Monday, April 13, 2026

[USN-8168-1] Rust vulnerability

========================================================================== Ubuntu Security Notice USN-8168-1 April 13, 2026 rustc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: rustc could be made to modify permissions on arbitrary directories. Software Description: - rustc-1.85: Rust systems programming language - rustc-1.88: Rust systems programming language - rustc: Rust systems programming language - rustc-1.74: Rust systems programming language - rustc-1.76: Rust systems programming language - rustc-1.77: Rust systems programming language - rustc-1.78: Rust systems programming language - rustc-1.79: Rust systems programming language - rustc-1.80: Rust systems programming language - rustc-1.81: Rust systems programming language - rustc-1.82: Rust systems programming language - rustc-1.83: Rust systems programming language - rustc-1.84: Rust systems programming language - rustc-1.89: Rust systems programming language - rustc-1.91: Rust systems programming language - rustc-1.62: Rust systems programming language Details: It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside the extraction root, and possibly escalate privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 rustc-1.85 1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1 rustc-1.88 1.88.0+dfsg0ubuntu1-0ubuntu2 Ubuntu 24.04 LTS rustc 1.75.0+dfsg0ubuntu1-0ubuntu7.4 rustc-1.74 1.74.1+dfsg0ubuntu1-0ubuntu15 rustc-1.76 1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2 rustc-1.77 1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1 rustc-1.78 1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2 rustc-1.79 1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1 rustc-1.80 1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01 rustc-1.81 1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1 rustc-1.82 1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1 rustc-1.83 1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1 rustc-1.84 1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1 rustc-1.85 1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2 rustc-1.89 1.89.0+dfsg~24.04-0ubuntu0.24.04.2 rustc-1.91 1.91.1+dfsg~24.04-0ubuntu0.24.04.2 Ubuntu 22.04 LTS rustc 1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.62 1.62.1+dfsg1-1ubuntu0.22.04.3 rustc-1.76 1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.77 1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.78 1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.79 1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.80 1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 rustc-1.81 1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1 rustc-1.82 1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1 rustc-1.83 1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1 rustc-1.84 1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1 rustc-1.85 1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1 rustc-1.89 1.89.0+dfsg~24.04-0ubuntu0.22.04.2 rustc-1.91 1.91.1+dfsg~22.04-0ubuntu0.22.04.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8168-1 CVE-2026-33056 Package Information: https://launchpad.net/ubuntu/+source/rustc-1.85/1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1 https://launchpad.net/ubuntu/+source/rustc-1.88/1.88.0+dfsg0ubuntu1-0ubuntu2 https://launchpad.net/ubuntu/+source/rustc/1.75.0+dfsg0ubuntu1-0ubuntu7.4 https://launchpad.net/ubuntu/+source/rustc-1.74/1.74.1+dfsg0ubuntu1-0ubuntu15 https://launchpad.net/ubuntu/+source/rustc-1.76/1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/rustc-1.77/1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.78/1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/rustc-1.79/1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.80/1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01 https://launchpad.net/ubuntu/+source/rustc-1.81/1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.82/1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.83/1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.84/1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1 https://launchpad.net/ubuntu/+source/rustc-1.85/1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/rustc-1.89/1.89.0+dfsg~24.04-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/rustc-1.91/1.91.1+dfsg~24.04-0ubuntu0.24.04.2 https://launchpad.net/ubuntu/+source/rustc/1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.62/1.62.1+dfsg1-1ubuntu0.22.04.3 https://launchpad.net/ubuntu/+source/rustc-1.76/1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.77/1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.78/1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.79/1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.80/1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.81/1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.82/1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.83/1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.84/1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.85/1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1 https://launchpad.net/ubuntu/+source/rustc-1.89/1.89.0+dfsg~24.04-0ubuntu0.22.04.2 https://launchpad.net/ubuntu/+source/rustc-1.91/1.91.1+dfsg~22.04-0ubuntu0.22.04.3

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)