libcap could be made to modify capabilities on arbitrary files.
Software Description:
- libcap2: POSIX 1003.1e capabilities library
Details:
Ali Raza discovered that libcap incorrectly handled file capability
updates. A local attacker could possibly use this issue to inject or strip
capabilities into arbitrary executables and escalate privileges.
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libcap2 1:2.75-7ubuntu2.2 libcap2-bin 1:2.75-7ubuntu2.2 Ubuntu 24.04 LTS libcap2 1:2.66-5ubuntu2.4 libcap2-bin 1:2.66-5ubuntu2.4 Ubuntu 22.04 LTS libcap2 1:2.44-1ubuntu0.22.04.3 libcap2-bin 1:2.44-1ubuntu0.22.04.3 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-8193-1
CVE-2026-4878
Get the latest Linux and open source security news straight to your inbox.