "version": "2:2.7-2ubuntu1.1" }, "cves": [ { "cve": "CVE-2026-28372", "url": "https://ubuntu.com/security/CVE-2026-28372", "cve_description": "telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.", "cve_priority": "medium", "cve_public_date": "2026-02-27 06:18:00 UTC" }, { "cve": "CVE-2026-32746", "url": "https://ubuntu.com/security/CVE-2026-32746", "cve_description": "telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.", "cve_priority": "medium", "cve_public_date": "2026-03-13 19:55:00 UTC" }, { "cve": "CVE-2026-32772", "url": "https://ubuntu.com/security/CVE-2026-32772", "cve_description": "telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.", "cve_priority": "medium", "cve_public_date": "2026-03-16 14:19:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-28372", "url": "https://ubuntu.com/security/CVE-2026-28372", "cve_description": "telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.", "cve_priority": "medium", "cve_public_date": "2026-02-27 06:18:00 UTC" }, { "cve": "CVE-2026-32746", "url": "https://ubuntu.com/security/CVE-2026-32746", "cve_description": "telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.", "cve_priority": "medium", "cve_public_date": "2026-03-13 19:55:00 UTC" }, { "cve": "CVE-2026-32772", "url": "https://ubuntu.com/security/CVE-2026-32772", "cve_description": "telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.", "cve_priority": "medium", "cve_public_date": "2026-03-16 14:19:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: privilege escalation in telnetd", " - debian/patches/CVE-2026-28372.patch: prevent authentication", " bypass via CREDENTIALS_DIRECTORY environment variable", " - CVE-2026-28372", " * SECURITY UPDATE: stack-based buffer overflow in telnetd", " - debian/patches/CVE-2026-32746.patch: fix out-of-bounds write in", " LINEMODE SLC suboption handler by checking buffer bounds in", " add_slc", " - CVE-2026-32746", " * SECURITY UPDATE: information disclosure via environment variables", " - debian/patches/CVE-2026-32772.patch: do not send environment", " variables not marked for export to telnetd", " - CVE-2026-32772", "" ], "package": "inetutils", "version": "2:2.7-2ubuntu1.1", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Federico Quattrin ", "date": "Thu, 04 Jun 2026 10:22:06 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libgcrypt20:ppc64el", "from_version": { "source_package_name": "libgcrypt20", "source_package_version": "1.12.0-2", "version": "1.12.0-2" }, "to_version": { "source_package_name": "libgcrypt20", "source_package_version": "1.12.0-2ubuntu0.1", "version": "1.12.0-2ubuntu0.1" }, "cves": [ { "cve": "CVE-2026-41989", "url": "https://ubuntu.com/security/CVE-2026-41989", "cve_description": "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "cve_priority": "medium", "cve_public_date": "2026-04-23 05:16:00 UTC" }, { "cve": "CVE-2026-41990", "url": "https://ubuntu.com/security/CVE-2026-41990", "cve_description": "Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data.", "cve_priority": "medium", "cve_public_date": "2026-04-23 05:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-41989", "url": "https://ubuntu.com/security/CVE-2026-41989", "cve_description": "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.", "cve_priority": "medium", "cve_public_date": "2026-04-23 05:16:00 UTC" }, { "cve": "CVE-2026-41990", "url": "https://ubuntu.com/security/CVE-2026-41990", "cve_description": "Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data.", "cve_priority": "medium", "cve_public_date": "2026-04-23 05:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Heap-based buffer overflow via crafted ECDH ciphertext", " - debian/patches/CVE-2026-41989.patch: cipher:ecc: Fix decoding a point on", " Montgomery curve. in cipher/ecc-misc.c.", " - CVE-2026-41989", " * SECURITY UPDATE: Dilithium signing mishandling", " - debian/patches/CVE-2026-41990.patch: cipher:dilithium: Check the label", " length by caller. in cipher/dilithium.c, cipher/dilithium.h,", " cipher/pubkey-dilithium.c.", " - CVE-2026-41990", "" ], "package": "libgcrypt20", "version": "1.12.0-2ubuntu0.1", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 12 May 2026 11:01:30 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "libssh2-1t64:ppc64el", "from_version": { "source_package_name": "libssh2", "source_package_version": "1.11.1-1build2", "version": "1.11.1-1build2" }, "to_version": { "source_package_name": "libssh2", "source_package_version": "1.11.1-1ubuntu0.26.04.1", "version": "1.11.1-1ubuntu0.26.04.1" }, "cves": [ { "cve": "CVE-2026-7598", "url": "https://ubuntu.com/security/CVE-2026-7598", "cve_description": "A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow. The attack may be launched remotely. The name of the patch is 256d04b60d80bf1190e96b0ad1e91b2174d744b1. A patch should be applied to remediate this issue.", "cve_priority": "medium", "cve_public_date": "2026-05-01 22:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-7598", "url": "https://ubuntu.com/security/CVE-2026-7598", "cve_description": "A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow. The attack may be launched remotely. The name of the patch is 256d04b60d80bf1190e96b0ad1e91b2174d744b1. A patch should be applied to remediate this issue.", "cve_priority": "medium", "cve_public_date": "2026-05-01 22:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: integer overflow via long username", " - debian/patches/CVE-2026-7598.patch: add username_len bounds checking in", " src/userauth.c.", " - CVE-2026-7598", "" ], "package": "libssh2", "version": "1.11.1-1ubuntu0.26.04.1", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 05 May 2026 12:39:40 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "libssl3t64:ppc64el", "from_version": { "source_package_name": "openssl", "source_package_version": "3.5.5-1ubuntu3", "version": "3.5.5-1ubuntu3" }, "to_version": { "source_package_name": "openssl", "source_package_version": "3.5.5-1ubuntu3.2", "version": "3.5.5-1ubuntu3.2" }, "cves": [ { "cve": "CVE-2026-34180", "url": "https://ubuntu.com/security/CVE-2026-34180", "cve_description": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application (Denial of Service) or to load into the decoded ASN.1 object contents of memory beyond the end of the input buffer. More typically such ASN.1 elements would instead be truncated. An integer truncation in OpenSSL's ASN.1 decoder causes the content length of an ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the worst case the truncated length is treated as a request to scan the binary content for a terminating zero byte, possibly causing OpenSSL to read either less than or beyond the end of the allocated buffer. Applications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or any other d2i_* decoding function are affected. OpenSSL's own command-line tools are not vulnerable, as data read through the BIO layer is checked before it reaches the affected code. The issue only affects 64-bit Unix and Unix-like platforms; 32-bit platforms and 64-bit Windows are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34181", "url": "https://ubuntu.com/security/CVE-2026-34181", "cve_description": "Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certificate and private key forgery. Impact Summary: An attacker impersonating a user can cause a service reading PKCS#12 files to accept forged certificates and private keys with a 1 in 256 probability. If a service accepting PKCS#12 files is using passwords for authenticating the received files, the attacker can create unencrypted PKCS#12 files that use PBMAC1 authentication that specifies an HMAC key of only one byte, allowing them to craft a file that will be accepted with a 1 in 256 probability. That would then cause the service to accept a certificate and private key controlled by the attacker. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34182", "url": "https://ubuntu.com/security/CVE-2026-34182", "cve_description": "Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers making use of these vulnerabilities may achieve key-equivalent functionality for a given CMS recipient and/or bypass integrity validation for a given message. In one use case, an attacker may send a CMS message containing AuthEnvelopedData with the cipher specified as a non-AEAD cipher. OpenSSL erroneously allows this selection, and attempts to decrypt and validate the message. An on-path attacker who captures one legitimate AES-GCM AuthEnvelopedData addressed to the victim can re-emit it with the recipientInfos set left byte-for-byte intact, so the victim's private key still unwraps the genuine CEK (the content-encryption key), but with the inner OID rewritten to AES-256-OFB (Output Feedback Mode, an unauthenticated keystream mode) and with an attacker-chosen IV and ciphertext. The victim initializes AES-256-OFB under the real CEK, never consults the MAC field, and CMS_decrypt() returns success. If the application under attack responds to the attacker with any indicator showing success or failure of the decryption effort, it is possible for the attacker to use this as an oracle to obtain key equivalent functionality for the CEK used for the chosen recipient of the message. In another use case, an attacker can reduce the tag length of the chosen AEAD cipher for a given AuthEnvelopedData container to be a single byte long, allowing an attacker to brute force CMS decryption, producing an integrity bypass for applications that trust CMS_decrypt() to reject modified content. The FIPS modules are not affected by this issue.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34183", "url": "https://ubuntu.com/security/CVE-2026-34183", "cve_description": "Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QUIC client or server and a Denial of Service. A remote peer may exhaust heap memory by flooding the local QUIC stack with PATH_CHALLENGE frames. The local QUIC stack allocates a PATH_RESPONSE frame for every PATH_CHALLENGE it receives. The allocated PATH_RESPONSE frame gets freed only when the remote peer acknowledges reception of the PATH_RESPONSE frame which will not be done by a malicious peer. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue. The QUIC stack is outside of OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42764", "url": "https://ubuntu.com/security/CVE-2026-42764", "cve_description": "Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial of Service. If the address validation is disabled in the OpenSSL QUIC server implementation, an attacker can crash the server by sending an initial packet with an invalid or expired token. By default, the client address validation is enabled in the OpenSSL QUIC server implementation, which makes the default configuration not vulnerable to this issue. However if the SSL_LISTENER_FLAG_NO_VALIDATE is used with the SSL_new_listener() call, the address validation is disabled making the vulnerable code reachable. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42766", "url": "https://ubuntu.com/security/CVE-2026-42766", "cve_description": "Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as OPTIONAL in the ASN.1 specification and may therefore be absent in specially crafted inputs. During the password-based CMS decryption the OpenSSL CMS implementation dereferences this field without first checking whether it was present. An attacker who supplies such a CMS message to an application performing password-based CMS decryption can trigger an application crash, leading to a Denial of Service. Applications that process password-encrypted CMS messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42767", "url": "https://ubuntu.com/security/CVE-2026-42767", "cve_description": "Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server (or acting as a man-in-the-middle) could craft a CMP response containing a CRMF (Certificate Request Message Format) CertRepMessage with an EncryptedValue structure where the symmAlg field has an algorithm OID but no parameters field. When the OpenSSL CMP client processes this response, the NULL dereference occurs, causing a crash of the CMP client. Applications that process untrusted CMP/CRMF messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42768", "url": "https://ubuntu.com/security/CVE-2026-42768", "cve_description": "Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and observe the error code and/or decryption output. Impact summary: The Bleichenbacher-style attack allows an attacker to use the victim's vulnerable application as a way to decrypt or sign messages with the victim's private RSA key. The attack is possible in 2 variants. 1. The decryption API (CMS_decrypt(), PKCS7_decrypt()) is used without providing the recipient certificate. In this case OpenSSL iterates over every KeyTransRecipientInfo (KTRI) without stopping at the first success. An attacker who authors a message with two KTRI entries — the first one wrapping a real CEK under the victim's public key, the second with an arbitrary probe ciphertext — obtains opportunity to iterate the 2nd KTRI to get a valid PKCS#1 v1.5 padding if the error code of the application is available. That is a Bleichenbacher oracle (Bleichenbacher, CRYPTO '98): an adaptive-chosen-ciphertext side channel from which the attacker decrypts any RSA ciphertext to the victim's key or forges any PKCS#1 v1.5 signature under it. 2. When the decryption API (CMS_decrypt(), PKCS7_decrypt()) is provided with the recipient certificate, and the recipient is not found, a random key is substituted. An attacker who authors a message and is able to compare both error code and the result of the decryption, can mount a Bleichenbacher oracle. We are not aware of any applications that provide a remote attacker an opportunity to mount an attack described in these scenarios. We consider the existence of such application very unlikely, and for this reason this CVE has been evaluated as Low severity. To avoid these attacks, when RSA PKCS#1 v1.5 Key Transport is in use, the invoked EVP_PKEY_decrypt() will use the implicit rejection mechanism described in draft-irtf-cfrg-rsa-guidance. In previous OpenSSL releases the implicit rejection was explicitly disabled. The implicit rejection mechanism always returns a plaintext value, the symmetric key. This result is deterministic for the ciphertext and the private key. The length of the decryption result can happen to match the length of the key of the symmetric cipher that was used for the content encryption. When a certificate is not provided, the last RecipientInfo producing a key that looks valid will be used. It may cause getting garbage content on decryption. As a proper way to deal with this a recipient certificate has to be provided to identify the particular RecipientInfo for decryption. The FIPS modules in 4.0, 3.6, 3.5, and 3.4 are not affected by this issue, as CMS and S/MIME processing happens outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42769", "url": "https://ubuntu.com/security/CVE-2026-42769", "cve_description": "Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority (RA) level to the root Certification Authority (root CA) level. Impact Summary: The Registration Autority could replace the root CA certificate for the CMP clients with an arbitrary root CA certificate. One of the parts of the Certificate Management Protocol (CMP), specified in RFC 9810, is Root Certification Authority (root CA) key Rollover, which is sent by the server in a message with type 'id-it-rootCaKeyUpdate'. As part of these messages, 'newWithOld' certificate, the new root CA certificate signed with the old root CA key, is provided, and verifying its signature is crucial for transferring the trust from the old CA key to the new one. The 'id-it-rootCaKeyUpdate' messages are expected to be processed with OSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the 'newWithOld' certificate. A typo in the certificate chain building code led to adding an incorrect certificate ('newWithOld' instead of 'oldRoot') to the certificate chain, rendering the certificate verification process ineffectual (only the issuer name and the algorithm OIDs were verified by other parts of the verification code). An attacker who already has credentials that satisfy the CMP message protection checks can generate a new key pair and use a crafted self-signed certificate in its 'id-it-rootCaKeyUpdate' CMP messages which affected CMP clients would accept as a new trust anchor. Significant preconditions for the attack (having valid RA-level credentials) are the reason the issue was assigned Low severity. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42770", "url": "https://ubuntu.com/security/CVE-2026-42770", "cve_description": "Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r (a small prime factor of the cofactor (p−1)/q_local), and a public value Y of order r can recover the victim's private key after a small number of key exchange attempts. When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the subgroup membership check Y^q ≡ 1 (mod p) is performed using the peer's own q parameter, not the local key's q. The peer's domain parameters are then matched against the domain parameters of the private key, but the value of q is not compared. A malicious peer who presents an X9.42 key carrying the victim's p, g, a forged q = r (a small prime factor of the cofactor), and a public value Y of order r passes all checks. The shared secret then takes only r distinct values, leaking priv mod r. Repeating for each small-prime factor of the cofactor and combining via CRT recovers the full private key (Lim–Lee / small-subgroup-confinement attack). The realistic attack surface is narrow: principally CMP deployments with long-lived RA/CA DHX keys and bespoke enterprise or government applications using X9.42 DHX static keys with interactive protocols and therefore this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45445", "url": "https://ubuntu.com/security/CVE-2026-45445", "cve_description": "Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV supplied by the caller, resulting in (key, nonce) reuse and loss of confidentiality. If the same code path is used to compute the authentication tag, the tag depends only on the (key, IV) pair and not on the plaintext or ciphertext, allowing universal forgery of arbitrary ciphertext from a single captured message. OpenSSL provides two ways to drive a cipher: the documented streaming interface (EVP_CipherUpdate / EVP_CipherFinal_ex) and a lower-level one-shot, EVP_Cipher(), whose documentation explicitly recommends against use by applications in favour of EVP_CipherUpdate() and EVP_CipherFinal_ex(). The OCB provider's streaming handler flushes the application-supplied IV into the OCB context before processing data; the one-shot handler did not. Every call to EVP_Cipher() on an AES-OCB context therefore ran with the all-zero key-derived offset state left by cipher initialisation, regardless of the caller's IV. If EVP_EncryptFinal_ex() is subsequently used to obtain the authentication tag, the deferred IV setup runs at that point and clears the running checksum that should have been accumulated over the plaintext. The resulting tag is a function of (key, IV) only and verifies against any ciphertext produced under the same (key, IV) pair. The OpenSSL SSL/TLS implementation is not affected: AES-OCB is not a TLS cipher suite, and libssl does not call EVP_Cipher() in any case. Applications that drive AES-OCB through the documented streaming AEAD API (EVP_CipherUpdate / EVP_CipherFinal_ex) are not affected. Only applications that combine the AES-OCB cipher with the EVP_Cipher() one-shot API are vulnerable. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as AES-OCB is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45446", "url": "https://ubuntu.com/security/CVE-2026-45446", "cve_description": "Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's application using these ciphers. AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD modes: they accept a key, nonce, optional AAD (bytes that are authenticated but not encrypted), and plaintext, and produces ciphertext plus a 16-byte tag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only if the tag is verified succesfully. In OpenSSL's provider implementation of these ciphers, the expected tag is computed only when decryption function is invoked with non-empty data. If the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without invocation of the ciphertext update, which can happen when the received ciphertext length is zero, the tag is never recalculated and still holds its all-zeros value. When AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty ciphertext, and all-zeros tag passes authentication under any key they do not know, single-shot. When AES-SIV is used, for mounting the attack it's necessary for the application to reuse the decryption context without resetting the key. AES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since OpenSSL 3.2. No protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support either AES-GCM-SIV or AES-SIV. To mount an attack, the applications must implement their own protocol and use the EVP interface. Also they must skip the ciphertext update when a message with an empty ciphertext arrives. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as these algorithms are not FIPS approved and the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45447", "url": "https://ubuntu.com/security/CVE-2026-45447", "cve_description": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME signed message, if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent use of the BIO by the calling application results in a use-after-free condition. In the common case this occurs when the application later calls BIO_free() on the BIO originally passed to PKCS7_verify(). Depending on allocator behavior and application-specific BIO usage patterns, this may result in a crash or other memory corruption. In some application contexts this may potentially be exploitable for remote code execution. Applications that process PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs may be affected. Applications using the CMS APIs for this processing are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "high", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-7383", "url": "https://ubuntu.com/security/CVE-2026-7383", "cve_description": "Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination size for Unicode output is computed in a signed int: by left shift of the input character count for BMPSTRING (UTF-16) and UNIVERSALSTRING (UTF-32), and by summing per-character byte counts for UTF8STRING. The calculation overflows when the input reaches around 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30 characters) the size wraps to zero, OPENSSL_malloc(1) is called, and the subsequent character copy writes several gigabytes past the one-byte allocation. X.509 certificate processing routes through ASN1_STRING_set_by_NID(), whose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID size limits cap the input length; no network protocol or certificate-handling path in OpenSSL exercises the overflow. Triggering the bug requires an application that calls ASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers a custom string type via ASN1_STRING_TABLE_add(), with attacker-controlled input on the order of half a gigabyte or more. For these reasons this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-9076", "url": "https://ubuntu.com/security/CVE-2026-9076", "cve_description": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer over-read may trigger a crash which leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not revealed to the attacker. The key unwrapping function performs a check-byte test as specified in the RFC that reads 7 bytes from a heap allocation that is based on the wrapped key length from the message. There is a minimum length check based on the block length of the wrapping cipher. However the cipher is selected from an OID carried in the attacker's PWRI keyEncryptionAlgorithm with no requirement that the cipher be a block cipher. When an attacker selects a stream-mode cipher the guard will be ineffective and the allocated buffer containing the unwrapped key can be too small to fit the check-bytes specified in the RFC and a buffer over-read can happen. Applications calling CMS_decrypt() or CMS_decrypt_set1_password() (equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS data are vulnerable to this issue. No password knowledge is required: the over-read happens during the unwrap attempt before any authentication succeeds. The over-read is limited to a few bytes and is not written to output, so there is no information disclosure. Triggering a crash requires the allocation to border unmapped memory, which is unlikely with the normal allocator. The FIPS modules are not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-34180", "url": "https://ubuntu.com/security/CVE-2026-34180", "cve_description": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application (Denial of Service) or to load into the decoded ASN.1 object contents of memory beyond the end of the input buffer. More typically such ASN.1 elements would instead be truncated. An integer truncation in OpenSSL's ASN.1 decoder causes the content length of an ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the worst case the truncated length is treated as a request to scan the binary content for a terminating zero byte, possibly causing OpenSSL to read either less than or beyond the end of the allocated buffer. Applications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or any other d2i_* decoding function are affected. OpenSSL's own command-line tools are not vulnerable, as data read through the BIO layer is checked before it reaches the affected code. The issue only affects 64-bit Unix and Unix-like platforms; 32-bit platforms and 64-bit Windows are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34181", "url": "https://ubuntu.com/security/CVE-2026-34181", "cve_description": "Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certificate and private key forgery. Impact Summary: An attacker impersonating a user can cause a service reading PKCS#12 files to accept forged certificates and private keys with a 1 in 256 probability. If a service accepting PKCS#12 files is using passwords for authenticating the received files, the attacker can create unencrypted PKCS#12 files that use PBMAC1 authentication that specifies an HMAC key of only one byte, allowing them to craft a file that will be accepted with a 1 in 256 probability. That would then cause the service to accept a certificate and private key controlled by the attacker. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34182", "url": "https://ubuntu.com/security/CVE-2026-34182", "cve_description": "Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers making use of these vulnerabilities may achieve key-equivalent functionality for a given CMS recipient and/or bypass integrity validation for a given message. In one use case, an attacker may send a CMS message containing AuthEnvelopedData with the cipher specified as a non-AEAD cipher. OpenSSL erroneously allows this selection, and attempts to decrypt and validate the message. An on-path attacker who captures one legitimate AES-GCM AuthEnvelopedData addressed to the victim can re-emit it with the recipientInfos set left byte-for-byte intact, so the victim's private key still unwraps the genuine CEK (the content-encryption key), but with the inner OID rewritten to AES-256-OFB (Output Feedback Mode, an unauthenticated keystream mode) and with an attacker-chosen IV and ciphertext. The victim initializes AES-256-OFB under the real CEK, never consults the MAC field, and CMS_decrypt() returns success. If the application under attack responds to the attacker with any indicator showing success or failure of the decryption effort, it is possible for the attacker to use this as an oracle to obtain key equivalent functionality for the CEK used for the chosen recipient of the message. In another use case, an attacker can reduce the tag length of the chosen AEAD cipher for a given AuthEnvelopedData container to be a single byte long, allowing an attacker to brute force CMS decryption, producing an integrity bypass for applications that trust CMS_decrypt() to reject modified content. The FIPS modules are not affected by this issue.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34183", "url": "https://ubuntu.com/security/CVE-2026-34183", "cve_description": "Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QUIC client or server and a Denial of Service. A remote peer may exhaust heap memory by flooding the local QUIC stack with PATH_CHALLENGE frames. The local QUIC stack allocates a PATH_RESPONSE frame for every PATH_CHALLENGE it receives. The allocated PATH_RESPONSE frame gets freed only when the remote peer acknowledges reception of the PATH_RESPONSE frame which will not be done by a malicious peer. