Ubuntu 26.04 LTS GNU SASL Informational Denial of Service CVE-2026-48829
ubuntu
June 1, 2026
GNU SASL could be made to crash if it received specially crafted input.
Summary
GNU SASL could be made to crash if it received specially crafted input.
Software Description:
- gsasl: Simple Authentication and Security Layer framework
Details:
It was discovered that GNU SASL did not properly handle certain DIGEST-MD5
tokens. An attacker could possibly use this issue to cause GNU SASL to
crash, resulting in a denial of service.
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS gsasl 2.2.2-4ubuntu1.1 libgsasl18 2.2.2-4ubuntu1.1 Ubuntu 25.10 gsasl 2.2.2-2ubuntu1.1 libgsasl18 2.2.2-2ubuntu1.1 Ubuntu 24.04 LTS gsasl 2.2.1-1willsync1ubuntu0.1 libgsasl18 2.2.1-1willsync1ubuntu0.1 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-8356-1
CVE-2026-48829
PREVIOUS 
NEXT Severity
informational
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-8356-1
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!