Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Ubuntu 25.10 Keystone Middleware Important Access Escalation CVE-2026-22797

Calendar Feb 03, 2026 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory Ubuntu important authentication access keystone-middleware
Keystone Middleware could allow unintended access to network services. 
==========================================================================
Ubuntu Security Notice USN-8008-1
February 03, 2026

python-keystonemiddleware vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS

Summary:

Keystone Middleware could allow unintended access to network services.

Software Description:
- python-keystonemiddleware: Middleware for OpenStack Identity (Keystone)

Details:

Grzegorz Grasza discovered that the Keystone Middleware incorrectly
sanitized authentication headers before processing OAuth 2.0 tokens. An
attacker could possibly use this issue to escalate privileges or
impersonate other users.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  python3-keystonemiddleware      10.12.0-0ubuntu1.1

Ubuntu 24.04 LTS
  python3-keystonemiddleware      10.6.0-0ubuntu1.1

After a standard system update you need to restart Keystone to make all the
necessary changes.

References:
  https://ubuntu.com/security/notices/USN-8008-1
  CVE-2026-22797

Package Information:
  https://launchpad.net/ubuntu/+source/python-keystonemiddleware/10.12.0-0ubuntu1.1
  https://launchpad.net/ubuntu/+source/python-keystonemiddleware/10.6.0-0ubuntu1.1

Ubuntu 25.10 Keystone Middleware Important Access Escalation CVE-2026-22797

ubuntu
Calendar Grey February 3, 2026
Dist Ubuntu Esm H88
Unwanted access to network services in Keystone Middleware affects Ubuntu 25.10 and 24.04 LTS. Update recommended.
Keystone Middleware could allow unintended access to network services.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS Summary: Keystone Middleware could allow unintended access to network services. Software Description: - python-keystonemiddleware: Middleware for OpenStack Identity (Keystone) Details: Grzegorz Grasza discovered that the Keystone Middleware incorrectly sanitized authentication headers before processing OAuth 2.0 tokens. An attacker could possibly use this issue to escalate privileges or impersonate other users.

Topics%20covered

Topics Covered

security advisory Ubuntu important authentication access keystone-middleware

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 python3-keystonemiddleware 10.12.0-0ubuntu1.1 Ubuntu 24.04 LTS python3-keystonemiddleware 10.6.0-0ubuntu1.1 After a standard system update you need to restart Keystone to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8008-1

CVE-2026-22797

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8008-1

Topics%20covered

Topics Covered

security advisory Ubuntu important authentication access keystone-middleware

Package Information

https://launchpad.net/ubuntu/+source/python-keystonemiddleware/10.12.0-0ubuntu1.1 https://launchpad.net/ubuntu/+source/python-keystonemiddleware/10.6.0-0ubuntu1.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here