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue. The QUIC stack is outside of OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42764", "url": "https://ubuntu.com/security/CVE-2026-42764", "cve_description": "Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial of Service. If the address validation is disabled in the OpenSSL QUIC server implementation, an attacker can crash the server by sending an initial packet with an invalid or expired token. By default, the client address validation is enabled in the OpenSSL QUIC server implementation, which makes the default configuration not vulnerable to this issue. However if the SSL_LISTENER_FLAG_NO_VALIDATE is used with the SSL_new_listener() call, the address validation is disabled making the vulnerable code reachable. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42766", "url": "https://ubuntu.com/security/CVE-2026-42766", "cve_description": "Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as OPTIONAL in the ASN.1 specification and may therefore be absent in specially crafted inputs. During the password-based CMS decryption the OpenSSL CMS implementation dereferences this field without first checking whether it was present. An attacker who supplies such a CMS message to an application performing password-based CMS decryption can trigger an application crash, leading to a Denial of Service. Applications that process password-encrypted CMS messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42767", "url": "https://ubuntu.com/security/CVE-2026-42767", "cve_description": "Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server (or acting as a man-in-the-middle) could craft a CMP response containing a CRMF (Certificate Request Message Format) CertRepMessage with an EncryptedValue structure where the symmAlg field has an algorithm OID but no parameters field. When the OpenSSL CMP client processes this response, the NULL dereference occurs, causing a crash of the CMP client. Applications that process untrusted CMP/CRMF messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42768", "url": "https://ubuntu.com/security/CVE-2026-42768", "cve_description": "Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and observe the error code and/or decryption output. Impact summary: The Bleichenbacher-style attack allows an attacker to use the victim's vulnerable application as a way to decrypt or sign messages with the victim's private RSA key. The attack is possible in 2 variants. 1. The decryption API (CMS_decrypt(), PKCS7_decrypt()) is used without providing the recipient certificate. In this case OpenSSL iterates over every KeyTransRecipientInfo (KTRI) without stopping at the first success. An attacker who authors a message with two KTRI entries — the first one wrapping a real CEK under the victim's public key, the second with an arbitrary probe ciphertext — obtains opportunity to iterate the 2nd KTRI to get a valid PKCS#1 v1.5 padding if the error code of the application is available. That is a Bleichenbacher oracle (Bleichenbacher, CRYPTO '98): an adaptive-chosen-ciphertext side channel from which the attacker decrypts any RSA ciphertext to the victim's key or forges any PKCS#1 v1.5 signature under it. 2. When the decryption API (CMS_decrypt(), PKCS7_decrypt()) is provided with the recipient certificate, and the recipient is not found, a random key is substituted. An attacker who authors a message and is able to compare both error code and the result of the decryption, can mount a Bleichenbacher oracle. We are not aware of any applications that provide a remote attacker an opportunity to mount an attack described in these scenarios. We consider the existence of such application very unlikely, and for this reason this CVE has been evaluated as Low severity. To avoid these attacks, when RSA PKCS#1 v1.5 Key Transport is in use, the invoked EVP_PKEY_decrypt() will use the implicit rejection mechanism described in draft-irtf-cfrg-rsa-guidance. In previous OpenSSL releases the implicit rejection was explicitly disabled. The implicit rejection mechanism always returns a plaintext value, the symmetric key. This result is deterministic for the ciphertext and the private key. The length of the decryption result can happen to match the length of the key of the symmetric cipher that was used for the content encryption. When a certificate is not provided, the last RecipientInfo producing a key that looks valid will be used. It may cause getting garbage content on decryption. As a proper way to deal with this a recipient certificate has to be provided to identify the particular RecipientInfo for decryption. The FIPS modules in 4.0, 3.6, 3.5, and 3.4 are not affected by this issue, as CMS and S/MIME processing happens outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42769", "url": "https://ubuntu.com/security/CVE-2026-42769", "cve_description": "Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority (RA) level to the root Certification Authority (root CA) level. Impact Summary: The Registration Autority could replace the root CA certificate for the CMP clients with an arbitrary root CA certificate. One of the parts of the Certificate Management Protocol (CMP), specified in RFC 9810, is Root Certification Authority (root CA) key Rollover, which is sent by the server in a message with type 'id-it-rootCaKeyUpdate'. As part of these messages, 'newWithOld' certificate, the new root CA certificate signed with the old root CA key, is provided, and verifying its signature is crucial for transferring the trust from the old CA key to the new one. The 'id-it-rootCaKeyUpdate' messages are expected to be processed with OSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the 'newWithOld' certificate. A typo in the certificate chain building code led to adding an incorrect certificate ('newWithOld' instead of 'oldRoot') to the certificate chain, rendering the certificate verification process ineffectual (only the issuer name and the algorithm OIDs were verified by other parts of the verification code). An attacker who already has credentials that satisfy the CMP message protection checks can generate a new key pair and use a crafted self-signed certificate in its 'id-it-rootCaKeyUpdate' CMP messages which affected CMP clients would accept as a new trust anchor. Significant preconditions for the attack (having valid RA-level credentials) are the reason the issue was assigned Low severity. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42770", "url": "https://ubuntu.com/security/CVE-2026-42770", "cve_description": "Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r (a small prime factor of the cofactor (p−1)/q_local), and a public value Y of order r can recover the victim's private key after a small number of key exchange attempts. When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the subgroup membership check Y^q ≡ 1 (mod p) is performed using the peer's own q parameter, not the local key's q. The peer's domain parameters are then matched against the domain parameters of the private key, but the value of q is not compared. A malicious peer who presents an X9.42 key carrying the victim's p, g, a forged q = r (a small prime factor of the cofactor), and a public value Y of order r passes all checks. The shared secret then takes only r distinct values, leaking priv mod r. Repeating for each small-prime factor of the cofactor and combining via CRT recovers the full private key (Lim–Lee / small-subgroup-confinement attack). The realistic attack surface is narrow: principally CMP deployments with long-lived RA/CA DHX keys and bespoke enterprise or government applications using X9.42 DHX static keys with interactive protocols and therefore this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45445", "url": "https://ubuntu.com/security/CVE-2026-45445", "cve_description": "Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV supplied by the caller, resulting in (key, nonce) reuse and loss of confidentiality. If the same code path is used to compute the authentication tag, the tag depends only on the (key, IV) pair and not on the plaintext or ciphertext, allowing universal forgery of arbitrary ciphertext from a single captured message. OpenSSL provides two ways to drive a cipher: the documented streaming interface (EVP_CipherUpdate / EVP_CipherFinal_ex) and a lower-level one-shot, EVP_Cipher(), whose documentation explicitly recommends against use by applications in favour of EVP_CipherUpdate() and EVP_CipherFinal_ex(). The OCB provider's streaming handler flushes the application-supplied IV into the OCB context before processing data; the one-shot handler did not. Every call to EVP_Cipher() on an AES-OCB context therefore ran with the all-zero key-derived offset state left by cipher initialisation, regardless of the caller's IV. If EVP_EncryptFinal_ex() is subsequently used to obtain the authentication tag, the deferred IV setup runs at that point and clears the running checksum that should have been accumulated over the plaintext. The resulting tag is a function of (key, IV) only and verifies against any ciphertext produced under the same (key, IV) pair. The OpenSSL SSL/TLS implementation is not affected: AES-OCB is not a TLS cipher suite, and libssl does not call EVP_Cipher() in any case. Applications that drive AES-OCB through the documented streaming AEAD API (EVP_CipherUpdate / EVP_CipherFinal_ex) are not affected. Only applications that combine the AES-OCB cipher with the EVP_Cipher() one-shot API are vulnerable. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as AES-OCB is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45446", "url": "https://ubuntu.com/security/CVE-2026-45446", "cve_description": "Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's application using these ciphers. AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD modes: they accept a key, nonce, optional AAD (bytes that are authenticated but not encrypted), and plaintext, and produces ciphertext plus a 16-byte tag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only if the tag is verified succesfully. In OpenSSL's provider implementation of these ciphers, the expected tag is computed only when decryption function is invoked with non-empty data. If the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without invocation of the ciphertext update, which can happen when the received ciphertext length is zero, the tag is never recalculated and still holds its all-zeros value. When AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty ciphertext, and all-zeros tag passes authentication under any key they do not know, single-shot. When AES-SIV is used, for mounting the attack it's necessary for the application to reuse the decryption context without resetting the key. AES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since OpenSSL 3.2. No protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support either AES-GCM-SIV or AES-SIV. To mount an attack, the applications must implement their own protocol and use the EVP interface. Also they must skip the ciphertext update when a message with an empty ciphertext arrives. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as these algorithms are not FIPS approved and the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45447", "url": "https://ubuntu.com/security/CVE-2026-45447", "cve_description": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME signed message, if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent use of the BIO by the calling application results in a use-after-free condition. In the common case this occurs when the application later calls BIO_free() on the BIO originally passed to PKCS7_verify(). Depending on allocator behavior and application-specific BIO usage patterns, this may result in a crash or other memory corruption. In some application contexts this may potentially be exploitable for remote code execution. Applications that process PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs may be affected. Applications using the CMS APIs for this processing are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "high", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-7383", "url": "https://ubuntu.com/security/CVE-2026-7383", "cve_description": "Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination size for Unicode output is computed in a signed int: by left shift of the input character count for BMPSTRING (UTF-16) and UNIVERSALSTRING (UTF-32), and by summing per-character byte counts for UTF8STRING. The calculation overflows when the input reaches around 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30 characters) the size wraps to zero, OPENSSL_malloc(1) is called, and the subsequent character copy writes several gigabytes past the one-byte allocation. X.509 certificate processing routes through ASN1_STRING_set_by_NID(), whose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID size limits cap the input length; no network protocol or certificate-handling path in OpenSSL exercises the overflow. Triggering the bug requires an application that calls ASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers a custom string type via ASN1_STRING_TABLE_add(), with attacker-controlled input on the order of half a gigabyte or more. For these reasons this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-9076", "url": "https://ubuntu.com/security/CVE-2026-9076", "cve_description": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer over-read may trigger a crash which leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not revealed to the attacker. The key unwrapping function performs a check-byte test as specified in the RFC that reads 7 bytes from a heap allocation that is based on the wrapped key length from the message. There is a minimum length check based on the block length of the wrapping cipher. However the cipher is selected from an OID carried in the attacker's PWRI keyEncryptionAlgorithm with no requirement that the cipher be a block cipher. When an attacker selects a stream-mode cipher the guard will be ineffective and the allocated buffer containing the unwrapped key can be too small to fit the check-bytes specified in the RFC and a buffer over-read can happen. Applications calling CMS_decrypt() or CMS_decrypt_set1_password() (equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS data are vulnerable to this issue. No password knowledge is required: the over-read happens during the unwrap attempt before any authentication succeeds. The over-read is limited to a few bytes and is not written to output, so there is no information disclosure. Triggering a crash requires the allocation to border unmapped memory, which is unlikely with the normal allocator. The FIPS modules are not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Heap Buffer Over-read in ASN.1 Content Parsing", " - debian/patches/CVE-2026-34180.patch: Avoid length truncation in", " ASN1_STRING_set in crypto/asn1/tasn_dec.c.", " - CVE-2026-34180", " * SECURITY UPDATE: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys", " - debian/patches/CVE-2026-34181.patch: pkcs12: verify that the pbmac1 key", " length is safe in crypto/pkcs12/p12_mutl.c.", " - CVE-2026-34181", " * SECURITY UPDATE: CMS AuthEnvelopedData Processing May Accept Forged Messages", " - debian/patches/CVE-2026-34182-1.patch: Reject potentially forged encrypted", " CMS AuthEnvelopedData messages in crypto/cms/cms_enc.c.", " - debian/patches/CVE-2026-34182-2.patch: Add tests for CVE-2026-34182 in", " test/cmsapitest.c.", " - CVE-2026-34182", " * SECURITY UPDATE: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler", " - debian/patches/CVE-2026-34183-1.patch: QUIC stack must limit the number of", " PATH_CHALLENGE frames processed in RX in include/internal/quic_cfq.h,", " include/internal/quic_channel.h, include/internal/quic_fifd.h,", " ssl/quic/quic_cfq.c, ssl/quic/quic_channel.c,", " ssl/quic/quic_channel_local.h, ssl/quic/quic_fifd.c,", " ssl/quic/quic_rx_depack.c, ssl/quic/quic_txp.c.", " - debian/patches/CVE-2026-34183-2.patch: Add test for path challenge flood", " mitigation in include/internal/quic_channel.h, ssl/quic/quic_channel.c,", " ssl/quic/quic_channel_local.h, ssl/quic/quic_rx_depack.c,", " test/radix/quic_tests.c.", " - CVE-2026-34183", " * SECURITY UPDATE: NULL pointer dereference in QUIC server initial packet", " handling", " - debian/patches/CVE-2026-42764.patch: Fix NULL dereference in QUIC address", " validation in ssl/quic/quic_port.c.", " - CVE-2026-42764", " * SECURITY UPDATE: Possible NULL Dereference in Password-Based CMS Decryption", " - debian/patches/CVE-2026-42766.patch: Fix potential NULL dereference", " processing CMS PasswordRecipientInfo in crypto/cms/cms_pwri.c.", " - CVE-2026-42766", " * SECURITY UPDATE: NULL Pointer Dereference in CRMF EncryptedValue Decryption", " - debian/patches/CVE-2026-42767.patch: Fix potential NULL dereference in", " OSSL_CRMF_ENCRYPTEDVALUE_decrypt() in crypto/crmf/crmf_lib.c.", " - CVE-2026-42767", " * SECURITY UPDATE: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt()", " and PKCS7_decrypt()", " - debian/patches/CVE-2026-42768.patch: Enforce implicit rejection for", " CMS/PKCS#7 decryption in crypto/cms/cms_env.c, crypto/pkcs7/pk7_doit.c,", " doc/man3/CMS_decrypt.pod, doc/man3/PKCS7_decrypt.pod.", " - CVE-2026-42768", " * SECURITY UPDATE: Trust-Anchor Substitution via cert/issuer Typo in CMP", " rootCaKeyUpdate", " - debian/patches/CVE-2026-42769.patch: Use the correct issuer when", " validating rootCAKeyUpdate in crypto/cmp/cmp_genm.c.", " - CVE-2026-42769", " * SECURITY UPDATE: FFC-DH Peer Validation Uses Attacker-Supplied q", " - debian/patches/CVE-2026-42770.patch: Match the local q DHX parameter", " against the peer's q in providers/implementations/exchange/dh_exch.c.", " - CVE-2026-42770", " * SECURITY UPDATE: AES-OCB IV Ignored on EVP_Cipher() Path", " - debian/patches/CVE-2026-45445.patch: Apply the buffered IV on the AES-OCB", " EVP_Cipher() path in providers/implementations/ciphers/cipher_aes_ocb.c,", " test/evp_extra_test.c.", " - CVE-2026-45445", " * SECURITY UPDATE: Incorrect Tag Processing for Empty Messages in", " AES-GCM-SIV and AES-SIV modes", " - debian/patches/CVE-2026-45446.patch: Fix handling of empty-ciphertext", " messages in AES-GCM-SIV and AES-SIV in", " providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c,", " providers/implementations/ciphers/cipher_aes_siv.c, test/evp_extra_test.c.", " - CVE-2026-45446", " * SECURITY UPDATE: Heap Use-After-Free in OpenSSL PKCS7_verify()", " - debian/patches/CVE-2026-45447-1.patch: Fix possible use-after-free in", " OpenSSL PKCS7_verify() in crypto/pkcs7/pk7_smime.c.", " - debian/patches/CVE-2026-45447-2.patch: Test for CVE-2026-45447 (UAF in", " PKCS7_verify) in test/recipes/80-test_cms.t, test/smime-eml/pkcs7-empty-", " digest-set.eml.", " - CVE-2026-45447", " * SECURITY UPDATE: Possible Heap Buffer Overflow in ASN.1 Multibyte String", " Conversion", " - debian/patches/CVE-2026-7383.patch: Reject oversized inputs in", " ASN1_mbstring_ncopy() in crypto/asn1/a_mbstr.c.", " - CVE-2026-7383", " * SECURITY UPDATE: Out-of-Bounds Read in CMS Password-Based Decryption", " - debian/patches/CVE-2026-9076.patch: cms: kek_unwrap_key: Fix out-of-", " bounds read in check-byte validation in crypto/cms/cms_pwri.c.", " - CVE-2026-9076", " * Fix ppc64 FTBFS because of incorrect regex match (LP: 2137464)", " - debian/patches/regex_match_ecp_nistp521-ppc64.patch: removed,", " incomplete version.", " - debian/patches/fix_ppc64_regex_match.patch: match last filename for", " output in ecp_nistp*-ppc64.pl.", "" ], "package": "openssl", "version": "3.5.5-1ubuntu3.2", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 02 Jun 2026 13:21:36 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-headers-generic", "from_version": { "source_package_name": "linux-meta", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [], "launchpad_bugs_fixed": [ 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 7.0.0-22.22", "" ], "package": "linux-meta", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:42:10 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-20.20", "" ], "package": "linux-meta", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 23:04:12 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-19.19", "" ], "package": "linux-meta", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:38:56 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-18.18", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/dkms-versions -- resync from main package", "" ], "package": "linux-meta", "version": "7.0.0-18.18", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Edoardo Canepa ", "date": "Fri, 08 May 2026 23:34:15 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-17.17", "" ], "package": "linux-meta", "version": "7.0.0-17.17", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Tue, 05 May 2026 16:54:03 +0300" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-16.16", "" ], "package": "linux-meta", "version": "7.0.0-16.16", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Thu, 30 Apr 2026 23:57:01 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-headers-virtual", "from_version": { "source_package_name": "linux-meta", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [], "launchpad_bugs_fixed": [ 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 7.0.0-22.22", "" ], "package": "linux-meta", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:42:10 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-20.20", "" ], "package": "linux-meta", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 23:04:12 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-19.19", "" ], "package": "linux-meta", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:38:56 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-18.18", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/dkms-versions -- resync from main package", "" ], "package": "linux-meta", "version": "7.0.0-18.18", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Edoardo Canepa ", "date": "Fri, 08 May 2026 23:34:15 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-17.17", "" ], "package": "linux-meta", "version": "7.0.0-17.17", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Tue, 05 May 2026 16:54:03 +0300" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-16.16", "" ], "package": "linux-meta", "version": "7.0.0-16.16", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Thu, 30 Apr 2026 23:57:01 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-virtual", "from_version": { "source_package_name": "linux-meta", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [], "launchpad_bugs_fixed": [ 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 7.0.0-22.22", "" ], "package": "linux-meta", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:42:10 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-20.20", "" ], "package": "linux-meta", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 23:04:12 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-19.19", "" ], "package": "linux-meta", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:38:56 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-18.18", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/dkms-versions -- resync from main package", "" ], "package": "linux-meta", "version": "7.0.0-18.18", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Edoardo Canepa ", "date": "Fri, 08 May 2026 23:34:15 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-17.17", "" ], "package": "linux-meta", "version": "7.0.0-17.17", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Tue, 05 May 2026 16:54:03 +0300" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-16.16", "" ], "package": "linux-meta", "version": "7.0.0-16.16", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Thu, 30 Apr 2026 23:57:01 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-libc-dev:ppc64el", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": "linux", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "launchpad_bugs_fixed": [ 2154172, 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747, 2153786, 1786013, 2153962 ], "changes": [ { "cves": [], "log": [ "", " * GRO managed-frag use-after-free leading to local privilege escalation", " (LP: #2154172)", " - net: gro: don't merge zcopy skbs", "" ], "package": "linux", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2154172 ], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:41:37 +0200" }, { "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" } ], "log": [ "", " * apparmor (LP: #2151747)", " - SAUCE: apparmor: pass big_resp to handler", " - SAUCE: apparmor: remove redundant kref_init for listener->count", " - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb", "", " * apparmor (LP: #2151747) // CVE-2026-47337", " - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr", "", " * apparmor (LP: #2151747) // CVE-2026-47334", " - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock", "", " * apparmor (LP: #2151747) // CVE-2026-47333", " - SAUCE: apparmor: fix dfa unpacking size of the notification filter", "", " * apparmor (LP: #2151747) // CVE-2026-47332", " - SAUCE: apparmor: fix size check against type instead of pointer", "", " * apparmor: LLVM/clang build failure due to uninitialized variable in", " notify.c (LP: #2148809) // CVE-2026-47330", " - SAUCE: apparmor: initialize variable used in uninitialized context", "", " * apparmor (LP: #2151747) // CVE-2026-47329", " - SAUCE: apparmor: fix name validation bypass on notification", "", " * apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328", " - SAUCE: apparmor: fix glob memory leak after kstrdup", "", " * apparmor (LP: #2151747) // CVE-2026-47326", " - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer", "" ], "package": "linux", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 22:58:06 +0200" }, { "cves": [ { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "log": [ "", " * resolute/linux: 7.0.0-19.19 -proposed tracker (LP: #2153786)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update annotations scripts", " - [Packaging] debian.master/dkms-versions -- remove dkms-versions", " (main/s2026.05.11)", "", " * CVE-2026-46300", " - net: skbuff: preserve shared-frag marker during coalescing", " - net: skbuff: propagate shared-frag marker through frag-transfer helpers", "", " * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)", " - net/rds: reset op_nents when zerocopy page pin fails", "", " * CVE-2026-46333", " - ptrace: slightly saner 'get_dumpable()' logic", "", " * CVE-2026-43500", " - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets", " - rxrpc: Fix potential UAF after skb_unshare() failure", " - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets", " - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present", "", " * CVE-2026-43284", " - xfrm: esp: avoid in-place decrypt on shared skb frags", "" ], "package": "linux", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2153786, 1786013, 2153962 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:12:08 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-perf", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": "linux", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "launchpad_bugs_fixed": [ 2154172, 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747, 2153786, 1786013, 2153962 ], "changes": [ { "cves": [], "log": [ "", " * GRO managed-frag use-after-free leading to local privilege escalation", " (LP: #2154172)", " - net: gro: don't merge zcopy skbs", "" ], "package": "linux", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2154172 ], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:41:37 +0200" }, { "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" } ], "log": [ "", " * apparmor (LP: #2151747)", " - SAUCE: apparmor: pass big_resp to handler", " - SAUCE: apparmor: remove redundant kref_init for listener->count", " - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb", "", " * apparmor (LP: #2151747) // CVE-2026-47337", " - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr", "", " * apparmor (LP: #2151747) // CVE-2026-47334", " - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock", "", " * apparmor (LP: #2151747) // CVE-2026-47333", " - SAUCE: apparmor: fix dfa unpacking size of the notification filter", "", " * apparmor (LP: #2151747) // CVE-2026-47332", " - SAUCE: apparmor: fix size check against type instead of pointer", "", " * apparmor: LLVM/clang build failure due to uninitialized variable in", " notify.c (LP: #2148809) // CVE-2026-47330", " - SAUCE: apparmor: initialize variable used in uninitialized context", "", " * apparmor (LP: #2151747) // CVE-2026-47329", " - SAUCE: apparmor: fix name validation bypass on notification", "", " * apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328", " - SAUCE: apparmor: fix glob memory leak after kstrdup", "", " * apparmor (LP: #2151747) // CVE-2026-47326", " - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer", "" ], "package": "linux", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 22:58:06 +0200" }, { "cves": [ { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "log": [ "", " * resolute/linux: 7.0.0-19.19 -proposed tracker (LP: #2153786)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update annotations scripts", " - [Packaging] debian.master/dkms-versions -- remove dkms-versions", " (main/s2026.05.11)", "", " * CVE-2026-46300", " - net: skbuff: preserve shared-frag marker during coalescing", " - net: