CVE-2026-25506
Publication date 10 February 2026
Last updated 12 February 2026
Ubuntu priority
Description
MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged (the MUNGE authentication daemon) to leak cryptographic key material from process memory. With the leaked key material, the attacker could forge arbitrary MUNGE credentials to impersonate any user (including root) to services that rely on MUNGE for authentication. The vulnerability allows a buffer overflow by sending a crafted message with an oversized address length field, corrupting munged's internal state and enabling extraction of the MAC subkey used for credential verification. This vulnerability is fixed in 0.5.18.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| munge | 25.10 questing |
Fixed 0.5.16-1ubuntu0.1
|
| 24.04 LTS noble |
Fixed 0.5.15-4ubuntu0.1
|
|
| 22.04 LTS jammy |
Fixed 0.5.14-6ubuntu0.1
|
|
| 20.04 LTS focal |
Fixed 0.5.13-2ubuntu0.1~esm1
|
|
| 18.04 LTS bionic |
Fixed 0.5.13-1ubuntu0.1~esm1
|
|
| 16.04 LTS xenial |
Fixed 0.5.11-3ubuntu0.1+esm1
|
|
| 14.04 LTS trusty |
Fixed 0.5.11-1ubuntu1.1+esm1
|
Get expanded security coverage with Ubuntu Pro
Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.
Get Ubuntu Pro 30-day free trialSeverity score breakdown
| Parameter | Value |
|---|---|
| Base score |
7.7 · High
|
| Attack vector | Local |
| Attack complexity | High |
| Privileges required | Low |
| User interaction | None |
| Scope | Changed |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | Low |
| Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L |
References
Related Ubuntu Security Notices (USN)
- USN-8040-1
- MUNGE vulnerability
- 12 February 2026