Home / mailingsPDF  

[USN-8402-1] systemd vulnerabilities

Posted on 08 June 2026
Ubuntu Security

==========================================================================Ubuntu Security Notice USN-8402-1
June 08, 2026

systemd vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in systemd.

Software Description:
- systemd: system and service manager

Details:

It was discovered that systemd-nspawn incorrectly handled certain optional
configuration files. A local attacker could possibly use this issue to
escape to the host system and execute arbitrary code. (CVE-2026-40226)

It was discovered that systemd-resolved incorrectly validated DNSSEC
records for signed domains. An attacker could possibly use this issue to
manipulate DNS records. This issue only affected Ubuntu 22.04 LTS.
(CVE-2023-7008)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
libsystemd0 257.9-0ubuntu2.5
libudev1 257.9-0ubuntu2.5
systemd 257.9-0ubuntu2.5
udev 257.9-0ubuntu2.5

Ubuntu 24.04 LTS
libsystemd0 255.4-1ubuntu8.16
libudev1 255.4-1ubuntu8.16
systemd 255.4-1ubuntu8.16
udev 255.4-1ubuntu8.16

Ubuntu 22.04 LTS
libnss-resolve 249.11-0ubuntu3.21
libsystemd0 249.11-0ubuntu3.21
libudev1 249.11-0ubuntu3.21
systemd 249.11-0ubuntu3.21
udev 249.11-0ubuntu3.21

After a standard system update you need to reboot your computer to make all
the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8402-1
CVE-2023-7008, CVE-2026-40226

Package Information:
https://launchpad.net/ubuntu/+source/systemd/257.9-0ubuntu2.5
https://launchpad.net/ubuntu/+source/systemd/255.4-1ubuntu8.16
https://launchpad.net/ubuntu/+source/systemd/249.11-0ubuntu3.21

--===============7728056788416991857==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature

 

TOP

Mailings :

Exploits :