skbuff: propagate shared-frag marker through frag-transfer helpers", "", " * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)", " - net/rds: reset op_nents when zerocopy page pin fails", "", " * CVE-2026-46333", " - ptrace: slightly saner 'get_dumpable()' logic", "", " * CVE-2026-43500", " - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets", " - rxrpc: Fix potential UAF after skb_unshare() failure", " - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets", " - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present", "", " * CVE-2026-43284", " - xfrm: esp: avoid in-place decrypt on shared skb frags", "" ], "package": "linux", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2153786, 1786013, 2153962 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:12:08 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-tools-common", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": "linux", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "launchpad_bugs_fixed": [ 2154172, 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747, 2153786, 1786013, 2153962 ], "changes": [ { "cves": [], "log": [ "", " * GRO managed-frag use-after-free leading to local privilege escalation", " (LP: #2154172)", " - net: gro: don't merge zcopy skbs", "" ], "package": "linux", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2154172 ], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:41:37 +0200" }, { "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" } ], "log": [ "", " * apparmor (LP: #2151747)", " - SAUCE: apparmor: pass big_resp to handler", " - SAUCE: apparmor: remove redundant kref_init for listener->count", " - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb", "", " * apparmor (LP: #2151747) // CVE-2026-47337", " - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr", "", " * apparmor (LP: #2151747) // CVE-2026-47334", " - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock", "", " * apparmor (LP: #2151747) // CVE-2026-47333", " - SAUCE: apparmor: fix dfa unpacking size of the notification filter", "", " * apparmor (LP: #2151747) // CVE-2026-47332", " - SAUCE: apparmor: fix size check against type instead of pointer", "", " * apparmor: LLVM/clang build failure due to uninitialized variable in", " notify.c (LP: #2148809) // CVE-2026-47330", " - SAUCE: apparmor: initialize variable used in uninitialized context", "", " * apparmor (LP: #2151747) // CVE-2026-47329", " - SAUCE: apparmor: fix name validation bypass on notification", "", " * apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328", " - SAUCE: apparmor: fix glob memory leak after kstrdup", "", " * apparmor (LP: #2151747) // CVE-2026-47326", " - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer", "" ], "package": "linux", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 22:58:06 +0200" }, { "cves": [ { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "log": [ "", " * resolute/linux: 7.0.0-19.19 -proposed tracker (LP: #2153786)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update annotations scripts", " - [Packaging] debian.master/dkms-versions -- remove dkms-versions", " (main/s2026.05.11)", "", " * CVE-2026-46300", " - net: skbuff: preserve shared-frag marker during coalescing", " - net: skbuff: propagate shared-frag marker through frag-transfer helpers", "", " * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)", " - net/rds: reset op_nents when zerocopy page pin fails", "", " * CVE-2026-46333", " - ptrace: slightly saner 'get_dumpable()' logic", "", " * CVE-2026-43500", " - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets", " - rxrpc: Fix potential UAF after skb_unshare() failure", " - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets", " - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present", "", " * CVE-2026-43284", " - xfrm: esp: avoid in-place decrypt on shared skb frags", "" ], "package": "linux", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2153786, 1786013, 2153962 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:12:08 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "linux-virtual", "from_version": { "source_package_name": "linux-meta", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": "linux-meta", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [], "launchpad_bugs_fixed": [ 1786013 ], "changes": [ { "cves": [], "log": [ "", " * Main version: 7.0.0-22.22", "" ], "package": "linux-meta", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:42:10 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-20.20", "" ], "package": "linux-meta", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 23:04:12 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-19.19", "" ], "package": "linux-meta", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:38:56 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-18.18", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/dkms-versions -- resync from main package", "" ], "package": "linux-meta", "version": "7.0.0-18.18", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Edoardo Canepa ", "date": "Fri, 08 May 2026 23:34:15 +0200" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-17.17", "" ], "package": "linux-meta", "version": "7.0.0-17.17", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Tue, 05 May 2026 16:54:03 +0300" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-16.16", "" ], "package": "linux-meta", "version": "7.0.0-16.16", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Thu, 30 Apr 2026 23:57:01 +0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "nano", "from_version": { "source_package_name": "nano", "source_package_version": "8.7.1-1", "version": "8.7.1-1" }, "to_version": { "source_package_name": "nano", "source_package_version": "8.7.1-1ubuntu0.1", "version": "8.7.1-1ubuntu0.1" }, "cves": [ { "cve": "CVE-2026-6842", "url": "https://ubuntu.com/security/CVE-2026-6842", "cve_description": "A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions (0777 instead of 0700) for the `~/.local` directory. This allows the attacker to inject a malicious `.desktop` launcher, which could lead to unintended actions or information disclosure if the launcher is subsequently processed.", "cve_priority": "medium", "cve_public_date": "2026-04-22 08:16:00 UTC" }, { "cve": "CVE-2026-6843", "url": "https://ubuntu.com/security/CVE-2026-6843", "cve_description": "A flaw was found in nano. A local user could exploit a format string vulnerability in the `statusline()` function. By creating a directory with a name containing `printf` specifiers, the application attempts to display this name, leading to a segmentation fault (SEGV). This results in a Denial of Service (DoS) for the `nano` application.", "cve_priority": "medium", "cve_public_date": "2026-04-22 09:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-6842", "url": "https://ubuntu.com/security/CVE-2026-6842", "cve_description": "A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions (0777 instead of 0700) for the `~/.local` directory. This allows the attacker to inject a malicious `.desktop` launcher, which could lead to unintended actions or information disclosure if the launcher is subsequently processed.", "cve_priority": "medium", "cve_public_date": "2026-04-22 08:16:00 UTC" }, { "cve": "CVE-2026-6843", "url": "https://ubuntu.com/security/CVE-2026-6843", "cve_description": "A flaw was found in nano. A local user could exploit a format string vulnerability in the `statusline()` function. By creating a directory with a name containing `printf` specifiers, the application attempts to display this name, leading to a segmentation fault (SEGV). This results in a Denial of Service (DoS) for the `nano` application.", "cve_priority": "medium", "cve_public_date": "2026-04-22 09:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Incorrect permission assignment.", " - debian/patches/CVE-2026-6842.patch: Create ~/.local with correct", " permissions in src/history.c.", " - CVE-2026-6842", " * SECURITY UPDATE: Denial of service in redecorate_after_switch", " - debian/patches/CVE-2026-6843.patch: Escape error message to avoid", " content being interpreted as format specifiers in src/files.c", " - CVE-2026-6843", "" ], "package": "nano", "version": "8.7.1-1ubuntu0.1", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Wed, 03 Jun 2026 16:46:19 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssl", "from_version": { "source_package_name": "openssl", "source_package_version": "3.5.5-1ubuntu3", "version": "3.5.5-1ubuntu3" }, "to_version": { "source_package_name": "openssl", "source_package_version": "3.5.5-1ubuntu3.2", "version": "3.5.5-1ubuntu3.2" }, "cves": [ { "cve": "CVE-2026-34180", "url": "https://ubuntu.com/security/CVE-2026-34180", "cve_description": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application (Denial of Service) or to load into the decoded ASN.1 object contents of memory beyond the end of the input buffer. More typically such ASN.1 elements would instead be truncated. An integer truncation in OpenSSL's ASN.1 decoder causes the content length of an ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the worst case the truncated length is treated as a request to scan the binary content for a terminating zero byte, possibly causing OpenSSL to read either less than or beyond the end of the allocated buffer. Applications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or any other d2i_* decoding function are affected. OpenSSL's own command-line tools are not vulnerable, as data read through the BIO layer is checked before it reaches the affected code. The issue only affects 64-bit Unix and Unix-like platforms; 32-bit platforms and 64-bit Windows are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34181", "url": "https://ubuntu.com/security/CVE-2026-34181", "cve_description": "Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certificate and private key forgery. Impact Summary: An attacker impersonating a user can cause a service reading PKCS#12 files to accept forged certificates and private keys with a 1 in 256 probability. If a service accepting PKCS#12 files is using passwords for authenticating the received files, the attacker can create unencrypted PKCS#12 files that use PBMAC1 authentication that specifies an HMAC key of only one byte, allowing them to craft a file that will be accepted with a 1 in 256 probability. That would then cause the service to accept a certificate and private key controlled by the attacker. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34182", "url": "https://ubuntu.com/security/CVE-2026-34182", "cve_description": "Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers making use of these vulnerabilities may achieve key-equivalent functionality for a given CMS recipient and/or bypass integrity validation for a given message. In one use case, an attacker may send a CMS message containing AuthEnvelopedData with the cipher specified as a non-AEAD cipher. OpenSSL erroneously allows this selection, and attempts to decrypt and validate the message. An on-path attacker who captures one legitimate AES-GCM AuthEnvelopedData addressed to the victim can re-emit it with the recipientInfos set left byte-for-byte intact, so the victim's private key still unwraps the genuine CEK (the content-encryption key), but with the inner OID rewritten to AES-256-OFB (Output Feedback Mode, an unauthenticated keystream mode) and with an attacker-chosen IV and ciphertext. The victim initializes AES-256-OFB under the real CEK, never consults the MAC field, and CMS_decrypt() returns success. If the application under attack responds to the attacker with any indicator showing success or failure of the decryption effort, it is possible for the attacker to use this as an oracle to obtain key equivalent functionality for the CEK used for the chosen recipient of the message. In another use case, an attacker can reduce the tag length of the chosen AEAD cipher for a given AuthEnvelopedData container to be a single byte long, allowing an attacker to brute force CMS decryption, producing an integrity bypass for applications that trust CMS_decrypt() to reject modified content. The FIPS modules are not affected by this issue.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34183", "url": "https://ubuntu.com/security/CVE-2026-34183", "cve_description": "Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QUIC client or server and a Denial of Service. A remote peer may exhaust heap memory by flooding the local QUIC stack with PATH_CHALLENGE frames. The local QUIC stack allocates a PATH_RESPONSE frame for every PATH_CHALLENGE it receives. The allocated PATH_RESPONSE frame gets freed only when the remote peer acknowledges reception of the PATH_RESPONSE frame which will not be done by a malicious peer. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue. The QUIC stack is outside of OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42764", "url": "https://ubuntu.com/security/CVE-2026-42764", "cve_description": "Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial of Service. If the address validation is disabled in the OpenSSL QUIC server implementation, an attacker can crash the server by sending an initial packet with an invalid or expired token. By default, the client address validation is enabled in the OpenSSL QUIC server implementation, which makes the default configuration not vulnerable to this issue. However if the SSL_LISTENER_FLAG_NO_VALIDATE is used with the SSL_new_listener() call, the address validation is disabled making the vulnerable code reachable. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42766", "url": "https://ubuntu.com/security/CVE-2026-42766", "cve_description": "Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as OPTIONAL in the ASN.1 specification and may therefore be absent in specially crafted inputs. During the password-based CMS decryption the OpenSSL CMS implementation dereferences this field without first checking whether it was present. An attacker who supplies such a CMS message to an application performing password-based CMS decryption can trigger an application crash, leading to a Denial of Service. Applications that process password-encrypted CMS messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42767", "url": "https://ubuntu.com/security/CVE-2026-42767", "cve_description": "Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server (or acting as a man-in-the-middle) could craft a CMP response containing a CRMF (Certificate Request Message Format) CertRepMessage with an EncryptedValue structure where the symmAlg field has an algorithm OID but no parameters field. When the OpenSSL CMP client processes this response, the NULL dereference occurs, causing a crash of the CMP client. Applications that process untrusted CMP/CRMF messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42768", "url": "https://ubuntu.com/security/CVE-2026-42768", "cve_description": "Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and observe the error code and/or decryption output. Impact summary: The Bleichenbacher-style attack allows an attacker to use the victim's vulnerable application as a way to decrypt or sign messages with the victim's private RSA key. The attack is possible in 2 variants. 1. The decryption API (CMS_decrypt(), PKCS7_decrypt()) is used without providing the recipient certificate. In this case OpenSSL iterates over every KeyTransRecipientInfo (KTRI) without stopping at the first success. An attacker who authors a message with two KTRI entries — the first one wrapping a real CEK under the victim's public key, the second with an arbitrary probe ciphertext — obtains opportunity to iterate the 2nd KTRI to get a valid PKCS#1 v1.5 padding if the error code of the application is available. That is a Bleichenbacher oracle (Bleichenbacher, CRYPTO '98): an adaptive-chosen-ciphertext side channel from which the attacker decrypts any RSA ciphertext to the victim's key or forges any PKCS#1 v1.5 signature under it. 2. When the decryption API (CMS_decrypt(), PKCS7_decrypt()) is provided with the recipient certificate, and the recipient is not found, a random key is substituted. An attacker who authors a message and is able to compare both error code and the result of the decryption, can mount a Bleichenbacher oracle. We are not aware of any applications that provide a remote attacker an opportunity to mount an attack described in these scenarios. We consider the existence of such application very unlikely, and for this reason this CVE has been evaluated as Low severity. To avoid these attacks, when RSA PKCS#1 v1.5 Key Transport is in use, the invoked EVP_PKEY_decrypt() will use the implicit rejection mechanism described in draft-irtf-cfrg-rsa-guidance. In previous OpenSSL releases the implicit rejection was explicitly disabled. The implicit rejection mechanism always returns a plaintext value, the symmetric key. This result is deterministic for the ciphertext and the private key. The length of the decryption result can happen to match the length of the key of the symmetric cipher that was used for the content encryption. When a certificate is not provided, the last RecipientInfo producing a key that looks valid will be used. It may cause getting garbage content on decryption. As a proper way to deal with this a recipient certificate has to be provided to identify the particular RecipientInfo for decryption. The FIPS modules in 4.0, 3.6, 3.5, and 3.4 are not affected by this issue, as CMS and S/MIME processing happens outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42769", "url": "https://ubuntu.com/security/CVE-2026-42769", "cve_description": "Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority (RA) level to the root Certification Authority (root CA) level. Impact Summary: The Registration Autority could replace the root CA certificate for the CMP clients with an arbitrary root CA certificate. One of the parts of the Certificate Management Protocol (CMP), specified in RFC 9810, is Root Certification Authority (root CA) key Rollover, which is sent by the server in a message with type 'id-it-rootCaKeyUpdate'. As part of these messages, 'newWithOld' certificate, the new root CA certificate signed with the old root CA key, is provided, and verifying its signature is crucial for transferring the trust from the old CA key to the new one. The 'id-it-rootCaKeyUpdate' messages are expected to be processed with OSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the 'newWithOld' certificate. A typo in the certificate chain building code led to adding an incorrect certificate ('newWithOld' instead of 'oldRoot') to the certificate chain, rendering the certificate verification process ineffectual (only the issuer name and the algorithm OIDs were verified by other parts of the verification code). An attacker who already has credentials that satisfy the CMP message protection checks can generate a new key pair and use a crafted self-signed certificate in its 'id-it-rootCaKeyUpdate' CMP messages which affected CMP clients would accept as a new trust anchor. Significant preconditions for the attack (having valid RA-level credentials) are the reason the issue was assigned Low severity. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42770", "url": "https://ubuntu.com/security/CVE-2026-42770", "cve_description": "Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r (a small prime factor of the cofactor (p−1)/q_local), and a public value Y of order r can recover the victim's private key after a small number of key exchange attempts. When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the subgroup membership check Y^q ≡ 1 (mod p) is performed using the peer's own q parameter, not the local key's q. The peer's domain parameters are then matched against the domain parameters of the private key, but the value of q is not compared. A malicious peer who presents an X9.42 key carrying the victim's p, g, a forged q = r (a small prime factor of the cofactor), and a public value Y of order r passes all checks. The shared secret then takes only r distinct values, leaking priv mod r. Repeating for each small-prime factor of the cofactor and combining via CRT recovers the full private key (Lim–Lee / small-subgroup-confinement attack). The realistic attack surface is narrow: principally CMP deployments with long-lived RA/CA DHX keys and bespoke enterprise or government applications using X9.42 DHX static keys with interactive protocols and therefore this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45445", "url": "https://ubuntu.com/security/CVE-2026-45445", "cve_description": "Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV supplied by the caller, resulting in (key, nonce) reuse and loss of confidentiality. If the same code path is used to compute the authentication tag, the tag depends only on the (key, IV) pair and not on the plaintext or ciphertext, allowing universal forgery of arbitrary ciphertext from a single captured message. OpenSSL provides two ways to drive a cipher: the documented streaming interface (EVP_CipherUpdate / EVP_CipherFinal_ex) and a lower-level one-shot, EVP_Cipher(), whose documentation explicitly recommends against use by applications in favour of EVP_CipherUpdate() and EVP_CipherFinal_ex(). The OCB provider's streaming handler flushes the application-supplied IV into the OCB context before processing data; the one-shot handler did not. Every call to EVP_Cipher() on an AES-OCB context therefore ran with the all-zero key-derived offset state left by cipher initialisation, regardless of the caller's IV. If EVP_EncryptFinal_ex() is subsequently used to obtain the authentication tag, the deferred IV setup runs at that point and clears the running checksum that should have been accumulated over the plaintext. The resulting tag is a function of (key, IV) only and verifies against any ciphertext produced under the same (key, IV) pair. The OpenSSL SSL/TLS implementation is not affected: AES-OCB is not a TLS cipher suite, and libssl does not call EVP_Cipher() in any case. Applications that drive AES-OCB through the documented streaming AEAD API (EVP_CipherUpdate / EVP_CipherFinal_ex) are not affected. Only applications that combine the AES-OCB cipher with the EVP_Cipher() one-shot API are vulnerable. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as AES-OCB is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45446", "url": "https://ubuntu.com/security/CVE-2026-45446", "cve_description": "Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's application using these ciphers. AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD modes: they accept a key, nonce, optional AAD (bytes that are authenticated but not encrypted), and plaintext, and produces ciphertext plus a 16-byte tag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only if the tag is verified succesfully. In OpenSSL's provider implementation of these ciphers, the expected tag is computed only when decryption function is invoked with non-empty data. If the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without invocation of the ciphertext update, which can happen when the received ciphertext length is zero, the tag is never recalculated and still holds its all-zeros value. When AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty ciphertext, and all-zeros tag passes authentication under any key they do not know, single-shot. When AES-SIV is used, for mounting the attack it's necessary for the application to reuse the decryption context without resetting the key. AES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since OpenSSL 3.2. No protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support either AES-GCM-SIV or AES-SIV. To mount an attack, the applications must implement their own protocol and use the EVP interface. Also they must skip the ciphertext update when a message with an empty ciphertext arrives. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as these algorithms are not FIPS approved and the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45447", "url": "https://ubuntu.com/security/CVE-2026-45447", "cve_description": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME signed message, if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent use of the BIO by the calling application results in a use-after-free condition. In the common case this occurs when the application later calls BIO_free() on the BIO originally passed to PKCS7_verify(). Depending on allocator behavior and application-specific BIO usage patterns, this may result in a crash or other memory corruption. In some application contexts this may potentially be exploitable for remote code execution. Applications that process PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs may be affected. Applications using the CMS APIs for this processing are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "high", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-7383", "url": "https://ubuntu.com/security/CVE-2026-7383", "cve_description": "Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination size for Unicode output is computed in a signed int: by left shift of the input character count for BMPSTRING (UTF-16) and UNIVERSALSTRING (UTF-32), and by summing per-character byte counts for UTF8STRING. The calculation overflows when the input reaches around 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30 characters) the size wraps to zero, OPENSSL_malloc(1) is called, and the subsequent character copy writes several gigabytes past the one-byte allocation. X.509 certificate processing routes through ASN1_STRING_set_by_NID(), whose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID size limits cap the input length; no network protocol or certificate-handling path in OpenSSL exercises the overflow. Triggering the bug requires an application that calls ASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers a custom string type via ASN1_STRING_TABLE_add(), with attacker-controlled input on the order of half a gigabyte or more. For these reasons this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-9076", "url": "https://ubuntu.com/security/CVE-2026-9076", "cve_description": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer over-read may trigger a crash which leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not revealed to the attacker. The key unwrapping function performs a check-byte test as specified in the RFC that reads 7 bytes from a heap allocation that is based on the wrapped key length from the message. There is a minimum length check based on the block length of the wrapping cipher. However the cipher is selected from an OID carried in the attacker's PWRI keyEncryptionAlgorithm with no requirement that the cipher be a block cipher. When an attacker selects a stream-mode cipher the guard will be ineffective and the allocated buffer containing the unwrapped key can be too small to fit the check-bytes specified in the RFC and a buffer over-read can happen. Applications calling CMS_decrypt() or CMS_decrypt_set1_password() (equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS data are vulnerable to this issue. No password knowledge is required: the over-read happens during the unwrap attempt before any authentication succeeds. The over-read is limited to a few bytes and is not written to output, so there is no information disclosure. Triggering a crash requires the allocation to border unmapped memory, which is unlikely with the normal allocator. The FIPS modules are not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-34180", "url": "https://ubuntu.com/security/CVE-2026-34180", "cve_description": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application (Denial of Service) or to load into the decoded ASN.1 object contents of memory beyond the end of the input buffer. More typically such ASN.1 elements would instead be truncated. An integer truncation in OpenSSL's ASN.1 decoder causes the content length of an ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the worst case the truncated length is treated as a request to scan the binary content for a terminating zero byte, possibly causing OpenSSL to read either less than or beyond the end of the allocated buffer. Applications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or any other d2i_* decoding function are affected. OpenSSL's own command-line tools are not vulnerable, as data read through the BIO layer is checked before it reaches the affected code. The issue only affects 64-bit Unix and Unix-like platforms; 32-bit platforms and 64-bit Windows are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34181", "url": "https://ubuntu.com/security/CVE-2026-34181", "cve_description": "Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certificate and private key forgery. Impact Summary: An attacker impersonating a user can cause a service reading PKCS#12 files to accept forged certificates and private keys with a 1 in 256 probability. If a service accepting PKCS#12 files is using passwords for authenticating the received files, the attacker can create unencrypted PKCS#12 files that use PBMAC1 authentication that specifies an HMAC key of only one byte, allowing them to craft a file that will be accepted with a 1 in 256 probability. That would then cause the service to accept a certificate and private key controlled by the attacker. