Ubuntu 25.10 rustc Critical Permissions Escalation USN-8168-1

rustc could be made to modify permissions on arbitrary directories.

==========================================================================
Ubuntu Security Notice USN-8168-1
April 13, 2026

rustc vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

rustc could be made to modify permissions on arbitrary directories.

Software Description:
- rustc-1.85: Rust systems programming language
- rustc-1.88: Rust systems programming language
- rustc: Rust systems programming language
- rustc-1.74: Rust systems programming language
- rustc-1.76: Rust systems programming language
- rustc-1.77: Rust systems programming language
- rustc-1.78: Rust systems programming language
- rustc-1.79: Rust systems programming language
- rustc-1.80: Rust systems programming language
- rustc-1.81: Rust systems programming language
- rustc-1.82: Rust systems programming language
- rustc-1.83: Rust systems programming language
- rustc-1.84: Rust systems programming language
- rustc-1.89: Rust systems programming language
- rustc-1.91: Rust systems programming language
- rustc-1.62: Rust systems programming language

Details:

It was discovered that tar-rs embedded in rustc incorrectly handled
symlinks when unpacking a tar archive. If a user or automated system were
tricked into processing a specially crafted tar archive, a remote attacker
could use this issue to modify permissions of arbitrary directories outside
the extraction root, and possibly escalate privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  rustc-1.85                      1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1
  rustc-1.88                      1.88.0+dfsg0ubuntu1-0ubuntu2

Ubuntu 24.04 LTS
  rustc                           1.75.0+dfsg0ubuntu1-0ubuntu7.4
  rustc-1.74                      1.74.1+dfsg0ubuntu1-0ubuntu15
  rustc-1.76                      1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2
  rustc-1.77                      1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1
  rustc-1.78                      1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2
  rustc-1.79                      1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1
  rustc-1.80                      1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01
  rustc-1.81                      1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1
  rustc-1.82                      1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1
  rustc-1.83                      1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1
  rustc-1.84                      1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1
  rustc-1.85                      1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2
  rustc-1.89                      1.89.0+dfsg~24.04-0ubuntu0.24.04.2
  rustc-1.91                      1.91.1+dfsg~24.04-0ubuntu0.24.04.2

Ubuntu 22.04 LTS
  rustc                           1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1
  rustc-1.62                      1.62.1+dfsg1-1ubuntu0.22.04.3
  rustc-1.76                      1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1
  rustc-1.77                      1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1
  rustc-1.78                      1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1
  rustc-1.79                      1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1
  rustc-1.80                      1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1
  rustc-1.81                      1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1
  rustc-1.82                      1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1
  rustc-1.83                      1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1
  rustc-1.84                      1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1
  rustc-1.85                      1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1
  rustc-1.89                      1.89.0+dfsg~24.04-0ubuntu0.22.04.2
  rustc-1.91                      1.91.1+dfsg~22.04-0ubuntu0.22.04.3

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-8168-1
  CVE-2026-33056

Package Information:
  https://launchpad.net/ubuntu/+source/rustc-1.85/1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.88/1.88.0+dfsg0ubuntu1-0ubuntu2
  https://launchpad.net/ubuntu/+source/rustc/1.75.0+dfsg0ubuntu1-0ubuntu7.4
  https://launchpad.net/ubuntu/+source/rustc-1.74/1.74.1+dfsg0ubuntu1-0ubuntu15
  https://launchpad.net/ubuntu/+source/rustc-1.76/1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2
  https://launchpad.net/ubuntu/+source/rustc-1.77/1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.78/1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2
  https://launchpad.net/ubuntu/+source/rustc-1.79/1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.80/1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01
  https://launchpad.net/ubuntu/+source/rustc-1.81/1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.82/1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.83/1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.84/1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.85/1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2
  https://launchpad.net/ubuntu/+source/rustc-1.89/1.89.0+dfsg~24.04-0ubuntu0.24.04.2
  https://launchpad.net/ubuntu/+source/rustc-1.91/1.91.1+dfsg~24.04-0ubuntu0.24.04.2
  https://launchpad.net/ubuntu/+source/rustc/1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.62/1.62.1+dfsg1-1ubuntu0.22.04.3
  https://launchpad.net/ubuntu/+source/rustc-1.76/1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.77/1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.78/1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.79/1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.80/1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.81/1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.82/1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.83/1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.84/1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.85/1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1
  https://launchpad.net/ubuntu/+source/rustc-1.89/1.89.0+dfsg~24.04-0ubuntu0.22.04.2
  https://launchpad.net/ubuntu/+source/rustc-1.91/1.91.1+dfsg~22.04-0ubuntu0.22.04.3

