Alerts This Week
Warning Icon 1 357
Alerts This Week
Warning Icon 1 357

Ubuntu 26.04 LTS ngtcp2 High Remote Code Execution Vuln USN-8300-1

ubuntu
Calendar Grey May 25, 2026
Dist Ubuntu Esm H88
ngtcp2 could run programs as your login through specially crafted traffic when qlog enabled in Ubuntu releases.
ngtcp2 could be made to run programs as your login if it received specially crafted network traffic when qlog was enabled.

Summary

ngtcp2 could be made to run programs as your login if it received specially

crafted network traffic when qlog was enabled.

Software Description:

- ngtcp2: RFC9000 QUIC protocol implementation

Details:

Zou Dikai discovered that ngtcp2 serialized peer transport parameters into

a fixed 1024-byte stack buffer without bounds checking. When qlog was

enabled, a remote attacker could possibly use this issue to execute

arbitrary code.

Topics%20covered

Topics Covered

security advisory Ubuntu remote execution arbitrary code network traffic ngtcp2

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  libngtcp2-16                    1.16.0-1ubuntu0.1
  libngtcp2-crypto-gnutls-dev     1.16.0-1ubuntu0.1
  libngtcp2-crypto-gnutls8        1.16.0-1ubuntu0.1
  libngtcp2-crypto-ossl-dev       1.16.0-1ubuntu0.1
  libngtcp2-crypto-ossl0          1.16.0-1ubuntu0.1
  libngtcp2-dev                   1.16.0-1ubuntu0.1

Ubuntu 25.10
  libngtcp2-16                    1.11.0-1+deb13u1build0.25.10.1
  libngtcp2-crypto-gnutls-dev     1.11.0-1+deb13u1build0.25.10.1
  libngtcp2-crypto-gnutls8        1.11.0-1+deb13u1build0.25.10.1
  libngtcp2-dev                   1.11.0-1+deb13u1build0.25.10.1
  ngtcp2-client                   1.11.0-1+deb13u1build0.25.10.1
  ngtcp2-server                   1.11.0-1+deb13u1build0.25.10.1

Ubuntu 24.04 LTS
  libngtcp2-9                     0.12.1+dfsg-1+deb12u1build0.24.04.1
  libngtcp2-crypto-gnutls-dev     0.12.1+dfsg-1+deb12u1build0.24.04.1
  libngtcp2-crypto-gnutls2        0.12.1+dfsg-1+deb12u1build0.24.04.1
  libngtcp2-dev                   0.12.1+dfsg-1+deb12u1build0.24.04.1
  ngtcp2-client                   0.12.1+dfsg-1+deb12u1build0.24.04.1
  ngtcp2-server                   0.12.1+dfsg-1+deb12u1build0.24.04.1

Ubuntu 22.04 LTS
  libngtcp2-0                     0.1.0+dfsg-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libngtcp2-crypto-gnutls-dev     0.1.0+dfsg-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libngtcp2-crypto-gnutls0        0.1.0+dfsg-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libngtcp2-dev                   0.1.0+dfsg-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  ngtcp2-client                   0.1.0+dfsg-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  ngtcp2-server                   0.1.0+dfsg-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8300-1

CVE-2026-40170

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8300-1

Topics%20covered

Topics Covered

security advisory Ubuntu remote execution arbitrary code network traffic ngtcp2

Package Information

https://launchpad.net/ubuntu/+source/ngtcp2/1.16.0-1ubuntu0.1
https://launchpad.net/ubuntu/+source/ngtcp2/1.11.0-1+deb13u1build0.25.10.1
https://launchpad.net/ubuntu/+source/ngtcp2/0.12.1+dfsg-1+deb12u1build0.24.04.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here