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34182", "url": "https://ubuntu.com/security/CVE-2026-34182", "cve_description": "Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers making use of these vulnerabilities may achieve key-equivalent functionality for a given CMS recipient and/or bypass integrity validation for a given message. In one use case, an attacker may send a CMS message containing AuthEnvelopedData with the cipher specified as a non-AEAD cipher. OpenSSL erroneously allows this selection, and attempts to decrypt and validate the message. An on-path attacker who captures one legitimate AES-GCM AuthEnvelopedData addressed to the victim can re-emit it with the recipientInfos set left byte-for-byte intact, so the victim's private key still unwraps the genuine CEK (the content-encryption key), but with the inner OID rewritten to AES-256-OFB (Output Feedback Mode, an unauthenticated keystream mode) and with an attacker-chosen IV and ciphertext. The victim initializes AES-256-OFB under the real CEK, never consults the MAC field, and CMS_decrypt() returns success. If the application under attack responds to the attacker with any indicator showing success or failure of the decryption effort, it is possible for the attacker to use this as an oracle to obtain key equivalent functionality for the CEK used for the chosen recipient of the message. In another use case, an attacker can reduce the tag length of the chosen AEAD cipher for a given AuthEnvelopedData container to be a single byte long, allowing an attacker to brute force CMS decryption, producing an integrity bypass for applications that trust CMS_decrypt() to reject modified content. The FIPS modules are not affected by this issue.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34183", "url": "https://ubuntu.com/security/CVE-2026-34183", "cve_description": "Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QUIC client or server and a Denial of Service. A remote peer may exhaust heap memory by flooding the local QUIC stack with PATH_CHALLENGE frames. The local QUIC stack allocates a PATH_RESPONSE frame for every PATH_CHALLENGE it receives. The allocated PATH_RESPONSE frame gets freed only when the remote peer acknowledges reception of the PATH_RESPONSE frame which will not be done by a malicious peer. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue. The QUIC stack is outside of OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42764", "url": "https://ubuntu.com/security/CVE-2026-42764", "cve_description": "Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial of Service. If the address validation is disabled in the OpenSSL QUIC server implementation, an attacker can crash the server by sending an initial packet with an invalid or expired token. By default, the client address validation is enabled in the OpenSSL QUIC server implementation, which makes the default configuration not vulnerable to this issue. However if the SSL_LISTENER_FLAG_NO_VALIDATE is used with the SSL_new_listener() call, the address validation is disabled making the vulnerable code reachable. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42766", "url": "https://ubuntu.com/security/CVE-2026-42766", "cve_description": "Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as OPTIONAL in the ASN.1 specification and may therefore be absent in specially crafted inputs. During the password-based CMS decryption the OpenSSL CMS implementation dereferences this field without first checking whether it was present. An attacker who supplies such a CMS message to an application performing password-based CMS decryption can trigger an application crash, leading to a Denial of Service. Applications that process password-encrypted CMS messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42767", "url": "https://ubuntu.com/security/CVE-2026-42767", "cve_description": "Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server (or acting as a man-in-the-middle) could craft a CMP response containing a CRMF (Certificate Request Message Format) CertRepMessage with an EncryptedValue structure where the symmAlg field has an algorithm OID but no parameters field. When the OpenSSL CMP client processes this response, the NULL dereference occurs, causing a crash of the CMP client. Applications that process untrusted CMP/CRMF messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42768", "url": "https://ubuntu.com/security/CVE-2026-42768", "cve_description": "Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and observe the error code and/or decryption output. Impact summary: The Bleichenbacher-style attack allows an attacker to use the victim's vulnerable application as a way to decrypt or sign messages with the victim's private RSA key. The attack is possible in 2 variants. 1. The decryption API (CMS_decrypt(), PKCS7_decrypt()) is used without providing the recipient certificate. In this case OpenSSL iterates over every KeyTransRecipientInfo (KTRI) without stopping at the first success. An attacker who authors a message with two KTRI entries — the first one wrapping a real CEK under the victim's public key, the second with an arbitrary probe ciphertext — obtains opportunity to iterate the 2nd KTRI to get a valid PKCS#1 v1.5 padding if the error code of the application is available. That is a Bleichenbacher oracle (Bleichenbacher, CRYPTO '98): an adaptive-chosen-ciphertext side channel from which the attacker decrypts any RSA ciphertext to the victim's key or forges any PKCS#1 v1.5 signature under it. 2. When the decryption API (CMS_decrypt(), PKCS7_decrypt()) is provided with the recipient certificate, and the recipient is not found, a random key is substituted. An attacker who authors a message and is able to compare both error code and the result of the decryption, can mount a Bleichenbacher oracle. We are not aware of any applications that provide a remote attacker an opportunity to mount an attack described in these scenarios. We consider the existence of such application very unlikely, and for this reason this CVE has been evaluated as Low severity. To avoid these attacks, when RSA PKCS#1 v1.5 Key Transport is in use, the invoked EVP_PKEY_decrypt() will use the implicit rejection mechanism described in draft-irtf-cfrg-rsa-guidance. In previous OpenSSL releases the implicit rejection was explicitly disabled. The implicit rejection mechanism always returns a plaintext value, the symmetric key. This result is deterministic for the ciphertext and the private key. The length of the decryption result can happen to match the length of the key of the symmetric cipher that was used for the content encryption. When a certificate is not provided, the last RecipientInfo producing a key that looks valid will be used. It may cause getting garbage content on decryption. As a proper way to deal with this a recipient certificate has to be provided to identify the particular RecipientInfo for decryption. The FIPS modules in 4.0, 3.6, 3.5, and 3.4 are not affected by this issue, as CMS and S/MIME processing happens outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42769", "url": "https://ubuntu.com/security/CVE-2026-42769", "cve_description": "Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority (RA) level to the root Certification Authority (root CA) level. Impact Summary: The Registration Autority could replace the root CA certificate for the CMP clients with an arbitrary root CA certificate. One of the parts of the Certificate Management Protocol (CMP), specified in RFC 9810, is Root Certification Authority (root CA) key Rollover, which is sent by the server in a message with type 'id-it-rootCaKeyUpdate'. As part of these messages, 'newWithOld' certificate, the new root CA certificate signed with the old root CA key, is provided, and verifying its signature is crucial for transferring the trust from the old CA key to the new one. The 'id-it-rootCaKeyUpdate' messages are expected to be processed with OSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the 'newWithOld' certificate. A typo in the certificate chain building code led to adding an incorrect certificate ('newWithOld' instead of 'oldRoot') to the certificate chain, rendering the certificate verification process ineffectual (only the issuer name and the algorithm OIDs were verified by other parts of the verification code). An attacker who already has credentials that satisfy the CMP message protection checks can generate a new key pair and use a crafted self-signed certificate in its 'id-it-rootCaKeyUpdate' CMP messages which affected CMP clients would accept as a new trust anchor. Significant preconditions for the attack (having valid RA-level credentials) are the reason the issue was assigned Low severity. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42770", "url": "https://ubuntu.com/security/CVE-2026-42770", "cve_description": "Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r (a small prime factor of the cofactor (p−1)/q_local), and a public value Y of order r can recover the victim's private key after a small number of key exchange attempts. When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the subgroup membership check Y^q ≡ 1 (mod p) is performed using the peer's own q parameter, not the local key's q. The peer's domain parameters are then matched against the domain parameters of the private key, but the value of q is not compared. A malicious peer who presents an X9.42 key carrying the victim's p, g, a forged q = r (a small prime factor of the cofactor), and a public value Y of order r passes all checks. The shared secret then takes only r distinct values, leaking priv mod r. Repeating for each small-prime factor of the cofactor and combining via CRT recovers the full private key (Lim–Lee / small-subgroup-confinement attack). The realistic attack surface is narrow: principally CMP deployments with long-lived RA/CA DHX keys and bespoke enterprise or government applications using X9.42 DHX static keys with interactive protocols and therefore this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45445", "url": "https://ubuntu.com/security/CVE-2026-45445", "cve_description": "Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV supplied by the caller, resulting in (key, nonce) reuse and loss of confidentiality. If the same code path is used to compute the authentication tag, the tag depends only on the (key, IV) pair and not on the plaintext or ciphertext, allowing universal forgery of arbitrary ciphertext from a single captured message. OpenSSL provides two ways to drive a cipher: the documented streaming interface (EVP_CipherUpdate / EVP_CipherFinal_ex) and a lower-level one-shot, EVP_Cipher(), whose documentation explicitly recommends against use by applications in favour of EVP_CipherUpdate() and EVP_CipherFinal_ex(). The OCB provider's streaming handler flushes the application-supplied IV into the OCB context before processing data; the one-shot handler did not. Every call to EVP_Cipher() on an AES-OCB context therefore ran with the all-zero key-derived offset state left by cipher initialisation, regardless of the caller's IV. If EVP_EncryptFinal_ex() is subsequently used to obtain the authentication tag, the deferred IV setup runs at that point and clears the running checksum that should have been accumulated over the plaintext. The resulting tag is a function of (key, IV) only and verifies against any ciphertext produced under the same (key, IV) pair. The OpenSSL SSL/TLS implementation is not affected: AES-OCB is not a TLS cipher suite, and libssl does not call EVP_Cipher() in any case. Applications that drive AES-OCB through the documented streaming AEAD API (EVP_CipherUpdate / EVP_CipherFinal_ex) are not affected. Only applications that combine the AES-OCB cipher with the EVP_Cipher() one-shot API are vulnerable. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as AES-OCB is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45446", "url": "https://ubuntu.com/security/CVE-2026-45446", "cve_description": "Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's application using these ciphers. AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD modes: they accept a key, nonce, optional AAD (bytes that are authenticated but not encrypted), and plaintext, and produces ciphertext plus a 16-byte tag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only if the tag is verified succesfully. In OpenSSL's provider implementation of these ciphers, the expected tag is computed only when decryption function is invoked with non-empty data. If the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without invocation of the ciphertext update, which can happen when the received ciphertext length is zero, the tag is never recalculated and still holds its all-zeros value. When AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty ciphertext, and all-zeros tag passes authentication under any key they do not know, single-shot. When AES-SIV is used, for mounting the attack it's necessary for the application to reuse the decryption context without resetting the key. AES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since OpenSSL 3.2. No protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support either AES-GCM-SIV or AES-SIV. To mount an attack, the applications must implement their own protocol and use the EVP interface. Also they must skip the ciphertext update when a message with an empty ciphertext arrives. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as these algorithms are not FIPS approved and the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45447", "url": "https://ubuntu.com/security/CVE-2026-45447", "cve_description": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME signed message, if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent use of the BIO by the calling application results in a use-after-free condition. In the common case this occurs when the application later calls BIO_free() on the BIO originally passed to PKCS7_verify(). Depending on allocator behavior and application-specific BIO usage patterns, this may result in a crash or other memory corruption. In some application contexts this may potentially be exploitable for remote code execution. Applications that process PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs may be affected. Applications using the CMS APIs for this processing are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "high", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-7383", "url": "https://ubuntu.com/security/CVE-2026-7383", "cve_description": "Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination size for Unicode output is computed in a signed int: by left shift of the input character count for BMPSTRING (UTF-16) and UNIVERSALSTRING (UTF-32), and by summing per-character byte counts for UTF8STRING. The calculation overflows when the input reaches around 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30 characters) the size wraps to zero, OPENSSL_malloc(1) is called, and the subsequent character copy writes several gigabytes past the one-byte allocation. X.509 certificate processing routes through ASN1_STRING_set_by_NID(), whose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID size limits cap the input length; no network protocol or certificate-handling path in OpenSSL exercises the overflow. Triggering the bug requires an application that calls ASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers a custom string type via ASN1_STRING_TABLE_add(), with attacker-controlled input on the order of half a gigabyte or more. For these reasons this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-9076", "url": "https://ubuntu.com/security/CVE-2026-9076", "cve_description": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer over-read may trigger a crash which leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not revealed to the attacker. The key unwrapping function performs a check-byte test as specified in the RFC that reads 7 bytes from a heap allocation that is based on the wrapped key length from the message. There is a minimum length check based on the block length of the wrapping cipher. However the cipher is selected from an OID carried in the attacker's PWRI keyEncryptionAlgorithm with no requirement that the cipher be a block cipher. When an attacker selects a stream-mode cipher the guard will be ineffective and the allocated buffer containing the unwrapped key can be too small to fit the check-bytes specified in the RFC and a buffer over-read can happen. Applications calling CMS_decrypt() or CMS_decrypt_set1_password() (equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS data are vulnerable to this issue. No password knowledge is required: the over-read happens during the unwrap attempt before any authentication succeeds. The over-read is limited to a few bytes and is not written to output, so there is no information disclosure. Triggering a crash requires the allocation to border unmapped memory, which is unlikely with the normal allocator. The FIPS modules are not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Heap Buffer Over-read in ASN.1 Content Parsing", " - debian/patches/CVE-2026-34180.patch: Avoid length truncation in", " ASN1_STRING_set in crypto/asn1/tasn_dec.c.", " - CVE-2026-34180", " * SECURITY UPDATE: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys", " - debian/patches/CVE-2026-34181.patch: pkcs12: verify that the pbmac1 key", " length is safe in crypto/pkcs12/p12_mutl.c.", " - CVE-2026-34181", " * SECURITY UPDATE: CMS AuthEnvelopedData Processing May Accept Forged Messages", " - debian/patches/CVE-2026-34182-1.patch: Reject potentially forged encrypted", " CMS AuthEnvelopedData messages in crypto/cms/cms_enc.c.", " - debian/patches/CVE-2026-34182-2.patch: Add tests for CVE-2026-34182 in", " test/cmsapitest.c.", " - CVE-2026-34182", " * SECURITY UPDATE: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler", " - debian/patches/CVE-2026-34183-1.patch: QUIC stack must limit the number of", " PATH_CHALLENGE frames processed in RX in include/internal/quic_cfq.h,", " include/internal/quic_channel.h, include/internal/quic_fifd.h,", " ssl/quic/quic_cfq.c, ssl/quic/quic_channel.c,", " ssl/quic/quic_channel_local.h, ssl/quic/quic_fifd.c,", " ssl/quic/quic_rx_depack.c, ssl/quic/quic_txp.c.", " - debian/patches/CVE-2026-34183-2.patch: Add test for path challenge flood", " mitigation in include/internal/quic_channel.h, ssl/quic/quic_channel.c,", " ssl/quic/quic_channel_local.h, ssl/quic/quic_rx_depack.c,", " test/radix/quic_tests.c.", " - CVE-2026-34183", " * SECURITY UPDATE: NULL pointer dereference in QUIC server initial packet", " handling", " - debian/patches/CVE-2026-42764.patch: Fix NULL dereference in QUIC address", " validation in ssl/quic/quic_port.c.", " - CVE-2026-42764", " * SECURITY UPDATE: Possible NULL Dereference in Password-Based CMS Decryption", " - debian/patches/CVE-2026-42766.patch: Fix potential NULL dereference", " processing CMS PasswordRecipientInfo in crypto/cms/cms_pwri.c.", " - CVE-2026-42766", " * SECURITY UPDATE: NULL Pointer Dereference in CRMF EncryptedValue Decryption", " - debian/patches/CVE-2026-42767.patch: Fix potential NULL dereference in", " OSSL_CRMF_ENCRYPTEDVALUE_decrypt() in crypto/crmf/crmf_lib.c.", " - CVE-2026-42767", " * SECURITY UPDATE: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt()", " and PKCS7_decrypt()", " - debian/patches/CVE-2026-42768.patch: Enforce implicit rejection for", " CMS/PKCS#7 decryption in crypto/cms/cms_env.c, crypto/pkcs7/pk7_doit.c,", " doc/man3/CMS_decrypt.pod, doc/man3/PKCS7_decrypt.pod.", " - CVE-2026-42768", " * SECURITY UPDATE: Trust-Anchor Substitution via cert/issuer Typo in CMP", " rootCaKeyUpdate", " - debian/patches/CVE-2026-42769.patch: Use the correct issuer when", " validating rootCAKeyUpdate in crypto/cmp/cmp_genm.c.", " - CVE-2026-42769", " * SECURITY UPDATE: FFC-DH Peer Validation Uses Attacker-Supplied q", " - debian/patches/CVE-2026-42770.patch: Match the local q DHX parameter", " against the peer's q in providers/implementations/exchange/dh_exch.c.", " - CVE-2026-42770", " * SECURITY UPDATE: AES-OCB IV Ignored on EVP_Cipher() Path", " - debian/patches/CVE-2026-45445.patch: Apply the buffered IV on the AES-OCB", " EVP_Cipher() path in providers/implementations/ciphers/cipher_aes_ocb.c,", " test/evp_extra_test.c.", " - CVE-2026-45445", " * SECURITY UPDATE: Incorrect Tag Processing for Empty Messages in", " AES-GCM-SIV and AES-SIV modes", " - debian/patches/CVE-2026-45446.patch: Fix handling of empty-ciphertext", " messages in AES-GCM-SIV and AES-SIV in", " providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c,", " providers/implementations/ciphers/cipher_aes_siv.c, test/evp_extra_test.c.", " - CVE-2026-45446", " * SECURITY UPDATE: Heap Use-After-Free in OpenSSL PKCS7_verify()", " - debian/patches/CVE-2026-45447-1.patch: Fix possible use-after-free in", " OpenSSL PKCS7_verify() in crypto/pkcs7/pk7_smime.c.", " - debian/patches/CVE-2026-45447-2.patch: Test for CVE-2026-45447 (UAF in", " PKCS7_verify) in test/recipes/80-test_cms.t, test/smime-eml/pkcs7-empty-", " digest-set.eml.", " - CVE-2026-45447", " * SECURITY UPDATE: Possible Heap Buffer Overflow in ASN.1 Multibyte String", " Conversion", " - debian/patches/CVE-2026-7383.patch: Reject oversized inputs in", " ASN1_mbstring_ncopy() in crypto/asn1/a_mbstr.c.", " - CVE-2026-7383", " * SECURITY UPDATE: Out-of-Bounds Read in CMS Password-Based Decryption", " - debian/patches/CVE-2026-9076.patch: cms: kek_unwrap_key: Fix out-of-", " bounds read in check-byte validation in crypto/cms/cms_pwri.c.", " - CVE-2026-9076", " * Fix ppc64 FTBFS because of incorrect regex match (LP: 2137464)", " - debian/patches/regex_match_ecp_nistp521-ppc64.patch: removed,", " incomplete version.", " - debian/patches/fix_ppc64_regex_match.patch: match last filename for", " output in ecp_nistp*-ppc64.pl.", "" ], "package": "openssl", "version": "3.5.5-1ubuntu3.2", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 02 Jun 2026 13:21:36 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssl-provider-legacy", "from_version": { "source_package_name": "openssl", "source_package_version": "3.5.5-1ubuntu3", "version": "3.5.5-1ubuntu3" }, "to_version": { "source_package_name": "openssl", "source_package_version": "3.5.5-1ubuntu3.2", "version": "3.5.5-1ubuntu3.2" }, "cves": [ { "cve": "CVE-2026-34180", "url": "https://ubuntu.com/security/CVE-2026-34180", "cve_description": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application (Denial of Service) or to load into the decoded ASN.1 object contents of memory beyond the end of the input buffer. More typically such ASN.1 elements would instead be truncated. An integer truncation in OpenSSL's ASN.1 decoder causes the content length of an ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the worst case the truncated length is treated as a request to scan the binary content for a terminating zero byte, possibly causing OpenSSL to read either less than or beyond the end of the allocated buffer. Applications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or any other d2i_* decoding function are affected. OpenSSL's own command-line tools are not vulnerable, as data read through the BIO layer is checked before it reaches the affected code. The issue only affects 64-bit Unix and Unix-like platforms; 32-bit platforms and 64-bit Windows are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34181", "url": "https://ubuntu.com/security/CVE-2026-34181", "cve_description": "Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certificate and private key forgery. Impact Summary: An attacker impersonating a user can cause a service reading PKCS#12 files to accept forged certificates and private keys with a 1 in 256 probability. If a service accepting PKCS#12 files is using passwords for authenticating the received files, the attacker can create unencrypted PKCS#12 files that use PBMAC1 authentication that specifies an HMAC key of only one byte, allowing them to craft a file that will be accepted with a 1 in 256 probability. That would then cause the service to accept a certificate and private key controlled by the attacker. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34182", "url": "https://ubuntu.com/security/CVE-2026-34182", "cve_description": "Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers making use of these vulnerabilities may achieve key-equivalent functionality for a given CMS recipient and/or bypass integrity validation for a given message. In one use case, an attacker may send a CMS message containing AuthEnvelopedData with the cipher specified as a non-AEAD cipher. OpenSSL erroneously allows this selection, and attempts to decrypt and validate the message. An on-path attacker who captures one legitimate AES-GCM AuthEnvelopedData addressed to the victim can re-emit it with the recipientInfos set left byte-for-byte intact, so the victim's private key still unwraps the genuine CEK (the content-encryption key), but with the inner OID rewritten to AES-256-OFB (Output Feedback Mode, an unauthenticated keystream mode) and with an attacker-chosen IV and ciphertext. The victim initializes AES-256-OFB under the real CEK, never consults the MAC field, and CMS_decrypt() returns success. If the application under attack responds to the attacker with any indicator showing success or failure of the decryption effort, it is possible for the attacker to use this as an oracle to obtain key equivalent functionality for the CEK used for the chosen recipient of the message. In another use case, an attacker can reduce the tag length of the chosen AEAD cipher for a given AuthEnvelopedData container to be a single byte long, allowing an attacker to brute force CMS decryption, producing an integrity bypass for applications that trust CMS_decrypt() to reject modified content. The FIPS modules are not affected by this issue.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34183", "url": "https://ubuntu.com/security/CVE-2026-34183", "cve_description": "Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QUIC client or server and a Denial of Service. A remote peer may exhaust heap memory by flooding the local QUIC stack with PATH_CHALLENGE frames. The local QUIC stack allocates a PATH_RESPONSE frame for every PATH_CHALLENGE it receives. The allocated PATH_RESPONSE frame gets freed only when the remote peer acknowledges reception of the PATH_RESPONSE frame which will not be done by a malicious peer. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue. The QUIC stack is outside of OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42764", "url": "https://ubuntu.com/security/CVE-2026-42764", "cve_description": "Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial of Service. If the address validation is disabled in the OpenSSL QUIC server implementation, an attacker can crash the server by sending an initial packet with an invalid or expired token. By default, the client address validation is enabled in the OpenSSL QUIC server implementation, which makes the default configuration not vulnerable to this issue. However if the SSL_LISTENER_FLAG_NO_VALIDATE is used with the SSL_new_listener() call, the address validation is disabled making the vulnerable code reachable. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42766", "url": "https://ubuntu.com/security/CVE-2026-42766", "cve_description": "Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as OPTIONAL in the ASN.1 specification and may therefore be absent in specially crafted inputs. During the password-based CMS decryption the OpenSSL CMS implementation dereferences this field without first checking whether it was present. An attacker who supplies such a CMS message to an application performing password-based CMS decryption can trigger an application crash, leading to a Denial of Service. Applications that process password-encrypted CMS messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42767", "url": "https://ubuntu.com/security/CVE-2026-42767", "cve_description": "Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server (or acting as a man-in-the-middle) could craft a CMP response containing a CRMF (Certificate Request Message Format) CertRepMessage with an EncryptedValue structure where the symmAlg field has an algorithm OID but no parameters field. When the OpenSSL CMP client processes this response, the NULL dereference occurs, causing a crash of the CMP client. Applications that process untrusted CMP/CRMF messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42768", "url": "https://ubuntu.com/security/CVE-2026-42768", "cve_description": "Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and observe the error code and/or decryption output. Impact summary: The Bleichenbacher-style attack allows an attacker to use the victim's vulnerable application as a way to decrypt or sign messages with the victim's private RSA key. The attack is possible in 2 variants. 