Home / mailings [USN-8325-1] tgt vulnerability
Posted on 27 May 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-8325-1
May 27, 2026
tgt vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
tgt could be made to generate an identical sequence of challenges.
Software Description:
- tgt: Linux SCSI target user-space daemon
Details:
It was discovered that tgt incorrectly tried to achieve entropy by calling
rand without srand. An attacker could possibly use this issue to make tgt
generate an identical sequence of challenges, resulting in authentication
bypass.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
tgt 1:1.0.85-1.1ubuntu6+esm1
Available with Ubuntu Pro
Ubuntu 22.04 LTS
tgt 1:1.0.80-1ubuntu2+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
tgt 1:1.0.72-1ubuntu1+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
tgt 1:1.0.63-1ubuntu1.1+esm1
Available with Ubuntu Pro
Ubuntu 14.04 LTS
tgt 1:1.0.43-0ubuntu4.1~14.04.3+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8325-1
CVE-2024-45751
--===============7578507712284025810==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
