authorization

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7580-1 Related CVEs: CVE-2025-6020 CVE-2024-22365 CVE-2022-28321 https://launchpad.net/bugs/2006073 Upstream summary: Olivier BAL-PETRE discovered that the PAM pam_namespace module incorrectly handled user-controlled paths. In environments where pam_namespace is used, a local attacker […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7542-1 Related CVEs: CVE-2025-3576 CVE-2024-26458 CVE-2024-26461 CVE-2024-26462 CVE-2025-24528 CVE-2024-3596 CVE-2024-37370 CVE-2024-37371  +3 more Upstream summary: It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-4521-1 Related CVEs: CVE-2020-13881 Upstream summary: It was discovered that pam_tacplus did not properly manage shared secrets if DEBUG loglevel and journald are used. A remote attacker could use this […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 16.04 (xenial) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7542-1 Related CVEs: CVE-2025-3576 CVE-2024-3596 CVE-2024-37370 CVE-2024-37371 CVE-2023-36054 CVE-2018-20217 CVE-2022-42898 CVE-2020-28196 Upstream summary: It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could possibly use […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Ubuntu 18.04 (bionic) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7542-1 Related CVEs: CVE-2025-3576 CVE-2024-3596 CVE-2024-37370 CVE-2024-37371 CVE-2023-36054 CVE-2021-36222 CVE-2021-37750 CVE-2018-20217  +2 more Upstream summary: It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Ubuntu 14.04 (trusty) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6588-2 Related CVEs: CVE-2024-22365 CVE-2022-28321 https://launchpad.net/bugs/2006073 https://launchpad.net/bugs/1558114 CVE-2013-7041 CVE-2014-2583 CVE-2015-3238 Upstream summary: USN-6588-1 fixed a vulnerability in PAM. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 24.04 (noble) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7363-1 Related CVEs: CVE-2025-24032 CVE-2025-24531 Upstream summary: Marcus Rückert and Matthias Gerstner discovered that PAM-PKCS#11 did not properly handle certain return codes when authentication was not possible. An attacker could […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 20.04 (focal) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-7806-1 Related CVEs: CVE-2025-23013 Upstream summary: It was discovered that PAM/U2F could allow for authentication bypass in some configurations. An attacker could possibly use this issue to execute arbitrary code […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-6836-1 Related CVEs: CVE-2023-3758 Upstream summary: It was discovered that SSSD did not always correctly apply the GPO policy for authenticated users, contrary to expectations. This could result in improper […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Ubuntu 22.04 (jammy) 📖 ~4 min read  •  Source: Ubuntu Security Notice USN-8256-1 Related CVEs: CVE-2026-41082 Upstream summary: Andrew Nesbitt discovered that opam did not properly validate file destination paths in package install files. An attacker could use this issue to bypass […]