1. The decryption API (CMS_decrypt(), PKCS7_decrypt()) is used without providing the recipient certificate. In this case OpenSSL iterates over every KeyTransRecipientInfo (KTRI) without stopping at the first success. An attacker who authors a message with two KTRI entries — the first one wrapping a real CEK under the victim's public key, the second with an arbitrary probe ciphertext — obtains opportunity to iterate the 2nd KTRI to get a valid PKCS#1 v1.5 padding if the error code of the application is available. That is a Bleichenbacher oracle (Bleichenbacher, CRYPTO '98): an adaptive-chosen-ciphertext side channel from which the attacker decrypts any RSA ciphertext to the victim's key or forges any PKCS#1 v1.5 signature under it. 2. When the decryption API (CMS_decrypt(), PKCS7_decrypt()) is provided with the recipient certificate, and the recipient is not found, a random key is substituted. An attacker who authors a message and is able to compare both error code and the result of the decryption, can mount a Bleichenbacher oracle. We are not aware of any applications that provide a remote attacker an opportunity to mount an attack described in these scenarios. We consider the existence of such application very unlikely, and for this reason this CVE has been evaluated as Low severity. To avoid these attacks, when RSA PKCS#1 v1.5 Key Transport is in use, the invoked EVP_PKEY_decrypt() will use the implicit rejection mechanism described in draft-irtf-cfrg-rsa-guidance. In previous OpenSSL releases the implicit rejection was explicitly disabled. The implicit rejection mechanism always returns a plaintext value, the symmetric key. This result is deterministic for the ciphertext and the private key. The length of the decryption result can happen to match the length of the key of the symmetric cipher that was used for the content encryption. When a certificate is not provided, the last RecipientInfo producing a key that looks valid will be used. It may cause getting garbage content on decryption. As a proper way to deal with this a recipient certificate has to be provided to identify the particular RecipientInfo for decryption. The FIPS modules in 4.0, 3.6, 3.5, and 3.4 are not affected by this issue, as CMS and S/MIME processing happens outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42769", "url": "https://ubuntu.com/security/CVE-2026-42769", "cve_description": "Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority (RA) level to the root Certification Authority (root CA) level. Impact Summary: The Registration Autority could replace the root CA certificate for the CMP clients with an arbitrary root CA certificate. One of the parts of the Certificate Management Protocol (CMP), specified in RFC 9810, is Root Certification Authority (root CA) key Rollover, which is sent by the server in a message with type 'id-it-rootCaKeyUpdate'. As part of these messages, 'newWithOld' certificate, the new root CA certificate signed with the old root CA key, is provided, and verifying its signature is crucial for transferring the trust from the old CA key to the new one. The 'id-it-rootCaKeyUpdate' messages are expected to be processed with OSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the 'newWithOld' certificate. A typo in the certificate chain building code led to adding an incorrect certificate ('newWithOld' instead of 'oldRoot') to the certificate chain, rendering the certificate verification process ineffectual (only the issuer name and the algorithm OIDs were verified by other parts of the verification code). An attacker who already has credentials that satisfy the CMP message protection checks can generate a new key pair and use a crafted self-signed certificate in its 'id-it-rootCaKeyUpdate' CMP messages which affected CMP clients would accept as a new trust anchor. Significant preconditions for the attack (having valid RA-level credentials) are the reason the issue was assigned Low severity. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42770", "url": "https://ubuntu.com/security/CVE-2026-42770", "cve_description": "Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r (a small prime factor of the cofactor (p−1)/q_local), and a public value Y of order r can recover the victim's private key after a small number of key exchange attempts. When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the subgroup membership check Y^q ≡ 1 (mod p) is performed using the peer's own q parameter, not the local key's q. The peer's domain parameters are then matched against the domain parameters of the private key, but the value of q is not compared. A malicious peer who presents an X9.42 key carrying the victim's p, g, a forged q = r (a small prime factor of the cofactor), and a public value Y of order r passes all checks. The shared secret then takes only r distinct values, leaking priv mod r. Repeating for each small-prime factor of the cofactor and combining via CRT recovers the full private key (Lim–Lee / small-subgroup-confinement attack). The realistic attack surface is narrow: principally CMP deployments with long-lived RA/CA DHX keys and bespoke enterprise or government applications using X9.42 DHX static keys with interactive protocols and therefore this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45445", "url": "https://ubuntu.com/security/CVE-2026-45445", "cve_description": "Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV supplied by the caller, resulting in (key, nonce) reuse and loss of confidentiality. If the same code path is used to compute the authentication tag, the tag depends only on the (key, IV) pair and not on the plaintext or ciphertext, allowing universal forgery of arbitrary ciphertext from a single captured message. OpenSSL provides two ways to drive a cipher: the documented streaming interface (EVP_CipherUpdate / EVP_CipherFinal_ex) and a lower-level one-shot, EVP_Cipher(), whose documentation explicitly recommends against use by applications in favour of EVP_CipherUpdate() and EVP_CipherFinal_ex(). The OCB provider's streaming handler flushes the application-supplied IV into the OCB context before processing data; the one-shot handler did not. Every call to EVP_Cipher() on an AES-OCB context therefore ran with the all-zero key-derived offset state left by cipher initialisation, regardless of the caller's IV. If EVP_EncryptFinal_ex() is subsequently used to obtain the authentication tag, the deferred IV setup runs at that point and clears the running checksum that should have been accumulated over the plaintext. The resulting tag is a function of (key, IV) only and verifies against any ciphertext produced under the same (key, IV) pair. The OpenSSL SSL/TLS implementation is not affected: AES-OCB is not a TLS cipher suite, and libssl does not call EVP_Cipher() in any case. Applications that drive AES-OCB through the documented streaming AEAD API (EVP_CipherUpdate / EVP_CipherFinal_ex) are not affected. Only applications that combine the AES-OCB cipher with the EVP_Cipher() one-shot API are vulnerable. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as AES-OCB is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45446", "url": "https://ubuntu.com/security/CVE-2026-45446", "cve_description": "Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's application using these ciphers. AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD modes: they accept a key, nonce, optional AAD (bytes that are authenticated but not encrypted), and plaintext, and produces ciphertext plus a 16-byte tag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only if the tag is verified succesfully. In OpenSSL's provider implementation of these ciphers, the expected tag is computed only when decryption function is invoked with non-empty data. If the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without invocation of the ciphertext update, which can happen when the received ciphertext length is zero, the tag is never recalculated and still holds its all-zeros value. When AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty ciphertext, and all-zeros tag passes authentication under any key they do not know, single-shot. When AES-SIV is used, for mounting the attack it's necessary for the application to reuse the decryption context without resetting the key. AES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since OpenSSL 3.2. No protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support either AES-GCM-SIV or AES-SIV. To mount an attack, the applications must implement their own protocol and use the EVP interface. Also they must skip the ciphertext update when a message with an empty ciphertext arrives. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as these algorithms are not FIPS approved and the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45447", "url": "https://ubuntu.com/security/CVE-2026-45447", "cve_description": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME signed message, if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent use of the BIO by the calling application results in a use-after-free condition. In the common case this occurs when the application later calls BIO_free() on the BIO originally passed to PKCS7_verify(). Depending on allocator behavior and application-specific BIO usage patterns, this may result in a crash or other memory corruption. In some application contexts this may potentially be exploitable for remote code execution. Applications that process PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs may be affected. Applications using the CMS APIs for this processing are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "high", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-7383", "url": "https://ubuntu.com/security/CVE-2026-7383", "cve_description": "Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination size for Unicode output is computed in a signed int: by left shift of the input character count for BMPSTRING (UTF-16) and UNIVERSALSTRING (UTF-32), and by summing per-character byte counts for UTF8STRING. The calculation overflows when the input reaches around 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30 characters) the size wraps to zero, OPENSSL_malloc(1) is called, and the subsequent character copy writes several gigabytes past the one-byte allocation. X.509 certificate processing routes through ASN1_STRING_set_by_NID(), whose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID size limits cap the input length; no network protocol or certificate-handling path in OpenSSL exercises the overflow. Triggering the bug requires an application that calls ASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers a custom string type via ASN1_STRING_TABLE_add(), with attacker-controlled input on the order of half a gigabyte or more. For these reasons this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-9076", "url": "https://ubuntu.com/security/CVE-2026-9076", "cve_description": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer over-read may trigger a crash which leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not revealed to the attacker. The key unwrapping function performs a check-byte test as specified in the RFC that reads 7 bytes from a heap allocation that is based on the wrapped key length from the message. There is a minimum length check based on the block length of the wrapping cipher. However the cipher is selected from an OID carried in the attacker's PWRI keyEncryptionAlgorithm with no requirement that the cipher be a block cipher. When an attacker selects a stream-mode cipher the guard will be ineffective and the allocated buffer containing the unwrapped key can be too small to fit the check-bytes specified in the RFC and a buffer over-read can happen. Applications calling CMS_decrypt() or CMS_decrypt_set1_password() (equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS data are vulnerable to this issue. No password knowledge is required: the over-read happens during the unwrap attempt before any authentication succeeds. The over-read is limited to a few bytes and is not written to output, so there is no information disclosure. Triggering a crash requires the allocation to border unmapped memory, which is unlikely with the normal allocator. The FIPS modules are not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-34180", "url": "https://ubuntu.com/security/CVE-2026-34180", "cve_description": "Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application (Denial of Service) or to load into the decoded ASN.1 object contents of memory beyond the end of the input buffer. More typically such ASN.1 elements would instead be truncated. An integer truncation in OpenSSL's ASN.1 decoder causes the content length of an ASN.1 primitive element to be mishandled when it exceeds 2 gigabytes. In the worst case the truncated length is treated as a request to scan the binary content for a terminating zero byte, possibly causing OpenSSL to read either less than or beyond the end of the allocated buffer. Applications that pass attacker-supplied data to d2i_X509(), d2i_PKCS7(), or any other d2i_* decoding function are affected. OpenSSL's own command-line tools are not vulnerable, as data read through the BIO layer is checked before it reaches the affected code. The issue only affects 64-bit Unix and Unix-like platforms; 32-bit platforms and 64-bit Windows are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34181", "url": "https://ubuntu.com/security/CVE-2026-34181", "cve_description": "Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certificate and private key forgery. Impact Summary: An attacker impersonating a user can cause a service reading PKCS#12 files to accept forged certificates and private keys with a 1 in 256 probability. If a service accepting PKCS#12 files is using passwords for authenticating the received files, the attacker can create unencrypted PKCS#12 files that use PBMAC1 authentication that specifies an HMAC key of only one byte, allowing them to craft a file that will be accepted with a 1 in 256 probability. That would then cause the service to accept a certificate and private key controlled by the attacker. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34182", "url": "https://ubuntu.com/security/CVE-2026-34182", "cve_description": "Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers making use of these vulnerabilities may achieve key-equivalent functionality for a given CMS recipient and/or bypass integrity validation for a given message. In one use case, an attacker may send a CMS message containing AuthEnvelopedData with the cipher specified as a non-AEAD cipher. OpenSSL erroneously allows this selection, and attempts to decrypt and validate the message. An on-path attacker who captures one legitimate AES-GCM AuthEnvelopedData addressed to the victim can re-emit it with the recipientInfos set left byte-for-byte intact, so the victim's private key still unwraps the genuine CEK (the content-encryption key), but with the inner OID rewritten to AES-256-OFB (Output Feedback Mode, an unauthenticated keystream mode) and with an attacker-chosen IV and ciphertext. The victim initializes AES-256-OFB under the real CEK, never consults the MAC field, and CMS_decrypt() returns success. If the application under attack responds to the attacker with any indicator showing success or failure of the decryption effort, it is possible for the attacker to use this as an oracle to obtain key equivalent functionality for the CEK used for the chosen recipient of the message. In another use case, an attacker can reduce the tag length of the chosen AEAD cipher for a given AuthEnvelopedData container to be a single byte long, allowing an attacker to brute force CMS decryption, producing an integrity bypass for applications that trust CMS_decrypt() to reject modified content. The FIPS modules are not affected by this issue.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-34183", "url": "https://ubuntu.com/security/CVE-2026-34183", "cve_description": "Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QUIC client or server and a Denial of Service. A remote peer may exhaust heap memory by flooding the local QUIC stack with PATH_CHALLENGE frames. The local QUIC stack allocates a PATH_RESPONSE frame for every PATH_CHALLENGE it receives. The allocated PATH_RESPONSE frame gets freed only when the remote peer acknowledges reception of the PATH_RESPONSE frame which will not be done by a malicious peer. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue. The QUIC stack is outside of OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42764", "url": "https://ubuntu.com/security/CVE-2026-42764", "cve_description": "Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial of Service. If the address validation is disabled in the OpenSSL QUIC server implementation, an attacker can crash the server by sending an initial packet with an invalid or expired token. By default, the client address validation is enabled in the OpenSSL QUIC server implementation, which makes the default configuration not vulnerable to this issue. However if the SSL_LISTENER_FLAG_NO_VALIDATE is used with the SSL_new_listener() call, the address validation is disabled making the vulnerable code reachable. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42766", "url": "https://ubuntu.com/security/CVE-2026-42766", "cve_description": "Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is defined as OPTIONAL in the ASN.1 specification and may therefore be absent in specially crafted inputs. During the password-based CMS decryption the OpenSSL CMS implementation dereferences this field without first checking whether it was present. An attacker who supplies such a CMS message to an application performing password-based CMS decryption can trigger an application crash, leading to a Denial of Service. Applications that process password-encrypted CMS messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42767", "url": "https://ubuntu.com/security/CVE-2026-42767", "cve_description": "Issue summary: An attacker-controlled CMP (Certificate Management Protocol) server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server (or acting as a man-in-the-middle) could craft a CMP response containing a CRMF (Certificate Request Message Format) CertRepMessage with an EncryptedValue structure where the symmAlg field has an algorithm OID but no parameters field. When the OpenSSL CMP client processes this response, the NULL dereference occurs, causing a crash of the CMP client. Applications that process untrusted CMP/CRMF messages may be affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42768", "url": "https://ubuntu.com/security/CVE-2026-42768", "cve_description": "Issue summary: The CMS_decrypt and PKCS7_decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and observe the error code and/or decryption output. Impact summary: The Bleichenbacher-style attack allows an attacker to use the victim's vulnerable application as a way to decrypt or sign messages with the victim's private RSA key. The attack is possible in 2 variants. 1. The decryption API (CMS_decrypt(), PKCS7_decrypt()) is used without providing the recipient certificate. In this case OpenSSL iterates over every KeyTransRecipientInfo (KTRI) without stopping at the first success. An attacker who authors a message with two KTRI entries — the first one wrapping a real CEK under the victim's public key, the second with an arbitrary probe ciphertext — obtains opportunity to iterate the 2nd KTRI to get a valid PKCS#1 v1.5 padding if the error code of the application is available. That is a Bleichenbacher oracle (Bleichenbacher, CRYPTO '98): an adaptive-chosen-ciphertext side channel from which the attacker decrypts any RSA ciphertext to the victim's key or forges any PKCS#1 v1.5 signature under it. 2. When the decryption API (CMS_decrypt(), PKCS7_decrypt()) is provided with the recipient certificate, and the recipient is not found, a random key is substituted. An attacker who authors a message and is able to compare both error code and the result of the decryption, can mount a Bleichenbacher oracle. We are not aware of any applications that provide a remote attacker an opportunity to mount an attack described in these scenarios. We consider the existence of such application very unlikely, and for this reason this CVE has been evaluated as Low severity. To avoid these attacks, when RSA PKCS#1 v1.5 Key Transport is in use, the invoked EVP_PKEY_decrypt() will use the implicit rejection mechanism described in draft-irtf-cfrg-rsa-guidance. In previous OpenSSL releases the implicit rejection was explicitly disabled. The implicit rejection mechanism always returns a plaintext value, the symmetric key. This result is deterministic for the ciphertext and the private key. The length of the decryption result can happen to match the length of the key of the symmetric cipher that was used for the content encryption. When a certificate is not provided, the last RecipientInfo producing a key that looks valid will be used. It may cause getting garbage content on decryption. As a proper way to deal with this a recipient certificate has to be provided to identify the particular RecipientInfo for decryption. The FIPS modules in 4.0, 3.6, 3.5, and 3.4 are not affected by this issue, as CMS and S/MIME processing happens outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42769", "url": "https://ubuntu.com/security/CVE-2026-42769", "cve_description": "Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority (RA) level to the root Certification Authority (root CA) level. Impact Summary: The Registration Autority could replace the root CA certificate for the CMP clients with an arbitrary root CA certificate. One of the parts of the Certificate Management Protocol (CMP), specified in RFC 9810, is Root Certification Authority (root CA) key Rollover, which is sent by the server in a message with type 'id-it-rootCaKeyUpdate'. As part of these messages, 'newWithOld' certificate, the new root CA certificate signed with the old root CA key, is provided, and verifying its signature is crucial for transferring the trust from the old CA key to the new one. The 'id-it-rootCaKeyUpdate' messages are expected to be processed with OSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the 'newWithOld' certificate. A typo in the certificate chain building code led to adding an incorrect certificate ('newWithOld' instead of 'oldRoot') to the certificate chain, rendering the certificate verification process ineffectual (only the issuer name and the algorithm OIDs were verified by other parts of the verification code). An attacker who already has credentials that satisfy the CMP message protection checks can generate a new key pair and use a crafted self-signed certificate in its 'id-it-rootCaKeyUpdate' CMP messages which affected CMP clients would accept as a new trust anchor. Significant preconditions for the attack (having valid RA-level credentials) are the reason the issue was assigned Low severity. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-42770", "url": "https://ubuntu.com/security/CVE-2026-42770", "cve_description": "Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r (a small prime factor of the cofactor (p−1)/q_local), and a public value Y of order r can recover the victim's private key after a small number of key exchange attempts. When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the subgroup membership check Y^q ≡ 1 (mod p) is performed using the peer's own q parameter, not the local key's q. The peer's domain parameters are then matched against the domain parameters of the private key, but the value of q is not compared. A malicious peer who presents an X9.42 key carrying the victim's p, g, a forged q = r (a small prime factor of the cofactor), and a public value Y of order r passes all checks. The shared secret then takes only r distinct values, leaking priv mod r. Repeating for each small-prime factor of the cofactor and combining via CRT recovers the full private key (Lim–Lee / small-subgroup-confinement attack). The realistic attack surface is narrow: principally CMP deployments with long-lived RA/CA DHX keys and bespoke enterprise or government applications using X9.42 DHX static keys with interactive protocols and therefore this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45445", "url": "https://ubuntu.com/security/CVE-2026-45445", "cve_description": "Issue summary: When an application drives an AES-OCB context through the public EVP_Cipher() one-shot interface, the application-supplied initialisation vector (IV) is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV supplied by the caller, resulting in (key, nonce) reuse and loss of confidentiality. If the same code path is used to compute the authentication tag, the tag depends only on the (key, IV) pair and not on the plaintext or ciphertext, allowing universal forgery of arbitrary ciphertext from a single captured message. OpenSSL provides two ways to drive a cipher: the documented streaming interface (EVP_CipherUpdate / EVP_CipherFinal_ex) and a lower-level one-shot, EVP_Cipher(), whose documentation explicitly recommends against use by applications in favour of EVP_CipherUpdate() and EVP_CipherFinal_ex(). The OCB provider's streaming handler flushes the application-supplied IV into the OCB context before processing data; the one-shot handler did not. Every call to EVP_Cipher() on an AES-OCB context therefore ran with the all-zero key-derived offset state left by cipher initialisation, regardless of the caller's IV. If EVP_EncryptFinal_ex() is subsequently used to obtain the authentication tag, the deferred IV setup runs at that point and clears the running checksum that should have been accumulated over the plaintext. The resulting tag is a function of (key, IV) only and verifies against any ciphertext produced under the same (key, IV) pair. The OpenSSL SSL/TLS implementation is not affected: AES-OCB is not a TLS cipher suite, and libssl does not call EVP_Cipher() in any case. Applications that drive AES-OCB through the documented streaming AEAD API (EVP_CipherUpdate / EVP_CipherFinal_ex) are not affected. Only applications that combine the AES-OCB cipher with the EVP_Cipher() one-shot API are vulnerable. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as AES-OCB is outside the OpenSSL FIPS module boundary.", "cve_priority": "medium", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45446", "url": "https://ubuntu.com/security/CVE-2026-45446", "cve_description": "Issue summary: The implementations of AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) mishandle the authentication of AAD (Additional Authenticated Data) with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's application using these ciphers. AES-SIV (RFC 5297) and AES-GCM-SIV (RFC 8452) are nonce-misuse-resistant AEAD modes: they accept a key, nonce, optional AAD (bytes that are authenticated but not encrypted), and plaintext, and produces ciphertext plus a 16-byte tag. On decrypt, `EVP_DecryptFinal_ex()` is documented to return success only if the tag is verified succesfully. In OpenSSL's provider implementation of these ciphers, the expected tag is computed only when decryption function is invoked with non-empty data. If the caller supplies AAD and then calls `EVP_DecryptFinal_ex()` without invocation of the ciphertext update, which can happen when the received ciphertext length is zero, the tag is never recalculated and still holds its all-zeros value. When AES-GCM-SIV is used, an attacker who sends arbitrary AAD, empty ciphertext, and all-zeros tag passes authentication under any key they do not know, single-shot. When AES-SIV is used, for mounting the attack it's necessary for the application to reuse the decryption context without resetting the key. AES-SIV is implemented since OpenSSL 3.0. AES-GCM-SIV is implemented since OpenSSL 3.2. No protocols implemented in OpenSSL itself (TLS/CMS/PKCS7/HPKE/QUIC) support either AES-GCM-SIV or AES-SIV. To mount an attack, the applications must implement their own protocol and use the EVP interface. Also they must skip the ciphertext update when a message with an empty ciphertext arrives. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as these algorithms are not FIPS approved and the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-45447", "url": "https://ubuntu.com/security/CVE-2026-45447", "cve_description": "Issue summary: A specially crafted PKCS#7 or S/MIME signed message could trigger a use-after-free during PKCS#7 signature verification. Impact summary: A use-after-free may result in process crashes, heap corruption, or potentially remote code execution. When processing a PKCS#7 or S/MIME signed message, if the SignedData digestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may incorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent use of the BIO by the calling application results in a use-after-free condition. In the common case this occurs when the application later calls BIO_free() on the BIO originally passed to PKCS7_verify(). Depending on allocator behavior and application-specific BIO usage patterns, this may result in a crash or other memory corruption. In some application contexts this may potentially be exploitable for remote code execution. Applications that process PKCS#7 or S/MIME signed messages using OpenSSL PKCS#7 APIs may be affected. Applications using the CMS APIs for this processing are not affected. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "high", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-7383", "url": "https://ubuntu.com/security/CVE-2026-7383", "cve_description": "Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination size for Unicode output is computed in a signed int: by left shift of the input character count for BMPSTRING (UTF-16) and UNIVERSALSTRING (UTF-32), and by summing per-character byte counts for UTF8STRING. The calculation overflows when the input reaches around 2^30 characters. In the worst case (UNIVERSALSTRING at 2^30 characters) the size wraps to zero, OPENSSL_malloc(1) is called, and the subsequent character copy writes several gigabytes past the one-byte allocation. X.509 certificate processing routes through ASN1_STRING_set_by_NID(), whose DIRSTRING_TYPE mask excludes UNIVERSALSTRING and whose per-NID size limits cap the input length; no network protocol or certificate-handling path in OpenSSL exercises the overflow. Triggering the bug requires an application that calls ASN1_mbstring_copy() or ASN1_mbstring_ncopy() directly, or registers a custom string type via ASN1_STRING_TABLE_add(), with attacker-controlled input on the order of half a gigabyte or more. For these reasons this issue was assigned Low severity. The FIPS modules in 4.0, 3.6, 3.5, 3.4 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" }, { "cve": "CVE-2026-9076", "url": "https://ubuntu.com/security/CVE-2026-9076", "cve_description": "Issue summary: When CMS password-based decryption (RFC 3211 / PWRI key unwrap) processes attacker-supplied CMS data, an attacker-chosen stream-mode KEK cipher can trigger a heap out-of-bounds read in kek_unwrap_key(). Impact summary: A heap buffer over-read may trigger a crash which leads to Denial of Service for an application if the input buffer ends at a memory page boundary and the following page is unmapped. There is no information disclosure as the over-read bytes are not revealed to the attacker. The key unwrapping function performs a check-byte test as specified in the RFC that reads 7 bytes from a heap allocation that is based on the wrapped key length from the message. There is a minimum length check based on the block length of the wrapping cipher. However the cipher is selected from an OID carried in the attacker's PWRI keyEncryptionAlgorithm with no requirement that the cipher be a block cipher. When an attacker selects a stream-mode cipher the guard will be ineffective and the allocated buffer containing the unwrapped key can be too small to fit the check-bytes specified in the RFC and a buffer over-read can happen. Applications calling CMS_decrypt() or CMS_decrypt_set1_password() (equivalently openssl cms -decrypt -pwri_password ...) on untrusted CMS data are vulnerable to this issue. No password knowledge is required: the over-read happens during the unwrap attempt before any authentication succeeds. The over-read is limited to a few bytes and is not written to output, so there is no information disclosure. Triggering a crash requires the allocation to border unmapped memory, which is unlikely with the normal allocator. The FIPS modules are not affected by this issue.", "cve_priority": "low", "cve_public_date": "2026-06-09 17:17:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Heap Buffer Over-read in ASN.1 Content Parsing", " - debian/patches/CVE-2026-34180.patch: Avoid length truncation in", " ASN1_STRING_set in crypto/asn1/tasn_dec.c.", " - CVE-2026-34180", " * SECURITY UPDATE: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys", " - debian/patches/CVE-2026-34181.patch: pkcs12: verify that the pbmac1 key", " length is safe in crypto/pkcs12/p12_mutl.c.", " - CVE-2026-34181", " * SECURITY UPDATE: CMS AuthEnvelopedData Processing May Accept Forged Messages", " - debian/patches/CVE-2026-34182-1.patch: Reject potentially forged encrypted", " CMS AuthEnvelopedData messages in crypto/cms/cms_enc.c.", " - debian/patches/CVE-2026-34182-2.patch: Add tests for CVE-2026-34182 in", " test/cmsapitest.c.", " - CVE-2026-34182", " * SECURITY UPDATE: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler", " - debian/patches/CVE-2026-34183-1.patch: QUIC stack must limit the number of", " PATH_CHALLENGE frames processed in RX in include/internal/quic_cfq.h,", " include/internal/quic_channel.h, include/internal/quic_fifd.h,", " ssl/quic/quic_cfq.c, ssl/quic/quic_channel.c,", " ssl/quic/quic_channel_local.h, ssl/quic/quic_fifd.c,", " ssl/quic/quic_rx_depack.c, ssl/quic/quic_txp.c.", " - debian/patches/CVE-2026-34183-2.patch: Add test for path challenge flood", " mitigation in include/internal/quic_channel.h, ssl/quic/quic_channel.c,", " ssl/quic/quic_channel_local.h, ssl/quic/quic_rx_depack.c,", " test/radix/quic_tests.c.", " - CVE-2026-34183", " * SECURITY UPDATE: NULL pointer dereference in QUIC server initial packet", " handling", " - debian/patches/CVE-2026-42764.patch: Fix NULL dereference in QUIC address", " validation in ssl/quic/quic_port.c.", " - CVE-2026-42764", " * SECURITY UPDATE: Possible NULL Dereference in Password-Based CMS Decryption", " - debian/patches/CVE-2026-42766.patch: Fix potential NULL dereference", " processing CMS PasswordRecipientInfo in crypto/cms/cms_pwri.c.", " - CVE-2026-42766", " * SECURITY UPDATE: NULL Pointer Dereference in CRMF EncryptedValue Decryption", " - debian/patches/CVE-2026-42767.patch: Fix potential NULL dereference in", " OSSL_CRMF_ENCRYPTEDVALUE_decrypt() in crypto/crmf/crmf_lib.c.", " - CVE-2026-42767", " * SECURITY UPDATE: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt()", " and PKCS7_decrypt()", " - debian/patches/CVE-2026-42768.patch: Enforce implicit rejection for", " CMS/PKCS#7 decryption in crypto/cms/cms_env.c, crypto/pkcs7/pk7_doit.c,", " doc/man3/CMS_decrypt.pod, doc/man3/PKCS7_decrypt.pod.", " - CVE-2026-42768", " * SECURITY UPDATE: Trust-Anchor Substitution via cert/issuer Typo in CMP", " rootCaKeyUpdate", " - debian/patches/CVE-2026-42769.patch: Use the correct issuer when", " validating rootCAKeyUpdate in crypto/cmp/cmp_genm.c.", " - CVE-2026-42769", " * SECURITY UPDATE: FFC-DH Peer Validation Uses Attacker-Supplied q", " - debian/patches/CVE-2026-42770.patch: Match the local q DHX parameter", " against the peer's q in providers/implementations/exchange/dh_exch.c.", " - CVE-2026-42770", " * SECURITY UPDATE: AES-OCB IV Ignored on EVP_Cipher() Path", " - debian/patches/CVE-2026-45445.patch: Apply the buffered IV on the AES-OCB", " EVP_Cipher() path in providers/implementations/ciphers/cipher_aes_ocb.c,", " test/evp_extra_test.c.", " - CVE-2026-45445", " * SECURITY UPDATE: Incorrect Tag Processing for Empty Messages in", " AES-GCM-SIV and AES-SIV modes", " - debian/patches/CVE-2026-45446.patch: Fix handling of empty-ciphertext", " messages in AES-GCM-SIV and AES-SIV in", " providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c,", " providers/implementations/ciphers/cipher_aes_siv.c, test/evp_extra_test.c.", " - CVE-2026-45446", " * SECURITY UPDATE: Heap Use-After-Free in OpenSSL PKCS7_verify()", " - debian/patches/CVE-2026-45447-1.patch: Fix possible use-after-free in", " OpenSSL PKCS7_verify() in crypto/pkcs7/pk7_smime.c.", " - debian/patches/CVE-2026-45447-2.patch: Test for CVE-2026-45447 (UAF in", " PKCS7_verify) in test/recipes/80-test_cms.t, test/smime-eml/pkcs7-empty-", " digest-set.eml.", " - CVE-2026-45447", " * SECURITY UPDATE: Possible Heap Buffer Overflow in ASN.1 Multibyte String", " Conversion", " - debian/patches/CVE-2026-7383.patch: Reject oversized inputs in", " ASN1_mbstring_ncopy() in crypto/asn1/a_mbstr.c.", " - CVE-2026-7383", " * SECURITY UPDATE: Out-of-Bounds Read in CMS Password-Based Decryption", " - debian/patches/CVE-2026-9076.patch: cms: kek_unwrap_key: Fix out-of-", " bounds read in check-byte validation in crypto/cms/cms_pwri.c.", " - CVE-2026-9076", " * Fix ppc64 FTBFS because of incorrect regex match (LP: 2137464)", " - debian/patches/regex_match_ecp_nistp521-ppc64.patch: removed,", " incomplete version.", " - debian/patches/fix_ppc64_regex_match.patch: match last filename for", " output in ecp_nistp*-ppc64.pl.", "" ], "package": "openssl", "version": "3.5.5-1ubuntu3.2", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 02 Jun 2026 13:21:36 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-twisted", "from_version": { "source_package_name": "twisted", "source_package_version": "25.5.0-5", "version": "25.5.0-5" }, "to_version": { "source_package_name": "twisted", "source_package_version": "25.5.0-5ubuntu0.1", "version": "25.5.0-5ubuntu0.1" }, "cves": [ { "cve": "CVE-2026-42304", "url": "https://ubuntu.com/security/CVE-2026-42304", "cve_description": "Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service (DoS) attack via resource exhaustion during DNS name decompression. A remote, unauthenticated attacker can exploit this by sending a crafted TCP DNS packet containing deeply chained compression pointers. This flaw bypasses previous loop-prevention logic, causing the single-threaded Twisted reactor to hang while processing millions of recursive lookups, effectively freezing the server. This vulnerability is fixed in 26.4.0rc2.", "cve_priority": "medium", "cve_public_date": "2026-05-13 21:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-42304", "url": "https://ubuntu.com/security/CVE-2026-42304", "cve_description": "Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service (DoS) attack via resource exhaustion during DNS name decompression. A remote, unauthenticated attacker can exploit this by sending a crafted TCP DNS packet containing deeply chained compression pointers. This flaw bypasses previous loop-prevention logic, causing the single-threaded Twisted reactor to hang while processing millions of recursive lookups, effectively freezing the server. This vulnerability is fixed in 26.4.0rc2.", "cve_priority": "medium", "cve_public_date": "2026-05-13 21:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: DNS name decompression denial of service", " - debian/patches/CVE-2026-42304-1.patch: fix denial of service in", " twisted.names mitigation in src/twisted/names/dns.py,", " src/twisted/names/test/test_dns.py.", " - debian/patches/CVE-2026-42304-2.patch: Update src/twisted/names/dns.py.", " - debian/patches/CVE-2026-42304-3.patch: Update", " src/twisted/names/test/test_dns.py.", " - debian/patches/CVE-2026-42304-4.patch: names: Refactor DNS compression", " mitigation in src/twisted/names/dns.py,", " src/twisted/names/newsfragments/12626.bugfix,", " src/twisted/names/test/test_dns.py.", " - debian/patches/CVE-2026-42304-5.patch: names: fix changes in", " src/twisted/names/dns.py, src/twisted/names/test/test_dns.py.", " - debian/patches/CVE-2026-42304-6.patch: Update", " src/twisted/names/newsfragments/12626.bugfix.", " - CVE-2026-42304", "" ], "package": "twisted", "version": "25.5.0-5ubuntu0.1", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Fri, 22 May 2026 10:20:52 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-urllib3", "from_version": { "source_package_name": "python-urllib3", "source_package_version": "2.6.3-1ubuntu1", "version": "2.6.3-1ubuntu1" }, "to_version": { "source_package_name": "python-urllib3", "source_package_version": "2.6.3-1ubuntu1.1", "version": "2.6.3-1ubuntu1.1" }, "cves": [ { "cve": "CVE-2026-44431", "url": "https://ubuntu.com/security/CVE-2026-44431", "cve_description": "urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.", "cve_priority": "medium", "cve_public_date": "2026-05-13 16:16:00 UTC" }, { "cve": "CVE-2026-44432", "url": "https://ubuntu.com/security/CVE-2026-44432", "cve_description": "urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) call when the response was decompressed using the official Brotli library or (2) when HTTPResponse.drain_conn() was called after the response had been read and decompressed partially (compression algorithm did not matter here). These issues could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This could result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data) on the client side. This vulnerability is fixed in 2.7.0.", "cve_priority": "medium", "cve_public_date": "2026-05-13 16:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-44431", "url": "https://ubuntu.com/security/CVE-2026-44431", "cve_description": "urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.", "cve_priority": "medium", "cve_public_date": "2026-05-13 16:16:00 UTC" }, { "cve": "CVE-2026-44432", "url": "https://ubuntu.com/security/CVE-2026-44432", "cve_description": "urllib3 is an HTTP client library for Python. From 2.6.0 to before 2.7.0, urllib3 could decompress the whole response instead of the requested portion (1) during the second HTTPResponse.read(amt=N) call when the response was decompressed using the official Brotli library or (2) when HTTPResponse.drain_conn() was called after the response had been read and decompressed partially (compression algorithm did not matter here). These issues could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This could result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data) on the client side. This vulnerability is fixed in 2.7.0.", "cve_priority": "medium", "cve_public_date": "2026-05-13 16:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: sensitive headers not stripped in cross-origin redirects", " - debian/patches/CVE-2026-44431.patch: remove sensitive headers in proxy", " pools too in dummyserver/asgi_proxy.py, src/urllib3/connectionpool.py,", " test/with_dummyserver/test_proxy_poolmanager.py.", " - CVE-2026-44431", " * SECURITY UPDATE: resource consumption via response decompression", " - debian/patches/CVE-2026-44432.patch: fix full decompression on the 2nd", " small read from response using Brotli in", " src/urllib3/response.py, test/test_response.py,", " test/with_dummyserver/test_connection.py.", " - CVE-2026-44432", "" ], "package": "python-urllib3", "version": "2.6.3-1ubuntu1.1", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Fri, 22 May 2026 13:26:37 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "rsync", "from_version": { "source_package_name": "rsync", "source_package_version": "3.4.1+ds1-7ubuntu0.2", "version": "3.4.1+ds1-7ubuntu0.2" }, "to_version": { "source_package_name": "rsync", "source_package_version": "3.4.1+ds1-7ubuntu0.3", "version": "3.4.1+ds1-7ubuntu0.3" }, "cves": [], "launchpad_bugs_fixed": [ 2155874 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: Regression fixes from May 2026 security update", " (LP: #2155874)", " - debian/patches/security-202605/*.patch: added regression fix commits", " backported from 3.4.4 by upstream.", "" ], "package": "rsync", "version": "3.4.1+ds1-7ubuntu0.3", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [ 2155874 ], "author": "Marc Deslauriers ", "date": "Mon, 08 Jun 2026 09:58:50 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "snapd", "from_version": { "source_package_name": "snapd", "source_package_version": "2.74.1+ubuntu26.04.4", "version": "2.74.1+ubuntu26.04.4" }, "to_version": { "source_package_name": "snapd", "source_package_version": "2.75.2+ubuntu26.04.2", "version": "2.75.2+ubuntu26.04.2" }, "cves": [ { "cve": "CVE-2026-3888", "url": "https://ubuntu.com/security/CVE-2026-3888", "cve_description": "Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.", "cve_priority": "high", "cve_public_date": "2026-03-17 14:16:00 UTC" } ], "launchpad_bugs_fixed": [ 2143882, 2142130, 2137543, 2142655, 2139664, 2139065, 2002697, 2141461, 2138268, 2138629, 2141328, 2139611, 2139300, 2139099, 2141607, 2138629, 2116949, 2068493, 2134364, 2132084, 2127189, 1851490, 2121853, 2127214, 2127244, 2127766 ], "changes": [ { "cves": [], "log": [ "", " * New upstream release, LP: #2143882", " - Interfaces: network-setup-*| allow running python binaries from", " the base on UC26+", " - Cross-distro: modify SELinux policy to allow mounting on", " /var/snap//", " - Fix potential task deadlock by considering all tasks in a lane", " that might be waiting for a reboot when processing delayed", " security backend effects", "" ], "package": "snapd", "version": "2.75.2+ubuntu26.04.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2143882 ], "author": "Katie May ", "date": "Mon, 30 Mar 2026 17:06:36 +0200" }, { "cves": [ { "cve": "CVE-2026-3888", "url": "https://ubuntu.com/security/CVE-2026-3888", "cve_description": "Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.", "cve_priority": "high", "cve_public_date": "2026-03-17 14:16:00 UTC" } ], "log": [ "", " - FDE: limit number of boot check log entries", " - Allow a logged in user to refresh private snaps during a refresh", " with multiple snaps", " - Use precise prune pattern for tmpfiles (CVE-2026-3888)", "" ], "package": "snapd", "version": "2.75.1+ubuntu26.04.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Katie May ", "date": "Wed, 18 Mar 2026 09:59:01 +0100" }, { "cves": [], "log": [ "", " - FDE: run early boot check only once per boot", " - FDE: update secboot to revision 77bc2457cc76", " - FDE: add degraded state for status API", " - FDE: prevent resealing tasks from running together", " - FDE: enable using keyslot tokens to store protected keys for UC26+", " - FDE: early commit kcmdline config transaction in update-gadget-", " cmdline to mitigate possible race condition", " - FDE: ensure extra snapd kcmdline fragments are applied", " - FDE: remove old secboot activation API calls", " - LP: #2142130 update apparmor parser to 4.1.7", " - LP: #2137543 disable translations in formatted output for snapctl", " services", " - LP: #2142655 improve snap size reporting precision in snap info", " output", " - LP: #2139664 snap-confine: remove race condition triggered by hat", " profile", " - LP: #2139065 skip 70-snap.*.rules when building dracut initramfs", " - LP: #2002697 error early on removal without purge if home is in", " NFS mount", " - LP: #2141461 Intefaces: allow snap-update-ns to read", " /proc/pid/auxv", " - LP: #2138268 Interfaces: kerberos-tickets| new interface allow", " access to kerberos tickets stored in /tmp", " - Interfaces: block-devices| allow Xen block devices", " - Interfaces: u2f-devices| add Tokey 3 FIDO", " - Interfaces: devlxd| new interface allowing acccess to LXD devlxd", " socket and APIs", " - Interfaces: browser-support| allow reading pressure stall info", " information", " - Interfaces: network-setup-control| allow additional netplan files", " access", " - Interfaces: desktop| allow access kvantum, lxqt, and gtk4", " configuration files", " - Interfaces: system-observe| allow fdinfo access for GPU monitoring", " - Interfaces: ubuntu-pro-control| allow access to Ubuntu Advantage", " client configuration", " - Prompting: add API endpoint to ask whether application should have", " access", " - Prompting: add support for audio-record prompting via API endpoint", " - Prompting: store snap name instead of apparmor label in requests", " - Prompting: respond with 503 to API requests when prompting", " subsystem is shutting down", " - Prompting: generalize prompting subsystem to support requests from", " outside AppArmor", " - Confdb: unset data for missing paths in set request", " - Confdb: return 400 for API requests with missing filter", " constraints", " - Confdb: return 400 for API requests with unmatched filter", " constraints", " - Confdb: support typed constraints in confdb filtering", " - Confdb: fixed unmarshalling transaction with placeholder path in", " deltas", " - Confdb: refresh confdb-schema assertions during manual refresh", " - Remote device management (experimental): add skeleton device", " management manager", " - Remote device management (experimental): add message exchange loop", " - Components: add snap component command, include component summary", " in snap info output", " - Components: enforce validation sets when installing components", " - Configuration: add system.motd configuration option to customize", " message of the day (motd)", " - packaging: remove dependencies libbrotli1, libfreetype6, and", " libpng16-16 from snap", " - snap-bootstrap: use libblkid for disk information to speed up boot", " - snap-confine: improve data handling error", " - snap-confine: use ld cache from the app base for core26+", " - snap: add riscv ISA detection for snaps", " - squashfs: reduce memory footprint of single file extraction", " - Add experimental snap delta format", " - Enable early download of seed snaps during refresh", " - Enable parallel downloads of essential snaps during refresh", " - Disallow removing components required by validation sets", " - Make snap prepare-image fail on --validation=ignore if model has", " enforced validation-sets", " - Fix correctly handling interrupted snap downloads", " - Fix handling of store throttling for refresh-app-awareness", " monitored snaps", " - Stop removed \"endure\" services on refresh", " - Install by default from the initramfs for UC26+, removing the need", " for a reboot after installation", " - Keep minidebuginfo in snapd snap", " - Make snap-specific systemd cgroup mandatory for snaps using core26", " and later, improve messaging for failure scenarios", " - Preserve stale connections of broken snaps", " - Remove enforce-validation-sets need for network", " - Opportunistic discarding of mount namespace when updating slot", " providers", " - Support for delaying updates of snap mount namespaces when", " refreshing slot providers", " - Use application CommonID as default source for desktop ID", "" ], "package": "snapd", "version": "2.75+ubuntu26.04.2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2142130, 2137543, 2142655, 2139664, 2139065, 2002697, 2141461, 2138268 ], "author": "Katie May ", "date": "Mon, 09 Mar 2026 17:10:13 +0100" }, { "cves": [], "log": [ "", " * New upstream release, LP: #2138629", " - FDE: measure DeployedMode and AuditMode variables if they appear", " as disabled in the event log to avoid a potential reseal-failure", " boot loop", " - LP: #2141328 FDE: reuse preinstall check context during install to", " account for user-ignored errors", " - LP: #2139611 FDE: fix db updates by allowing multiple payloads", " - LP: #2139300 snap-confine: add CAP_SYS_RESOURCE to allow raising", " memory lock limit when required", " - LP: #2139099 snap-confine: bump the max element count of the BPF", " map used to store IDs of allowed/matched devices to 1000", " - LP: #2141607 Desktop: revert change that caused user daemons", " declaring the desktop plug to implicitly depend on graphical-", " session.target", " - Interfaces: Added pidfd_open and memfd_secret to seccomp template", " - Interfaces: camera | add locking permission for /dev/video", "" ], "package": "snapd", "version": "2.74.1", "urgency": "medium", "distributions": "xenial", "launchpad_bugs_fixed": [ 2138629, 2141328, 2139611, 2139300, 2139099, 2141607 ], "author": "Ernest Lotter ", "date": "Thu, 12 Feb 2026 21:27:23 +0200" }, { "cves": [], "log": [ "", " * New upstream release, LP: #2138629", " - FDE: use new activation API from secboot", " - FDE: use activation API also with non keydata keys", " - FDE: ignore internal recovery key expiration during install", " - FDE: support adding/removing PINs post-installation", " - FDE: support changing PINs post-installation", " - FDE: support adding a recovery key post-installation", " - FDE: provide activation status via new endpoint v2/system-", " info/storage-encrypted", " - FDE: support sealing and resealing using the preinstall check", " result", " - FDE: disable passphrase support during install", " - FDE: add keyboard configuration helpers", " - FDE: lazily inject keyboard layout configuration in kernel cmdline", " - FDE: enable pin tries and limits PIN entry attempts to 3", " - FDE: extend secureboot endpoint to accept DB, KEK, and PK", " - FDE: simplify /v2/system-volumes keyslots handling by allowing", " name-only entries, implicitly expanding to all system containers", " - FDE: support extra non-system key slot names to support agents", " such as Landscape to set dedicated recovery keys", " - FDE: initialize fde state after device state", " - FDE: use device node to find the storage container and keys", " - FDE: provide user visible name for disk based on ID_MODEL", " - FDE: update secboot in snapd with latest additions and fixes", " - core-initrd: add systemd service for setting plymouth keyboard", " layout and X11 keyboard layouts", " - core-initrd: set plymouth cleartext toggle option", " - core-initrd: fix plymouth missing font issue", " - core-initrd: update dependency from libteec1 to libteec2", " - core-initrd: add new dlopened libs", " - LP: #2116949 Preseeding: add support for preseeding of hybrid", " systems via the installer API$", " - Preseeding: check whether a path is a mountpoint before remounting", " - Confdb: support tagging paths as secret in storage schemas", " - Confdb: support filtering on placeholder sub-keys", " - Confdb: support filtering in API and confdbstate", " - Confdb: support field filtering on reads", " - Confdb: support \"parameters\" stanza and check filters against them", " - Confdb: add support for '--with' contraints", " - Confdb: parsing fixes and error handling improvements", " - Assertions: restrict serials to new format in confdb-control", " - Assertions: add verify signature function", " - Remote device management: modify request-message assertion to", " expose its time constraints for remote device management", " - Remote device management: support polling of store messages", " - Remote device management: add signing of response messages with", " device key", " - Prompting: enable notify protocol v5 and test prompt restoration", " after snapd restart", " - snap: change malformed '--channel=' warning to error", " - snap: add 'snap report-issue' command to get the available contact", " details for the specified snap", " - snap: add 'snap version --verbose' flag to include information on", " snap binaries origin", " - snap: create the XDG_RUNTIME_DIR folder", " - LP: #2068493 snap: add support for 'snap refresh --tracking'", " - snapctl: add '--tracking' flag to 'snapctl refresh'", " - Reexec: include the info filepath in the version compare debug log", " - Reexec: add support for forcing reexec into and older snapd snap", " by setting SNAP_REEXEC=force in the environment", " - snap-confine: correct error message related to snap-confine group", " policy validation", " - snap-confine: ensure we only mount existing directories", " - LP: #2134364 snap-confine: handle potential race when creating", " /tmp/snap-private-tmp when lacking systemd-tmpfiles support", " - snap-confine: filter plus characters from security tags", " - Desktop: use desktop file IDs as desktop IDs", " - Desktop: store the common ID in the desktop file", " - Desktop: allow graphical daemons to show icons in the dock", " - Desktop: change user daemons with desktop plug defined to depend", " on graphical-session.target", " - dm-verity for essential snaps: made change to prerequisite struct", " - Cross-distro: modify SELinux profile to allow connecting to squid", " proxy", " - Cross-distro: add support for migrating snap mount directory", " - Packaging: drop ubuntu-14.04 packaging", " - Packaging: drop ubuntu-{14.04,16.04} transitional binary packages", " - Packaging: remove desktop files and state lock file during snapd", " purge", " - Packaging: fix inhibition hint file being left behind on failed", " unlink-current-snap", " - Disallow timeouts < 1us in systemd units", " - Add snap-store to the user-daemons support overrides", " - Support for SuccessExitStatus= generation for systemd daemon", " - Make standby output more verbose", " - Add prepare-serial-request hook", " - Try to discard snap mount namespaces when no processes are running", " during snap updates", " - Improve handling of snap downloads cache by introducing periodic", " cleanup with more aggressive policy", " - Interfaces: mediatek-accel | create new interface", " - Interfaces: nvidia-video-driver-libs | create new interface", " - Interfaces: *-driver-libs | accept component paths", " - Interfaces: desktop-legacy, unity7 | remove workaround for slash", " filtering in ibus address", " - Interfaces: fwupd | allow writing reboot notification in /run", " - Interfaces: add 'install' coreutil to base AppArmor template", " - Interfaces: u2f-devices | add apparmor permissions to allow the", " use of the libfido2 library in snaps", " - Interfaces: u2f-devices | add support for Thetis security key", " - Interfaces: add AppArmor workaround for mmap MAP_HUGETLB", " - Interfaces: timeserver-control | manage per-link ntp settings via", " systemd-networkd", "" ], "package": "snapd", "version": "2.74", "urgency": "medium", "distributions": "xenial", "launchpad_bugs_fixed": [ 2138629, 2116949, 2068493, 2134364 ], "author": "Ernest Lotter ", "date": "Tue, 20 Jan 2026 18:54:17 +0200" }, { "cves": [], "log": [ "", " * New upstream release, LP: #2132084", " - FDE: do not save incomplete FDE state when resealing was skipped", " - FDE: warn of inconsistent primary or policy counter", " - Confdb: document confdb in snapctl help messages", " - Confdb: only confdb hooks wait if snaps are disabled", " - Confdb: relax confdb change conflict checks", " - Confdb: remove empty parent when removing last leaf", " - Confdb: support parsing field filters", " - Confdb: wrap confdb write values under \"values\" key", " - dm-verity for essential snaps: add new naming convention for", " verity