Keystone Middleware could allow unintended access to network services.
Software Description:
- python-keystonemiddleware: Middleware for OpenStack Identity (Keystone)
Details:
Grzegorz Grasza discovered that the Keystone Middleware incorrectly
sanitized authentication headers before processing OAuth 2.0 tokens. An
attacker could possibly use this issue to escalate privileges or
impersonate other users.
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 python3-keystonemiddleware 10.12.0-0ubuntu1.1 Ubuntu 24.04 LTS python3-keystonemiddleware 10.6.0-0ubuntu1.1 After a standard system update you need to restart Keystone to make all the necessary changes.
https://ubuntu.com/security/notices/USN-8008-1
CVE-2026-22797
Get the latest Linux and open source security news straight to your inbox.