Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| Launchpad | 2152282 | [SRU] Ubuntu 26.04 / Settings crashes when accessing \ | malcontent malcontent |
| Launchpad | 2104322 | cinder-manager quota sync is not working | cinder |
| Launchpad | 2152807 | [SRU] Segmentation fault on suspend/resume cycle for multiple monitors | budgie-desktop-services |
| Launchpad | 2077969 | Settings \u003e Ubuntu Desktop \u003e \ | gnome-session gnome-session |
| CVE | CVE-2026-7598 | A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c | libssh2 libssh2 libssh2 |
| CVE | CVE-2026-6507 | A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY (Bootstrap | dnsmasq dnsmasq |
| CVE | CVE-2026-4480 | Unauthenticated Remote Code Execution using print command | samba samba samba samba samba samba samba samba |
| CVE | CVE-2026-4408 | Remote Code Execution in SAMR when check password script contains %u substitution placeholder | samba samba samba samba samba samba samba samba |
| CVE | CVE-2026-3238 | unauthenticated udp packet crashes AD DC nbt server | samba samba samba samba samba samba samba samba |
| CVE | CVE-2026-3012 | group policy certificate enrollment uses http:// without validation | samba samba samba samba samba samba samba samba |
| CVE | CVE-2026-2340 | vfs_worm does not block directory modification | samba samba samba samba samba samba samba samba |
| CVE | CVE-2026-1933 | Missing access check on reparse point operations | samba samba samba samba |
| CVE | CVE-2026-46300 | In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() c | linux linux linux |
| Launchpad | 2153556 | Kernel regression (6.8.0-117.generic) | linux linux linux |
| CVE | CVE-2026-45130 | Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when | vim vim vim vim vim vim vim vim vim vim vim vim vim vim |
| CVE | CVE-2026-44656 | Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line | vim vim vim vim vim vim vim vim vim vim vim vim vim vim |
| CVE | CVE-2026-42307 | Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin | vim vim vim vim vim vim vim vim vim vim vim vim vim vim |
| CVE | CVE-2026-40170 | ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer tr | ngtcp2 ngtcp2 |
| CVE | CVE-2026-41179 | Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to | rclone rclone rclone rclone rclone rclone |
| CVE | CVE-2026-41176 | Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint `options/set` is expose | rclone rclone rclone rclone rclone rclone rclone rclone |
About
-
Send Feedback to @ubuntu_updates