files", " - dm-verity for essential snaps: add snap integrity discovery", " - dm-verity for essential snaps: fix verity salt calculation", " - Assertions: add hardware identity assertion", " - Assertions: add integrity stanza in snap resources revisions", " - Assertions: add request message assertion required for remote", " device management", " - Assertions: add response-message assertion for secure remote", " device management", " - Assertions: expose WithStackedBackstore in RODatabase", " - Packaging: cross-distro | install upstream NEWS file into relevant", " snapd package doc directory", " - Packaging: cross-distro | tweak how the blocks injecting", " $SNAP_MOUNT_DIR/bin are generated as required for openSUSE", " - Packaging: remove deprecated snap-gdb-shim and all references now", " that snap run --gdb is unsupported and replaced by --gdbserver", " - Preseed: call systemd-tmpfiles instead handle-writable-paths on", " uc26", " - Preseed: do not remove the /snap dir but rather all its contents", " during reset", " - snap-confine: attach name derived from security tag to BPF maps", " and programs", " - snap-confine: ensure permitted capabilities match expectation", " - snap-confine: fix cached snap-confine profile cleanup to report", " the correct error instead of masking backend setup failures", " - snap-confine: Improve validation of user controlled paths", " - snap-confine: tighten snap cgroup checks to ensure a snap cannot", " start another snap in the same cgroup, preventing incorrect", " device-filter installation", " - core-initrd: add 26.04 ubuntu-core-initramfs package", " - core-initrd: add missing order dependency for setting default", " system files", " - core-initrd: avoid scanning loop and mmc boot partitions as the", " boot disk won't be any of these", " - core-initrd: make cpio a Depends and remove from Build-Depends", " - core-initrd: start plymouth sooner and reload when gadget is", " available", " - Cross-distro: modify syscheck to account for differences in", " openSUSE 16.0+", " - Validation sets: use in-flight validation sets when calling", " 'snapctl install' from hook", " - Prompting: enable prompting for the camera interface", " - Prompting: remove polkit authentication when modifying/deleting", " prompting rules", " - LP: #2127189 Prompting: do not record notices for unchanged rules", " on snapd startup", " - AppArmor: add free and pidof to the template", " - AppArmor: adjust interfaces/profiles to cope with coreutils paths", " - Interfaces: add support for compatibility expressions", " - Interfaces: checkbox-support | complete overhaul", " - Interfaces: define vulkan-driver-libs, cuda-driver-libs, egl-", " driver-libs, gbm-driver-libs, opengl-driver-libs, and opengles-", " driver-libs", " - Interfaces: allow snaps on classic access to nvidia graphics", " libraries exported by *-driver-libs interfaces", " - Interfaces: fwupd | broaden access to /boot/efi/EFI", " - Interfaces: gsettings | set dconf-service as profile for", " ca.desrt.dconf.Writer", " - Interfaces: iscsi-initiator, dm-multipath, nvme-control | add new", " interfaces", " - Interfaces: opengl | grant read/write permission to /run/nvidia-", " persistenced/socket", " - interfaces: ros-snapd-support | add access to /v2/changes/", " - Interfaces: system-observe | read access to btrfs/ext4/zfs", " filesystem information", " - Interfaces: system-trace | allow /sys/kernel/tracing/** rw", " - Interfaces: usb-gadget | add support for ffs mounts in attributes", " - Add autocompletion to run command", " - Introduce option for disallowing auto-connection of a specific", " interface", " - Only log errors for user service operations performed as a part of", " snap removal", " - Patch snap names in service requests for parallel installed snaps", " - Simplify traits for eMMC special partitions", " - Strip apparmor_parser from debug symbols shrinking snapd size by", " ~3MB", " - Fix InstallPathMany skipping refresh control", " - Fix waiting for GDB helper to stop before attaching gdbserver", " - Protect the per-snap tmp directory against being reaped by age", " - Prevent disabling base snaps to ensure dependent snaps can be", " removed", " - Modify API endpoint /v2/logs to reject n <= 0 (except for special", " case -1 meaning all)", " - Avoid potential deadlock when task is injected after the change", " was aborted", " - Avoid race between store download stream and cache cleanup", " executing in parallel when invoked by snap download task", " - LP: #1851490 Use \"current\" instead of revision number for icons", " - LP: #2121853 Add snapctl version command", " - LP: #2127214 Ensure no more than one partition on disk can match a", " gadget partition", " - LP: #2127244 snap-confine: update AppArmor profile to allow", " read/write to journal as workaround for snap-confine fd", " inheritance prevented by newer AppArmor", " - LP: #2127766 Add new tracing mechanism with independently running", " strace and shim synchronization", "" ], "package": "snapd", "version": "2.73", "urgency": "medium", "distributions": "xenial", "launchpad_bugs_fixed": [ 2132084, 2127189, 1851490, 2121853, 2127214, 2127244, 2127766 ], "author": "Ernest Lotter ", "date": "Fri, 21 Nov 2025 09:08:02 +0200" } ], "notes": null, "is_version_downgrade": false }, { "name": "telnet", "from_version": { "source_package_name": "inetutils", "source_package_version": "2:2.7-2ubuntu1", "version": "0.17+2.7-2ubuntu1" }, "to_version": { "source_package_name": "inetutils", "source_package_version": "2:2.7-2ubuntu1.1", "version": "0.17+2.7-2ubuntu1.1" }, "cves": [ { "cve": "CVE-2026-28372", "url": "https://ubuntu.com/security/CVE-2026-28372", "cve_description": "telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.", "cve_priority": "medium", "cve_public_date": "2026-02-27 06:18:00 UTC" }, { "cve": "CVE-2026-32746", "url": "https://ubuntu.com/security/CVE-2026-32746", "cve_description": "telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.", "cve_priority": "medium", "cve_public_date": "2026-03-13 19:55:00 UTC" }, { "cve": "CVE-2026-32772", "url": "https://ubuntu.com/security/CVE-2026-32772", "cve_description": "telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.", "cve_priority": "medium", "cve_public_date": "2026-03-16 14:19:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-28372", "url": "https://ubuntu.com/security/CVE-2026-28372", "cve_description": "telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.", "cve_priority": "medium", "cve_public_date": "2026-02-27 06:18:00 UTC" }, { "cve": "CVE-2026-32746", "url": "https://ubuntu.com/security/CVE-2026-32746", "cve_description": "telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.", "cve_priority": "medium", "cve_public_date": "2026-03-13 19:55:00 UTC" }, { "cve": "CVE-2026-32772", "url": "https://ubuntu.com/security/CVE-2026-32772", "cve_description": "telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.", "cve_priority": "medium", "cve_public_date": "2026-03-16 14:19:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: privilege escalation in telnetd", " - debian/patches/CVE-2026-28372.patch: prevent authentication", " bypass via CREDENTIALS_DIRECTORY environment variable", " - CVE-2026-28372", " * SECURITY UPDATE: stack-based buffer overflow in telnetd", " - debian/patches/CVE-2026-32746.patch: fix out-of-bounds write in", " LINEMODE SLC suboption handler by checking buffer bounds in", " add_slc", " - CVE-2026-32746", " * SECURITY UPDATE: information disclosure via environment variables", " - debian/patches/CVE-2026-32772.patch: do not send environment", " variables not marked for export to telnetd", " - CVE-2026-32772", "" ], "package": "inetutils", "version": "2:2.7-2ubuntu1.1", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Federico Quattrin ", "date": "Thu, 04 Jun 2026 10:22:06 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "vim", "from_version": { "source_package_name": "vim", "source_package_version": "2:9.1.2141-1ubuntu4.1", "version": "2:9.1.2141-1ubuntu4.1" }, "to_version": { "source_package_name": "vim", "source_package_version": "2:9.1.2141-1ubuntu4.3", "version": "2:9.1.2141-1ubuntu4.3" }, "cves": [ { "cve": "CVE-2026-46483", "url": "https://ubuntu.com/security/CVE-2026-46483", "cve_description": "Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescape(tartail) without the {special} flag, allowing a crafted archive filename to trigger Vim cmdline-special expansion and execute shell commands in the user's context. This vulnerability is fixed in 9.2.0479.", "cve_priority": "medium", "cve_public_date": "2026-05-15 15:16:00 UTC" }, { "cve": "CVE-2026-43961", "url": "https://ubuntu.com/security/CVE-2026-43961", "cve_description": "[Unknown description]", "cve_priority": "medium", "cve_public_date": "2026-05-20" }, { "cve": "CVE-2026-42307", "url": "https://ubuntu.com/security/CVE-2026-42307", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-44656", "url": "https://ubuntu.com/security/CVE-2026-44656", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-45130", "url": "https://ubuntu.com/security/CVE-2026-45130", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-bit signed integer multiplication, causing a small buffer to be allocated for a write loop that runs many iterations, overflowing the heap. Because the 'spelllang' option can be set from a modeline, a text file modeline can trigger spell file loading if a malicious .spl file has been planted on the runtimepath. This issue has been patched in version 9.2.0450.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-46483", "url": "https://ubuntu.com/security/CVE-2026-46483", "cve_description": "Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescape(tartail) without the {special} flag, allowing a crafted archive filename to trigger Vim cmdline-special expansion and execute shell commands in the user's context. This vulnerability is fixed in 9.2.0479.", "cve_priority": "medium", "cve_public_date": "2026-05-15 15:16:00 UTC" }, { "cve": "CVE-2026-43961", "url": "https://ubuntu.com/security/CVE-2026-43961", "cve_description": "[Unknown description]", "cve_priority": "medium", "cve_public_date": "2026-05-20" } ], "log": [ "", " * SECURITY UPDATE: Command injection in tar plugin.", " - debian/patches/CVE-2026-46483.patch: Use the correct shell-escape in", " runtime/autoload/tar.vim.", " - CVE-2026-46483", " * SECURITY UPDATE: Code injection via mf command.", " - debian/patches/CVE-2026-43961.patch: Avoid string concatenation for", " filter commands in runtime/pack/dist/opt/netrw/autoload/netrw.vim.", " - CVE-2026-43961", "" ], "package": "vim", "version": "2:9.1.2141-1ubuntu4.3", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Tue, 02 Jun 2026 15:57:23 -0600" }, { "cves": [ { "cve": "CVE-2026-42307", "url": "https://ubuntu.com/security/CVE-2026-42307", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-44656", "url": "https://ubuntu.com/security/CVE-2026-44656", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-45130", "url": "https://ubuntu.com/security/CVE-2026-45130", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-bit signed integer multiplication, causing a small buffer to be allocated for a write loop that runs many iterations, overflowing the heap. Because the 'spelllang' option can be set from a modeline, a text file modeline can trigger spell file loading if a malicious .spl file has been planted on the runtimepath. This issue has been patched in version 9.2.0450.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Command injection in netrw plugin.", " - debian/patches/CVE-2026-42307.patch: Escape file names and harden regex", " patterns in runtime/pack/dist/opt/netrw/autoload/netrw.vim", " - CVE-2026-42307", " * SECURITY UPDATE: Shell execution in completion.", " - debian/patches/CVE-2026-44656.patch: Skip path entries containing", " backticks and add P_SECURE option in src/findfile.c and src/optiondefs.h", " - CVE-2026-44656", " * SECURITY UPDATE: Heap overflow in spellfile.", " - debian/patches/CVE-2026-45130.patch: Enforce a maximum compound length", " in src/spellfile.c", " - CVE-2026-45130", "" ], "package": "vim", "version": "2:9.1.2141-1ubuntu4.2", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Wed, 20 May 2026 13:11:32 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "vim-common", "from_version": { "source_package_name": "vim", "source_package_version": "2:9.1.2141-1ubuntu4.1", "version": "2:9.1.2141-1ubuntu4.1" }, "to_version": { "source_package_name": "vim", "source_package_version": "2:9.1.2141-1ubuntu4.3", "version": "2:9.1.2141-1ubuntu4.3" }, "cves": [ { "cve": "CVE-2026-46483", "url": "https://ubuntu.com/security/CVE-2026-46483", "cve_description": "Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescape(tartail) without the {special} flag, allowing a crafted archive filename to trigger Vim cmdline-special expansion and execute shell commands in the user's context. This vulnerability is fixed in 9.2.0479.", "cve_priority": "medium", "cve_public_date": "2026-05-15 15:16:00 UTC" }, { "cve": "CVE-2026-43961", "url": "https://ubuntu.com/security/CVE-2026-43961", "cve_description": "[Unknown description]", "cve_priority": "medium", "cve_public_date": "2026-05-20" }, { "cve": "CVE-2026-42307", "url": "https://ubuntu.com/security/CVE-2026-42307", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-44656", "url": "https://ubuntu.com/security/CVE-2026-44656", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-45130", "url": "https://ubuntu.com/security/CVE-2026-45130", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-bit signed integer multiplication, causing a small buffer to be allocated for a write loop that runs many iterations, overflowing the heap. Because the 'spelllang' option can be set from a modeline, a text file modeline can trigger spell file loading if a malicious .spl file has been planted on the runtimepath. This issue has been patched in version 9.2.0450.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-46483", "url": "https://ubuntu.com/security/CVE-2026-46483", "cve_description": "Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescape(tartail) without the {special} flag, allowing a crafted archive filename to trigger Vim cmdline-special expansion and execute shell commands in the user's context. This vulnerability is fixed in 9.2.0479.", "cve_priority": "medium", "cve_public_date": "2026-05-15 15:16:00 UTC" }, { "cve": "CVE-2026-43961", "url": "https://ubuntu.com/security/CVE-2026-43961", "cve_description": "[Unknown description]", "cve_priority": "medium", "cve_public_date": "2026-05-20" } ], "log": [ "", " * SECURITY UPDATE: Command injection in tar plugin.", " - debian/patches/CVE-2026-46483.patch: Use the correct shell-escape in", " runtime/autoload/tar.vim.", " - CVE-2026-46483", " * SECURITY UPDATE: Code injection via mf command.", " - debian/patches/CVE-2026-43961.patch: Avoid string concatenation for", " filter commands in runtime/pack/dist/opt/netrw/autoload/netrw.vim.", " - CVE-2026-43961", "" ], "package": "vim", "version": "2:9.1.2141-1ubuntu4.3", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Tue, 02 Jun 2026 15:57:23 -0600" }, { "cves": [ { "cve": "CVE-2026-42307", "url": "https://ubuntu.com/security/CVE-2026-42307", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-44656", "url": "https://ubuntu.com/security/CVE-2026-44656", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-45130", "url": "https://ubuntu.com/security/CVE-2026-45130", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-bit signed integer multiplication, causing a small buffer to be allocated for a write loop that runs many iterations, overflowing the heap. Because the 'spelllang' option can be set from a modeline, a text file modeline can trigger spell file loading if a malicious .spl file has been planted on the runtimepath. This issue has been patched in version 9.2.0450.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Command injection in netrw plugin.", " - debian/patches/CVE-2026-42307.patch: Escape file names and harden regex", " patterns in runtime/pack/dist/opt/netrw/autoload/netrw.vim", " - CVE-2026-42307", " * SECURITY UPDATE: Shell execution in completion.", " - debian/patches/CVE-2026-44656.patch: Skip path entries containing", " backticks and add P_SECURE option in src/findfile.c and src/optiondefs.h", " - CVE-2026-44656", " * SECURITY UPDATE: Heap overflow in spellfile.", " - debian/patches/CVE-2026-45130.patch: Enforce a maximum compound length", " in src/spellfile.c", " - CVE-2026-45130", "" ], "package": "vim", "version": "2:9.1.2141-1ubuntu4.2", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Wed, 20 May 2026 13:11:32 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "vim-runtime", "from_version": { "source_package_name": "vim", "source_package_version": "2:9.1.2141-1ubuntu4.1", "version": "2:9.1.2141-1ubuntu4.1" }, "to_version": { "source_package_name": "vim", "source_package_version": "2:9.1.2141-1ubuntu4.3", "version": "2:9.1.2141-1ubuntu4.3" }, "cves": [ { "cve": "CVE-2026-46483", "url": "https://ubuntu.com/security/CVE-2026-46483", "cve_description": "Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescape(tartail) without the {special} flag, allowing a crafted archive filename to trigger Vim cmdline-special expansion and execute shell commands in the user's context. This vulnerability is fixed in 9.2.0479.", "cve_priority": "medium", "cve_public_date": "2026-05-15 15:16:00 UTC" }, { "cve": "CVE-2026-43961", "url": "https://ubuntu.com/security/CVE-2026-43961", "cve_description": "[Unknown description]", "cve_priority": "medium", "cve_public_date": "2026-05-20" }, { "cve": "CVE-2026-42307", "url": "https://ubuntu.com/security/CVE-2026-42307", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-44656", "url": "https://ubuntu.com/security/CVE-2026-44656", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-45130", "url": "https://ubuntu.com/security/CVE-2026-45130", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-bit signed integer multiplication, causing a small buffer to be allocated for a write loop that runs many iterations, overflowing the heap. Because the 'spelllang' option can be set from a modeline, a text file modeline can trigger spell file loading if a malicious .spl file has been planted on the runtimepath. This issue has been patched in version 9.2.0450.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-46483", "url": "https://ubuntu.com/security/CVE-2026-46483", "cve_description": "Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescape(tartail) without the {special} flag, allowing a crafted archive filename to trigger Vim cmdline-special expansion and execute shell commands in the user's context. This vulnerability is fixed in 9.2.0479.", "cve_priority": "medium", "cve_public_date": "2026-05-15 15:16:00 UTC" }, { "cve": "CVE-2026-43961", "url": "https://ubuntu.com/security/CVE-2026-43961", "cve_description": "[Unknown description]", "cve_priority": "medium", "cve_public_date": "2026-05-20" } ], "log": [ "", " * SECURITY UPDATE: Command injection in tar plugin.", " - debian/patches/CVE-2026-46483.patch: Use the correct shell-escape in", " runtime/autoload/tar.vim.", " - CVE-2026-46483", " * SECURITY UPDATE: Code injection via mf command.", " - debian/patches/CVE-2026-43961.patch: Avoid string concatenation for", " filter commands in runtime/pack/dist/opt/netrw/autoload/netrw.vim.", " - CVE-2026-43961", "" ], "package": "vim", "version": "2:9.1.2141-1ubuntu4.3", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Tue, 02 Jun 2026 15:57:23 -0600" }, { "cves": [ { "cve": "CVE-2026-42307", "url": "https://ubuntu.com/security/CVE-2026-42307", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-44656", "url": "https://ubuntu.com/security/CVE-2026-44656", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-45130", "url": "https://ubuntu.com/security/CVE-2026-45130", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-bit signed integer multiplication, causing a small buffer to be allocated for a write loop that runs many iterations, overflowing the heap. Because the 'spelllang' option can be set from a modeline, a text file modeline can trigger spell file loading if a malicious .spl file has been planted on the runtimepath. This issue has been patched in version 9.2.0450.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Command injection in netrw plugin.", " - debian/patches/CVE-2026-42307.patch: Escape file names and harden regex", " patterns in runtime/pack/dist/opt/netrw/autoload/netrw.vim", " - CVE-2026-42307", " * SECURITY UPDATE: Shell execution in completion.", " - debian/patches/CVE-2026-44656.patch: Skip path entries containing", " backticks and add P_SECURE option in src/findfile.c and src/optiondefs.h", " - CVE-2026-44656", " * SECURITY UPDATE: Heap overflow in spellfile.", " - debian/patches/CVE-2026-45130.patch: Enforce a maximum compound length", " in src/spellfile.c", " - CVE-2026-45130", "" ], "package": "vim", "version": "2:9.1.2141-1ubuntu4.2", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Wed, 20 May 2026 13:11:32 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "vim-tiny", "from_version": { "source_package_name": "vim", "source_package_version": "2:9.1.2141-1ubuntu4.1", "version": "2:9.1.2141-1ubuntu4.1" }, "to_version": { "source_package_name": "vim", "source_package_version": "2:9.1.2141-1ubuntu4.3", "version": "2:9.1.2141-1ubuntu4.3" }, "cves": [ { "cve": "CVE-2026-46483", "url": "https://ubuntu.com/security/CVE-2026-46483", "cve_description": "Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescape(tartail) without the {special} flag, allowing a crafted archive filename to trigger Vim cmdline-special expansion and execute shell commands in the user's context. This vulnerability is fixed in 9.2.0479.", "cve_priority": "medium", "cve_public_date": "2026-05-15 15:16:00 UTC" }, { "cve": "CVE-2026-43961", "url": "https://ubuntu.com/security/CVE-2026-43961", "cve_description": "[Unknown description]", "cve_priority": "medium", "cve_public_date": "2026-05-20" }, { "cve": "CVE-2026-42307", "url": "https://ubuntu.com/security/CVE-2026-42307", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-44656", "url": "https://ubuntu.com/security/CVE-2026-44656", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-45130", "url": "https://ubuntu.com/security/CVE-2026-45130", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-bit signed integer multiplication, causing a small buffer to be allocated for a write loop that runs many iterations, overflowing the heap. Because the 'spelllang' option can be set from a modeline, a text file modeline can trigger spell file loading if a malicious .spl file has been planted on the runtimepath. This issue has been patched in version 9.2.0450.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-46483", "url": "https://ubuntu.com/security/CVE-2026-46483", "cve_description": "Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescape(tartail) without the {special} flag, allowing a crafted archive filename to trigger Vim cmdline-special expansion and execute shell commands in the user's context. This vulnerability is fixed in 9.2.0479.", "cve_priority": "medium", "cve_public_date": "2026-05-15 15:16:00 UTC" }, { "cve": "CVE-2026-43961", "url": "https://ubuntu.com/security/CVE-2026-43961", "cve_description": "[Unknown description]", "cve_priority": "medium", "cve_public_date": "2026-05-20" } ], "log": [ "", " * SECURITY UPDATE: Command injection in tar plugin.", " - debian/patches/CVE-2026-46483.patch: Use the correct shell-escape in", " runtime/autoload/tar.vim.", " - CVE-2026-46483", " * SECURITY UPDATE: Code injection via mf command.", " - debian/patches/CVE-2026-43961.patch: Avoid string concatenation for", " filter commands in runtime/pack/dist/opt/netrw/autoload/netrw.vim.", " - CVE-2026-43961", "" ], "package": "vim", "version": "2:9.1.2141-1ubuntu4.3", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Tue, 02 Jun 2026 15:57:23 -0600" }, { "cves": [ { "cve": "CVE-2026-42307", "url": "https://ubuntu.com/security/CVE-2026-42307", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-44656", "url": "https://ubuntu.com/security/CVE-2026-44656", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-45130", "url": "https://ubuntu.com/security/CVE-2026-45130", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-bit signed integer multiplication, causing a small buffer to be allocated for a write loop that runs many iterations, overflowing the heap. Because the 'spelllang' option can be set from a modeline, a text file modeline can trigger spell file loading if a malicious .spl file has been planted on the runtimepath. This issue has been patched in version 9.2.0450.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Command injection in netrw plugin.", " - debian/patches/CVE-2026-42307.patch: Escape file names and harden regex", " patterns in runtime/pack/dist/opt/netrw/autoload/netrw.vim", " - CVE-2026-42307", " * SECURITY UPDATE: Shell execution in completion.", " - debian/patches/CVE-2026-44656.patch: Skip path entries containing", " backticks and add P_SECURE option in src/findfile.c and src/optiondefs.h", " - CVE-2026-44656", " * SECURITY UPDATE: Heap overflow in spellfile.", " - debian/patches/CVE-2026-45130.patch: Enforce a maximum compound length", " in src/spellfile.c", " - CVE-2026-45130", "" ], "package": "vim", "version": "2:9.1.2141-1ubuntu4.2", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Wed, 20 May 2026 13:11:32 -0600" } ], "notes": null, "is_version_downgrade": false }, { "name": "xxd", "from_version": { "source_package_name": "vim", "source_package_version": "2:9.1.2141-1ubuntu4.1", "version": "2:9.1.2141-1ubuntu4.1" }, "to_version": { "source_package_name": "vim", "source_package_version": "2:9.1.2141-1ubuntu4.3", "version": "2:9.1.2141-1ubuntu4.3" }, "cves": [ { "cve": "CVE-2026-46483", "url": "https://ubuntu.com/security/CVE-2026-46483", "cve_description": "Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescape(tartail) without the {special} flag, allowing a crafted archive filename to trigger Vim cmdline-special expansion and execute shell commands in the user's context. This vulnerability is fixed in 9.2.0479.", "cve_priority": "medium", "cve_public_date": "2026-05-15 15:16:00 UTC" }, { "cve": "CVE-2026-43961", "url": "https://ubuntu.com/security/CVE-2026-43961", "cve_description": "[Unknown description]", "cve_priority": "medium", "cve_public_date": "2026-05-20" }, { "cve": "CVE-2026-42307", "url": "https://ubuntu.com/security/CVE-2026-42307", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-44656", "url": "https://ubuntu.com/security/CVE-2026-44656", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-45130", "url": "https://ubuntu.com/security/CVE-2026-45130", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-bit signed integer multiplication, causing a small buffer to be allocated for a write loop that runs many iterations, overflowing the heap. Because the 'spelllang' option can be set from a modeline, a text file modeline can trigger spell file loading if a malicious .spl file has been planted on the runtimepath. This issue has been patched in version 9.2.0450.