Ubuntu 25.10 rustc Critical Permissions Escalation USN-8168-1

ubuntu

April 13, 2026

rustc could be made to modify permissions on arbitrary directories.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: rustc could be made to modify permissions on arbitrary directories. Software Description: - rustc-1.85: Rust systems programming language - rustc-1.88: Rust systems programming language - rustc: Rust systems programming language - rustc-1.74: Rust systems programming language - rustc-1.76: Rust systems programming language - rustc-1.77: Rust systems programming language - rustc-1.78: Rust systems programming language - rustc-1.79: Rust systems programming language - rustc-1.80: Rust systems programming language - rustc-1.81: Rust systems programming language - rustc-1.82: Rust systems programming language - rustc-1.83: Rust systems programming language - rustc-1.84: Rust systems programming language - rustc-1.89: Rust systems programming language - rustc-1.91: Rust systems programming language - rustc-1.62: Rust systems programming language Detai...

Read the Full Advisory

Topics Covered

security advisory critical remote access Ubuntu permissions rustc

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 rustc-1.85 1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1 rustc-1.88 1.88.0+dfsg0ubuntu1-0ubuntu2 Ubuntu 24.04 LTS rustc 1.75.0+dfsg0ubuntu1-0ubuntu7.4 rustc-1.74 1.74.1+dfsg0ubuntu1-0ubuntu15 rustc-1.76 1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2 rustc-1.77 1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1 rustc-1.78 1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2 rustc-1.79 1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1 rustc-1.80 1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01 rustc-1.81 1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1 rustc-1.82 1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1 rustc-1.83 1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1 rustc-1.84 1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1 rustc-1.85 1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2 rustc-1.89 1.89.0+dfsg~24.04-0ubuntu0.24.04.2 rustc-1.91 1.91.1+dfsg~24.04-0ubuntu0.24.04.2 Ubuntu 22.04 LTS rustc 1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.62 1.62.1+dfsg1-1ubuntu0.22.04.3 rustc-1.76 1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.77 1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.78 1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.79 1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.80 1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.81 1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1 rustc-1.82 1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1 rustc-1.83 1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1 rustc-1.84 1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1 rustc-1.85 1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1 rustc-1.89 1.89.0+dfsg~24.04-0ubuntu0.22.04.2 rustc-1.91 1.91.1+dfsg~22.04-0ubuntu0.22.04.3 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8168-1

CVE-2026-33056

Severity

critical

Lowest

Low

Medium

High

Critical

Ubuntu Security Notice USN-8168-1

Topics Covered

security advisory critical remote access Ubuntu permissions rustc

Package Information

https://launchpad.net/ubuntu/+source/rustc-1.85/1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1 https://launchpad.net/ubuntu/+source/rustc-1.88/1.88.0+dfsg0ubuntu1-0ubuntu2 https://launchpad.net/ubuntu/+source/rustc/1.75.0+dfsg0ubuntu1-0ubuntu7.4 https://launchpad.net/ubuntu/+source/rustc-1.74/1.74.1+dfsg0ubuntu1-0ubuntu15 https://launchpad.net/ubuntu/+source/rustc-1.76/1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/rustc-1.77/1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.78/1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/rustc-1.79/1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.80/1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01 https://launchpad.net/ubuntu/+source/rustc-1.81/1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.82/1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.83/1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.84/1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.85/1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/rustc-1.89/1.89.0+dfsg~24.04-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/rustc-1.91/1.91.1+dfsg~24.04-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/rustc/1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.62/1.62.1+dfsg1-1ubuntu0.22.04.3 https://launchpad.net/ubuntu/+source/rustc-1.76/1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.77/1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.78/1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.79/1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.80/1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.81/1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.82/1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.83/1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.84/1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.85/1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.89/1.89.0+dfsg~24.04-0ubuntu0.22.04.2 https://launchpad.net/ubuntu/+source/rustc-1.91/1.91.1+dfsg~22.04-0ubuntu0.22.04.3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Ubuntu 25.10 rustc Critical Permissions Escalation USN-8168-1

Topics Covered

Search Advisories & Updates

Recent Searches

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Ubuntu 25.10 rustc Critical Permissions Escalation USN-8168-1

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Ubuntu 25.10 rustc Critical Permissions Escalation USN-8168-1

Topics Covered

Search Advisories & Updates

Recent Searches

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Ubuntu 25.10 rustc Critical Permissions Escalation USN-8168-1

Summary

Topics Covered

Update Instructions

References

Topics Covered

Package Information

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!