Home / mailings [USN-8229-2] sed vulnerability
Posted on 28 May 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-8229-2
May 28, 2026
sed vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
sed could be made to overwrite files.
Software Description:
- sed: GNU stream editor for filtering/transforming text
Details:
USN-8229-1 fixed a vulnerability in sed. This update provides the
corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
Original advisory details:
MichaĆ Majchrowicz and Marcin Wyczechowski discovered that sed
incorrectly handled symbolic links when performing in-place edits.
A local attacker could possibly use this issue to overwrite
arbitrary files.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
sed 4.7-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
sed 4.4-2ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8229-2
https://ubuntu.com/security/notices/USN-8229-1
CVE-2026-5958
--===============5042993421610916982==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