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2026-46483", "url": "https://ubuntu.com/security/CVE-2026-46483", "cve_description": "Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-like systems. The function builds :!gunzip and :!gzip -d commands using shellescape(tartail) without the {special} flag, allowing a crafted archive filename to trigger Vim cmdline-special expansion and execute shell commands in the user's context. This vulnerability is fixed in 9.2.0479.", "cve_priority": "medium", "cve_public_date": "2026-05-15 15:16:00 UTC" }, { "cve": "CVE-2026-43961", "url": "https://ubuntu.com/security/CVE-2026-43961", "cve_description": "[Unknown description]", "cve_priority": "medium", "cve_public_date": "2026-05-20" } ], "log": [ "", " * SECURITY UPDATE: Command injection in tar plugin.", " - debian/patches/CVE-2026-46483.patch: Use the correct shell-escape in", " runtime/autoload/tar.vim.", " - CVE-2026-46483", " * SECURITY UPDATE: Code injection via mf command.", " - debian/patches/CVE-2026-43961.patch: Avoid string concatenation for", " filter commands in runtime/pack/dist/opt/netrw/autoload/netrw.vim.", " - CVE-2026-43961", "" ], "package": "vim", "version": "2:9.1.2141-1ubuntu4.3", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Tue, 02 Jun 2026 15:57:23 -0600" }, { "cves": [ { "cve": "CVE-2026-42307", "url": "https://ubuntu.com/security/CVE-2026-42307", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-44656", "url": "https://ubuntu.com/security/CVE-2026-44656", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" }, { "cve": "CVE-2026-45130", "url": "https://ubuntu.com/security/CVE-2026-45130", "cve_description": "Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-bit signed integer multiplication, causing a small buffer to be allocated for a write loop that runs many iterations, overflowing the heap. Because the 'spelllang' option can be set from a modeline, a text file modeline can trigger spell file loading if a malicious .spl file has been planted on the runtimepath. This issue has been patched in version 9.2.0450.", "cve_priority": "medium", "cve_public_date": "2026-05-08 23:16:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: Command injection in netrw plugin.", " - debian/patches/CVE-2026-42307.patch: Escape file names and harden regex", " patterns in runtime/pack/dist/opt/netrw/autoload/netrw.vim", " - CVE-2026-42307", " * SECURITY UPDATE: Shell execution in completion.", " - debian/patches/CVE-2026-44656.patch: Skip path entries containing", " backticks and add P_SECURE option in src/findfile.c and src/optiondefs.h", " - CVE-2026-44656", " * SECURITY UPDATE: Heap overflow in spellfile.", " - debian/patches/CVE-2026-45130.patch: Enforce a maximum compound length", " in src/spellfile.c", " - CVE-2026-45130", "" ], "package": "vim", "version": "2:9.1.2141-1ubuntu4.2", "urgency": "medium", "distributions": "resolute-security", "launchpad_bugs_fixed": [], "author": "Kyle Kernick ", "date": "Wed, 20 May 2026 13:11:32 -0600" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [ { "name": "linux-headers-7.0.0-22", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "launchpad_bugs_fixed": [ 2154172, 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747, 2153786, 1786013, 2153962 ], "changes": [ { "cves": [], "log": [ "", " * GRO managed-frag use-after-free leading to local privilege escalation", " (LP: #2154172)", " - net: gro: don't merge zcopy skbs", "" ], "package": "linux", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2154172 ], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:41:37 +0200" }, { "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" } ], "log": [ "", " * apparmor (LP: #2151747)", " - SAUCE: apparmor: pass big_resp to handler", " - SAUCE: apparmor: remove redundant kref_init for listener->count", " - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb", "", " * apparmor (LP: #2151747) // CVE-2026-47337", " - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr", "", " * apparmor (LP: #2151747) // CVE-2026-47334", " - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock", "", " * apparmor (LP: #2151747) // CVE-2026-47333", " - SAUCE: apparmor: fix dfa unpacking size of the notification filter", "", " * apparmor (LP: #2151747) // CVE-2026-47332", " - SAUCE: apparmor: fix size check against type instead of pointer", "", " * apparmor: LLVM/clang build failure due to uninitialized variable in", " notify.c (LP: #2148809) // CVE-2026-47330", " - SAUCE: apparmor: initialize variable used in uninitialized context", "", " * apparmor (LP: #2151747) // CVE-2026-47329", " - SAUCE: apparmor: fix name validation bypass on notification", "", " * apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328", " - SAUCE: apparmor: fix glob memory leak after kstrdup", "", " * apparmor (LP: #2151747) // CVE-2026-47326", " - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer", "" ], "package": "linux", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 22:58:06 +0200" }, { "cves": [ { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "log": [ "", " * resolute/linux: 7.0.0-19.19 -proposed tracker (LP: #2153786)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update annotations scripts", " - [Packaging] debian.master/dkms-versions -- remove dkms-versions", " (main/s2026.05.11)", "", " * CVE-2026-46300", " - net: skbuff: preserve shared-frag marker during coalescing", " - net: skbuff: propagate shared-frag marker through frag-transfer helpers", "", " * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)", " - net/rds: reset op_nents when zerocopy page pin fails", "", " * CVE-2026-46333", " - ptrace: slightly saner 'get_dumpable()' logic", "", " * CVE-2026-43500", " - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets", " - rxrpc: Fix potential UAF after skb_unshare() failure", " - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets", " - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present", "", " * CVE-2026-43284", " - xfrm: esp: avoid in-place decrypt on shared skb frags", "" ], "package": "linux", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2153786, 1786013, 2153962 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:12:08 +0200" } ], "notes": "linux-headers-7.0.0-22 version '7.0.0-22.22' (source package linux version '7.0.0-22.22') was added. linux-headers-7.0.0-22 version '7.0.0-22.22' has the same source package name, linux, as removed package linux-headers-7.0.0-15. As such we can use the source package version of the removed package, '7.0.0-15.15', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-headers-7.0.0-22-generic", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "launchpad_bugs_fixed": [ 2154172, 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747, 2153786, 1786013, 2153962 ], "changes": [ { "cves": [], "log": [ "", " * GRO managed-frag use-after-free leading to local privilege escalation", " (LP: #2154172)", " - net: gro: don't merge zcopy skbs", "" ], "package": "linux", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2154172 ], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:41:37 +0200" }, { "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" } ], "log": [ "", " * apparmor (LP: #2151747)", " - SAUCE: apparmor: pass big_resp to handler", " - SAUCE: apparmor: remove redundant kref_init for listener->count", " - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb", "", " * apparmor (LP: #2151747) // CVE-2026-47337", " - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr", "", " * apparmor (LP: #2151747) // CVE-2026-47334", " - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock", "", " * apparmor (LP: #2151747) // CVE-2026-47333", " - SAUCE: apparmor: fix dfa unpacking size of the notification filter", "", " * apparmor (LP: #2151747) // CVE-2026-47332", " - SAUCE: apparmor: fix size check against type instead of pointer", "", " * apparmor: LLVM/clang build failure due to uninitialized variable in", " notify.c (LP: #2148809) // CVE-2026-47330", " - SAUCE: apparmor: initialize variable used in uninitialized context", "", " * apparmor (LP: #2151747) // CVE-2026-47329", " - SAUCE: apparmor: fix name validation bypass on notification", "", " * apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328", " - SAUCE: apparmor: fix glob memory leak after kstrdup", "", " * apparmor (LP: #2151747) // CVE-2026-47326", " - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer", "" ], "package": "linux", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 22:58:06 +0200" }, { "cves": [ { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "log": [ "", " * resolute/linux: 7.0.0-19.19 -proposed tracker (LP: #2153786)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update annotations scripts", " - [Packaging] debian.master/dkms-versions -- remove dkms-versions", " (main/s2026.05.11)", "", " * CVE-2026-46300", " - net: skbuff: preserve shared-frag marker during coalescing", " - net: skbuff: propagate shared-frag marker through frag-transfer helpers", "", " * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)", " - net/rds: reset op_nents when zerocopy page pin fails", "", " * CVE-2026-46333", " - ptrace: slightly saner 'get_dumpable()' logic", "", " * CVE-2026-43500", " - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets", " - rxrpc: Fix potential UAF after skb_unshare() failure", " - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets", " - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present", "", " * CVE-2026-43284", " - xfrm: esp: avoid in-place decrypt on shared skb frags", "" ], "package": "linux", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2153786, 1786013, 2153962 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:12:08 +0200" } ], "notes": "linux-headers-7.0.0-22-generic version '7.0.0-22.22' (source package linux version '7.0.0-22.22') was added. linux-headers-7.0.0-22-generic version '7.0.0-22.22' has the same source package name, linux, as removed package linux-headers-7.0.0-15. As such we can use the source package version of the removed package, '7.0.0-15.15', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-image-7.0.0-22-generic", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "launchpad_bugs_fixed": [ 2154172, 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747, 2153786, 1786013, 2153962 ], "changes": [ { "cves": [], "log": [ "", " * GRO managed-frag use-after-free leading to local privilege escalation", " (LP: #2154172)", " - net: gro: don't merge zcopy skbs", "" ], "package": "linux", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2154172 ], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:41:37 +0200" }, { "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" } ], "log": [ "", " * apparmor (LP: #2151747)", " - SAUCE: apparmor: pass big_resp to handler", " - SAUCE: apparmor: remove redundant kref_init for listener->count", " - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb", "", " * apparmor (LP: #2151747) // CVE-2026-47337", " - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr", "", " * apparmor (LP: #2151747) // CVE-2026-47334", " - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock", "", " * apparmor (LP: #2151747) // CVE-2026-47333", " - SAUCE: apparmor: fix dfa unpacking size of the notification filter", "", " * apparmor (LP: #2151747) // CVE-2026-47332", " - SAUCE: apparmor: fix size check against type instead of pointer", "", " * apparmor: LLVM/clang build failure due to uninitialized variable in", " notify.c (LP: #2148809) // CVE-2026-47330", " - SAUCE: apparmor: initialize variable used in uninitialized context", "", " * apparmor (LP: #2151747) // CVE-2026-47329", " - SAUCE: apparmor: fix name validation bypass on notification", "", " * apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328", " - SAUCE: apparmor: fix glob memory leak after kstrdup", "", " * apparmor (LP: #2151747) // CVE-2026-47326", " - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer", "" ], "package": "linux", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 22:58:06 +0200" }, { "cves": [ { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "log": [ "", " * resolute/linux: 7.0.0-19.19 -proposed tracker (LP: #2153786)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update annotations scripts", " - [Packaging] debian.master/dkms-versions -- remove dkms-versions", " (main/s2026.05.11)", "", " * CVE-2026-46300", " - net: skbuff: preserve shared-frag marker during coalescing", " - net: skbuff: propagate shared-frag marker through frag-transfer helpers", "", " * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)", " - net/rds: reset op_nents when zerocopy page pin fails", "", " * CVE-2026-46333", " - ptrace: slightly saner 'get_dumpable()' logic", "", " * CVE-2026-43500", " - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets", " - rxrpc: Fix potential UAF after skb_unshare() failure", " - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets", " - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present", "", " * CVE-2026-43284", " - xfrm: esp: avoid in-place decrypt on shared skb frags", "" ], "package": "linux", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2153786, 1786013, 2153962 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:12:08 +0200" } ], "notes": "linux-image-7.0.0-22-generic version '7.0.0-22.22' (source package linux version '7.0.0-22.22') was added. linux-image-7.0.0-22-generic version '7.0.0-22.22' has the same source package name, linux, as removed package linux-headers-7.0.0-15. As such we can use the source package version of the removed package, '7.0.0-15.15', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-main-modules-zfs-7.0.0-22-generic", "from_version": { "source_package_name": "linux-main-signed", "source_package_version": "7.0.0-15.15+1", "version": null }, "to_version": { "source_package_name": "linux-main-signed", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [], "launchpad_bugs_fixed": [ 1786013, 1786013, 1786013 ], "changes": [ { "cves": [], "log": [ "", "", " * Miscellaneous upstream changes", " - lmm: Add synthetic dependency for LMM package, to stop early promotion", "" ], "package": "linux-main-signed", "version": "7.0.0-15.15+1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Tue, 28 Apr 2026 16:51:29 +0300" }, { "cves": [], "log": [ "", " * Main version: 7.0.0-15.15", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/tracking-bug -- resync from main package", "" ], "package": "linux-main-signed", "version": "7.0.0-15.15", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Paolo Pisati ", "date": "Wed, 22 Apr 2026 16:06:36 +0200" }, { "cves": [], "log": [ "", "", " * Miscellaneous upstream changes", " - Revert \"lmm: Add synthetic dependency for LMM package, to stop early", " promotion\"", "" ], "package": "linux-main-signed", "version": "7.0.0-14.14+3", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [], "author": "Timo Aaltonen ", "date": "Tue, 14 Apr 2026 13:38:00 +0300" }, { "cves": [], "log": [ "", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/dkms-versions -- update from kernel-versions", " (main/d2026.04.13)", "" ], "package": "linux-main-signed", "version": "7.0.0-14.14+2", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Timo Aaltonen ", "date": "Tue, 14 Apr 2026 09:23:27 +0300" }, { "cves": [], "log": [ "", "", " * Packaging resync (LP: #1786013)", " - [Packaging] debian/dkms-versions -- update from kernel-versions", " (main/d2026.04.13)", "" ], "package": "linux-main-signed", "version": "7.0.0-14.14+1", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 1786013 ], "author": "Timo Aaltonen ", "date": "Mon, 13 Apr 2026 20:03:08 +0300" } ], "notes": "linux-main-modules-zfs-7.0.0-22-generic version '7.0.0-22.22' (source package linux-main-signed version '7.0.0-22.22') was added. linux-main-modules-zfs-7.0.0-22-generic version '7.0.0-22.22' has the same source package name, linux-main-signed, as removed package linux-main-modules-zfs-7.0.0-15-generic. As such we can use the source package version of the removed package, '7.0.0-15.15+1', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-modules-7.0.0-22-generic", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "launchpad_bugs_fixed": [ 2154172, 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747, 2153786, 1786013, 2153962 ], "changes": [ { "cves": [], "log": [ "", " * GRO managed-frag use-after-free leading to local privilege escalation", " (LP: #2154172)", " - net: gro: don't merge zcopy skbs", "" ], "package": "linux", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2154172 ], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:41:37 +0200" }, { "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" } ], "log": [ "", " * apparmor (LP: #2151747)", " - SAUCE: apparmor: pass big_resp to handler", " - SAUCE: apparmor: remove redundant kref_init for listener->count", " - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb", "", " * apparmor (LP: #2151747) // CVE-2026-47337", " - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr", "", " * apparmor (LP: #2151747) // CVE-2026-47334", " - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock", "", " * apparmor (LP: #2151747) // CVE-2026-47333", " - SAUCE: apparmor: fix dfa unpacking size of the notification filter", "", " * apparmor (LP: #2151747) // CVE-2026-47332", " - SAUCE: apparmor: fix size check against type instead of pointer", "", " * apparmor: LLVM/clang build failure due to uninitialized variable in", " notify.c (LP: #2148809) // CVE-2026-47330", " - SAUCE: apparmor: initialize variable used in uninitialized context", "", " * apparmor (LP: #2151747) // CVE-2026-47329", " - SAUCE: apparmor: fix name validation bypass on notification", "", " * apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328", " - SAUCE: apparmor: fix glob memory leak after kstrdup", "", " * apparmor (LP: #2151747) // CVE-2026-47326", " - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer", "" ], "package": "linux", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 22:58:06 +0200" }, { "cves": [ { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "log": [ "", " * resolute/linux: 7.0.0-19.19 -proposed tracker (LP: #2153786)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update annotations scripts", " - [Packaging] debian.master/dkms-versions -- remove dkms-versions", " (main/s2026.05.11)", "", " * CVE-2026-46300", " - net: skbuff: preserve shared-frag marker during coalescing", " - net: skbuff: propagate shared-frag marker through frag-transfer helpers", "", " * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)", " - net/rds: reset op_nents when zerocopy page pin fails", "", " * CVE-2026-46333", " - ptrace: slightly saner 'get_dumpable()' logic", "", " * CVE-2026-43500", " - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets", " - rxrpc: Fix potential UAF after skb_unshare() failure", " - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets", " - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present", "", " * CVE-2026-43284", " - xfrm: esp: avoid in-place decrypt on shared skb frags", "" ], "package": "linux", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2153786, 1786013, 2153962 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:12:08 +0200" } ], "notes": "linux-modules-7.0.0-22-generic version '7.0.0-22.22' (source package linux version '7.0.0-22.22') was added. linux-modules-7.0.0-22-generic version '7.0.0-22.22' has the same source package name, linux, as removed package linux-headers-7.0.0-15. As such we can use the source package version of the removed package, '7.0.0-15.15', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-tools-7.0.0-22", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "launchpad_bugs_fixed": [ 2154172, 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747, 2153786, 1786013, 2153962 ], "changes": [ { "cves": [], "log": [ "", " * GRO managed-frag use-after-free leading to local privilege escalation", " (LP: #2154172)", " - net: gro: don't merge zcopy skbs", "" ], "package": "linux", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2154172 ], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:41:37 +0200" }, { "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" } ], "log": [ "", " * apparmor (LP: #2151747)", " - SAUCE: apparmor: pass big_resp to handler", " - SAUCE: apparmor: remove redundant kref_init for listener->count", " - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb", "", " * apparmor (LP: #2151747) // CVE-2026-47337", " - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr", "", " * apparmor (LP: #2151747) // CVE-2026-47334", " - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock", "", " * apparmor (LP: #2151747) // CVE-2026-47333", " - SAUCE: apparmor: fix dfa unpacking size of the notification filter", "", " * apparmor (LP: #2151747) // CVE-2026-47332", " - SAUCE: apparmor: fix size check against type instead of pointer", "", " * apparmor: LLVM/clang build failure due to uninitialized variable in", " notify.c (LP: #2148809) // CVE-2026-47330", " - SAUCE: apparmor: initialize variable used in uninitialized context", "", " * apparmor (LP: #2151747) // CVE-2026-47329", " - SAUCE: apparmor: fix name validation bypass on notification", "", " * apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328", " - SAUCE: apparmor: fix glob memory leak after kstrdup", "", " * apparmor (LP: #2151747) // CVE-2026-47326", " - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer", "" ], "package": "linux", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 22:58:06 +0200" }, { "cves": [ { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "log": [ "", " * resolute/linux: 7.0.0-19.19 -proposed tracker (LP: #2153786)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update annotations scripts", " - [Packaging] debian.master/dkms-versions -- remove dkms-versions", " (main/s2026.05.11)", "", " * CVE-2026-46300", " - net: skbuff: preserve shared-frag marker during coalescing", " - net: skbuff: propagate shared-frag marker through frag-transfer helpers", "", " * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)", " - net/rds: reset op_nents when zerocopy page pin fails", "", " * CVE-2026-46333", " - ptrace: slightly saner 'get_dumpable()' logic", "", " * CVE-2026-43500", " - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets", " - rxrpc: Fix potential UAF after skb_unshare() failure", " - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets", " - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present", "", " * CVE-2026-43284", " - xfrm: esp: avoid in-place decrypt on shared skb frags", "" ], "package": "linux", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2153786, 1786013, 2153962 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:12:08 +0200" } ], "notes": "linux-tools-7.0.0-22 version '7.0.0-22.22' (source package linux version '7.0.0-22.22') was added. linux-tools-7.0.0-22 version '7.0.0-22.22' has the same source package name, linux, as removed package linux-headers-7.0.0-15. As such we can use the source package version of the removed package, '7.0.0-15.15', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false }, { "name": "linux-tools-7.0.0-22-generic", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": null }, "to_version": { "source_package_name": "linux", "source_package_version": "7.0.0-22.22", "version": "7.0.0-22.22" }, "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "launchpad_bugs_fixed": [ 2154172, 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747, 2153786, 1786013, 2153962 ], "changes": [ { "cves": [], "log": [ "", " * GRO managed-frag use-after-free leading to local privilege escalation", " (LP: #2154172)", " - net: gro: don't merge zcopy skbs", "" ], "package": "linux", "version": "7.0.0-22.22", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2154172 ], "author": "Manuel Diewald ", "date": "Mon, 25 May 2026 14:41:37 +0200" }, { "cves": [ { "cve": "CVE-2026-47337", "url": "https://ubuntu.com/security/CVE-2026-47337", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47334", "url": "https://ubuntu.com/security/CVE-2026-47334", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47333", "url": "https://ubuntu.com/security/CVE-2026-47333", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.", "cve_priority": "high", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47332", "url": "https://ubuntu.com/security/CVE-2026-47332", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47330", "url": "https://ubuntu.com/security/CVE-2026-47330", "cve_description": "Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47329", "url": "https://ubuntu.com/security/CVE-2026-47329", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.", "cve_priority": "low", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47327", "url": "https://ubuntu.com/security/CVE-2026-47327", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47328", "url": "https://ubuntu.com/security/CVE-2026-47328", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" }, { "cve": "CVE-2026-47326", "url": "https://ubuntu.com/security/CVE-2026-47326", "cve_description": "Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.", "cve_priority": "medium", "cve_public_date": "2026-05-28 19:16:00 UTC" } ], "log": [ "", " * apparmor (LP: #2151747)", " - SAUCE: apparmor: pass big_resp to handler", " - SAUCE: apparmor: remove redundant kref_init for listener->count", " - SAUCE: apparmor: fix NULL pointer dereference in unpack_pdb", "", " * apparmor (LP: #2151747) // CVE-2026-47337", " - SAUCE: apparmor: fix NULL pointer dereference in bind_map_addr", "", " * apparmor (LP: #2151747) // CVE-2026-47334", " - SAUCE: apparmor: fix sleep prone memory allocation under a spin_lock", "", " * apparmor (LP: #2151747) // CVE-2026-47333", " - SAUCE: apparmor: fix dfa unpacking size of the notification filter", "", " * apparmor (LP: #2151747) // CVE-2026-47332", " - SAUCE: apparmor: fix size check against type instead of pointer", "", " * apparmor: LLVM/clang build failure due to uninitialized variable in", " notify.c (LP: #2148809) // CVE-2026-47330", " - SAUCE: apparmor: initialize variable used in uninitialized context", "", " * apparmor (LP: #2151747) // CVE-2026-47329", " - SAUCE: apparmor: fix name validation bypass on notification", "", " * apparmor (LP: #2151747) // CVE-2026-47327 // CVE-2026-47328", " - SAUCE: apparmor: fix glob memory leak after kstrdup", "", " * apparmor (LP: #2151747) // CVE-2026-47326", " - SAUCE: apparmor: fix inverted NULL check after aa_get_buffer", "" ], "package": "linux", "version": "7.0.0-20.20", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2151747, 2151747, 2151747, 2151747, 2151747, 2148809, 2151747, 2151747, 2151747 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 22:58:06 +0200" }, { "cves": [ { "cve": "CVE-2026-46300", "url": "https://ubuntu.com/security/CVE-2026-46300", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.", "cve_priority": "high", "cve_public_date": "2026-05-23 12:17:00 UTC" }, { "cve": "CVE-2026-46333", "url": "https://ubuntu.com/security/CVE-2026-46333", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.", "cve_priority": "high", "cve_public_date": "2026-05-15 14:16:00 UTC" }, { "cve": "CVE-2026-43500", "url": "https://ubuntu.com/security/CVE-2026-43500", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-owned paged fragments (e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via __ip_append_data, or a chained skb_has_frag_list()) falls through to the in-place decryption path, which binds the frag pages directly into the AEAD/skcipher SGL via skb_to_sgvec(). Extend the gate to also unshare when skb_has_frag_list() or skb_has_shared_frag() is true. This catches the splice-loopback vector and other externally-shared frag sources while preserving the zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC page_pool RX, GRO). The OOM/trace handling already in place is reused.", "cve_priority": "high", "cve_public_date": "2026-05-11 08:16:00 UTC" }, { "cve": "CVE-2026-43284", "url": "https://ubuntu.com/security/CVE-2026-43284", "cve_description": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().", "cve_priority": "high", "cve_public_date": "2026-05-08 08:16:00 UTC" } ], "log": [ "", " * resolute/linux: 7.0.0-19.19 -proposed tracker (LP: #2153786)", "", " * Packaging resync (LP: #1786013)", " - [Packaging] update annotations scripts", " - [Packaging] debian.master/dkms-versions -- remove dkms-versions", " (main/s2026.05.11)", "", " * CVE-2026-46300", " - net: skbuff: preserve shared-frag marker during coalescing", " - net: skbuff: propagate shared-frag marker through frag-transfer helpers", "", " * net/rds: reset op_nents when zerocopy page pin fails (LP: #2153962)", " - net/rds: reset op_nents when zerocopy page pin fails", "", " * CVE-2026-46333", " - ptrace: slightly saner 'get_dumpable()' logic", "", " * CVE-2026-43500", " - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets", " - rxrpc: Fix potential UAF after skb_unshare() failure", " - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets", " - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present", "", " * CVE-2026-43284", " - xfrm: esp: avoid in-place decrypt on shared skb frags", "" ], "package": "linux", "version": "7.0.0-19.19", "urgency": "medium", "distributions": "resolute", "launchpad_bugs_fixed": [ 2153786, 1786013, 2153962 ], "author": "Manuel Diewald ", "date": "Fri, 22 May 2026 16:12:08 +0200" } ], "notes": "linux-tools-7.0.0-22-generic version '7.0.0-22.22' (source package linux version '7.0.0-22.22') was added. linux-tools-7.0.0-22-generic version '7.0.0-22.22' has the same source package name, linux, as removed package linux-headers-7.0.0-15. As such we can use the source package version of the removed package, '7.0.0-15.15', as the starting point in our changelog diff. Kernel packages are an example of where the binary package name changes for the same source package. Using the removed package source package version as our starting point means we can still get meaningful changelog diffs even for what appears to be a new package.", "is_version_downgrade": false } ], "snap": [] }, "removed": { "deb": [ { "name": "linux-headers-7.0.0-15", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-headers-7.0.0-15-generic", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-image-7.0.0-15-generic", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-main-modules-zfs-7.0.0-15-generic", "from_version": { "source_package_name": "linux-main-signed", "source_package_version": "7.0.0-15.15+1", "version": "7.0.0-15.15+1" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-modules-7.0.0-15-generic", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-tools-7.0.0-15", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false }, { "name": "linux-tools-7.0.0-15-generic", "from_version": { "source_package_name": "linux", "source_package_version": "7.0.0-15.15", "version": "7.0.0-15.15" }, "to_version": { "source_package_name": null, "source_package_version": null, "version": null }, "cves": [], "launchpad_bugs_fixed": [], "changes": [], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "notes": "Changelog diff for Ubuntu 26.04 resolute image from release image serial 20260520 to 20260612", "from_series": "resolute", "to_series": "resolute", "from_serial": "20260520", "to_serial": "20260612", "from_manifest_filename": "release_manifest.previous", "to_manifest_filename": "manifest.current" }