Home / mailings [USN-7992-1] Inetutils vulnerability
Posted on 03 February 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-7992-1
February 02, 2026
inetutils vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
Summary:
Inetutils could allow unintended access to network services.
Software Description:
- inetutils: Collection of common network programs
Details:
Kyu Neushwaistein discovered that telnetd in Inetutils incorrectly handled
certain environment variables. A remote attacker could use this issue to
bypass authentication and open a session as an administrator.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.10
inetutils-telnetd 2:2.6-1ubuntu3.1
Ubuntu 24.04 LTS
inetutils-telnetd 2:2.5-3ubuntu4.1
Ubuntu 22.04 LTS
inetutils-telnetd 2:2.2-2ubuntu0.2
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7992-1
CVE-2026-24061
Package Information:
https://launchpad.net/ubuntu/+source/inetutils/2:2.6-1ubuntu3.1
https://launchpad.net/ubuntu/+source/inetutils/2:2.5-3ubuntu4.1
https://launchpad.net/ubuntu/+source/inetutils/2:2.2-2ubuntu0.2
--===============8764891421908151006==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
