Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar Jun 08, 2026 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory critical arbitrary code execution Ubuntu systemd DNS manipulation
Several security issues were fixed in systemd. 
==========================================================================
Ubuntu Security Notice USN-8402-1
June 08, 2026

systemd vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in systemd.

Software Description:
- systemd: system and service manager

Details:

It was discovered that systemd-nspawn incorrectly handled certain optional
configuration files. A local attacker could possibly use this issue to
escape to the host system and execute arbitrary code. (CVE-2026-40226)

It was discovered that systemd-resolved incorrectly validated DNSSEC
records for signed domains. An attacker could possibly use this issue to
manipulate DNS records. This issue only affected Ubuntu 22.04 LTS.
(CVE-2023-7008)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  libsystemd0                     257.9-0ubuntu2.5
  libudev1                        257.9-0ubuntu2.5
  systemd                         257.9-0ubuntu2.5
  udev                            257.9-0ubuntu2.5

Ubuntu 24.04 LTS
  libsystemd0                     255.4-1ubuntu8.16
  libudev1                        255.4-1ubuntu8.16
  systemd                         255.4-1ubuntu8.16
  udev                            255.4-1ubuntu8.16

Ubuntu 22.04 LTS
  libnss-resolve                  249.11-0ubuntu3.21
  libsystemd0                     249.11-0ubuntu3.21
  libudev1                        249.11-0ubuntu3.21
  systemd                         249.11-0ubuntu3.21
  udev                            249.11-0ubuntu3.21

After a standard system update you need to reboot your computer to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-8402-1
  CVE-2023-7008, CVE-2026-40226

Package Information:
  https://launchpad.net/ubuntu/+source/systemd/257.9-0ubuntu2.5
  https://launchpad.net/ubuntu/+source/systemd/255.4-1ubuntu8.16
  https://launchpad.net/ubuntu/+source/systemd/249.11-0ubuntu3.21

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

ubuntu
Calendar Grey June 8, 2026
Dist Ubuntu Esm H88
Several security issues in systemd for Ubuntu fixed, including critical authentication flaws affecting system integrity.
Several security issues were fixed in systemd.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in systemd. Software Description: - systemd: system and service manager Details: It was discovered that systemd-nspawn incorrectly handled certain optional configuration files. A local attacker could possibly use this issue to escape to the host system and execute arbitrary code. (CVE-2026-40226) It was discovered that systemd-resolved incorrectly validated DNSSEC records for signed domains. An attacker could possibly use this issue to manipulate DNS records. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-7008)

Topics%20covered

Topics Covered

security advisory critical arbitrary code execution Ubuntu systemd DNS manipulation

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libsystemd0 257.9-0ubuntu2.5 libudev1 257.9-0ubuntu2.5 systemd 257.9-0ubuntu2.5 udev 257.9-0ubuntu2.5 Ubuntu 24.04 LTS libsystemd0 255.4-1ubuntu8.16 libudev1 255.4-1ubuntu8.16 systemd 255.4-1ubuntu8.16 udev 255.4-1ubuntu8.16 Ubuntu 22.04 LTS libnss-resolve 249.11-0ubuntu3.21 libsystemd0 249.11-0ubuntu3.21 libudev1 249.11-0ubuntu3.21 systemd 249.11-0ubuntu3.21 udev 249.11-0ubuntu3.21 After a standard system update you need to reboot your computer to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8402-1

CVE-2023-7008, CVE-2026-40226

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8402-1

Topics%20covered

Topics Covered

security advisory critical arbitrary code execution Ubuntu systemd DNS manipulation

Package Information

https://launchpad.net/ubuntu/+source/systemd/257.9-0ubuntu2.5 https://launchpad.net/ubuntu/+source/systemd/255.4-1ubuntu8.16 https://launchpad.net/ubuntu/+source/systemd/249.11-0ubuntu3.21

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here