Ubuntu alert USN-7992-1 (inetutils)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7992-1] Inetutils vulnerability | |
| Date: | Tue, 03 Feb 2026 00:06:13 +0000 | |
| Message-ID: | <E1vn3vp-0003J0-Va@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-7992-1 February 02, 2026 inetutils vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Inetutils could allow unintended access to network services. Software Description: - inetutils: Collection of common network programs Details: Kyu Neushwaistein discovered that telnetd in Inetutils incorrectly handled certain environment variables. A remote attacker could use this issue to bypass authentication and open a session as an administrator. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 inetutils-telnetd 2:2.6-1ubuntu3.1 Ubuntu 24.04 LTS inetutils-telnetd 2:2.5-3ubuntu4.1 Ubuntu 22.04 LTS inetutils-telnetd 2:2.2-2ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7992-1 CVE-2026-24061 Package Information: https://launchpad.net/ubuntu/+source/inetutils/2:2.6-1ubu... https://launchpad.net/ubuntu/+source/inetutils/2:2.5-3ubu... https://launchpad.net/ubuntu/+source/inetutils/2:2.2-2ubu...
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmmBO9UACgkQcpJm3tlz hgFHoBAA2Cw7Qtgh3qpwhMJZJHq1EF8dJ1dMKrSnyf8NiH/kb4rDzR5I9U/cpmS4 OPEPpYbcERgMih5obDmMcKwPoNaRwBCNhnzp6494LerBIJIC2OxftS48iqEHF9G8 MmY58alML0S8EgLTx8a9zOdueXO3tlwQQwYSOtDrXYRSZbvYWX+jegSnr/urAJV7 oRyVoj1siwyw0FGJJZRRsndeKiWVAXC+nI2hSsexd7ntLf1F3b4bn0Yj9VMab8fJ /160+3TFfgrtg10fYd7m780S5m5NilG7QrqegtzTno5JdXxDCpdRvwBG1q59fmUf ZE2kH3IKUzJXuDqR/1cD4+CxCm3NsMBrdL/W4yfE7hcPqXeR58SRE0th3WuKtwcL HpdWxGg/g5bhlDwh7qgVbw37c8ny8Njjc5ynRYp61wthuIIGUypT/TlmHmtMzbGg lIVOuvoD7HIJc6ur7Hk8eCOT/Byrz7YQNTBWH/HJeq0alwcwVz0BEq8bZcfKS39s IMnMM8tksMx8INhGrTASFFE/C8yMsz9k0krKltAS8YPhNm8Q6gBVrHAxnS96XIlV TeHts2lYchW5sJNMqpImR36lCDGrNRLZQFjtzJqOGLWqGy4xWCqzgFoyuLUXMTHJ wA4JWctQo9ctmsr3urvX85lMMnNBLwqQUV/NHDKeWoZ6M1sh6jg= =TnIY -----END PGP SIGNATURE-----