========================================================================== Ubuntu Security Notice USN-8192-2 April 27, 2026
ntfs-3g vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: Summary: Several security issues were fixed in NTFS-3G. Software Description: Details: USN-8192-1 fixed vulnerabilities in NTFS-3G. This update provides the corresponding update to Ubuntu 26.04 LTS. Original advisory details: Jeffrey Bencteux discovered that NTFS-3G incorrectly handled certain UTF-8 sequences. An attacker could use this issue to cause NTFS-3G to crash, resulting in a denial of service, or to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2023-52890) Andrea Bocchetti discovered that NTFS-3G incorrectly handled certain security descriptors. An attacker could use this issue to cause NTFS-3G to crash, resulting in a denial of service, or to execute arbitrary code. (CVE-2026-40706) Update instructions: The problem can be corrected by updating your system to the following package versions: In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8192-2 https://ubuntu.com/security/notices/USN-8192-1 CVE-2026-40706
signature.asc
Description: OpenPGP digital signature
