Alerts This Week
Warning Icon 1 625
Alerts This Week
Warning Icon 1 625

Ubuntu 18.04 LXD Critical DoS Threat Advisory USN-8447-2

ubuntu
Calendar Grey June 18, 2026
Dist Ubuntu Esm H88
Explore critical advisories for Ubuntu LXD that resolve multiple security issues, ensuring system integrity and safety.
Several security issues were fixed in LXD.

Summary

Several security issues were fixed in LXD.

Software Description:

- lxd: Container hypervisor based on LXC

Details:

USN-8447-1 fixed vulnerabilities in Go Cryptography. This update provides

the corresponding updates for Go Cryptography code embedded in LXD for

CVE-2026-39830, CVE-2026-39833, CVE-2026-39834, and CVE-2026-42508.

Original advisory details:

It was discovered that Go Cryptography did not properly handle SSH global

request responses. A remote attacker could possibly use this issue to cause

a denial of service. (CVE-2026-39830)

It was discovered that Go Cryptography did not properly verify user

presence when using FIDO/U2F security keys. An attacker could possibly use

this issue to bypass user presence verification for hardware security keys.

This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04

LTS, and Ubuntu 26.04 LTS. (CVE-2026-39831)

It was discovered that Go Cryptography did not properly serialize SSH agent

key constraint extensio...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service critical remote attack Ubuntu lxd

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
  lxd                             3.0.3-0ubuntu1~18.04.2+esm3
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  lxd                             2.0.11-0ubuntu1~16.04.4+esm3
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8447-2

https://ubuntu.com/security/notices/USN-8447-1

CVE-2026-39830, CVE-2026-39833, CVE-2026-39834, CVE-2026-42508

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8447-2

Topics%20covered

Topics Covered

security advisory denial of service critical remote attack Ubuntu lxd

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here