usn-8555-1
Vulnerability from osv_ubuntu
Published
2026-07-16 12:59
Modified
2026-07-16 12:59
Summary
ubuntu-advantage-tools vulnerabilities
Details

Bilal Teke discovered that Ubuntu Advantage Tools exposed the Pro bearer token in command-line arguments when validating APT credentials. A local attacker could possibly use this issue to obtain sensitive information and gain unauthorized access to Ubuntu Pro repositories. (CVE-2026-9494)

Frederick Jerusha discovered that Ubuntu Advantage Tools did not properly validate data received from the contract server when writing APT source files. An attacker could possibly use this issue to inject arbitrary APT configuration and execute arbitrary code. (CVE-2026-11386)

Mateusz Gierblinski discovered that Ubuntu Advantage Tools did not properly handle symbolic links when collecting diagnostic logs. A local attacker could possibly use this issue to obtain sensitive information from files owned by the administrator. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. (CVE-2026-12391)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [],
          "ecosystem": "Ubuntu:14.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "ubuntu-advantage-tools",
            "binary_version": "19.7ubuntu0.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:14.04:LTS",
        "name": "ubuntu-advantage-tools",
        "purl": "pkg:deb/ubuntu/ubuntu-advantage-tools@19.7ubuntu0.1?arch=source\u0026distro=trusty"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "19.7ubuntu0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2",
        "10ubuntu0.14.04.2",
        "10ubuntu0.14.04.3",
        "10ubuntu0.14.04.4",
        "19.6~ubuntu14.04.3",
        "19.6~ubuntu14.04.4",
        "19.7"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [],
          "ecosystem": "Ubuntu:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "ubuntu-advantage-pro",
            "binary_version": "37.1ubuntu0~16.04.1"
          },
          {
            "binary_name": "ubuntu-advantage-tools",
            "binary_version": "37.1ubuntu0~16.04.1"
          },
          {
            "binary_name": "ubuntu-pro-auto-attach",
            "binary_version": "37.1ubuntu0~16.04.1"
          },
          {
            "binary_name": "ubuntu-pro-client",
            "binary_version": "37.1ubuntu0~16.04.1"
          },
          {
            "binary_name": "ubuntu-pro-client-l10n",
            "binary_version": "37.1ubuntu0~16.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:16.04:LTS",
        "name": "ubuntu-advantage-tools",
        "purl": "pkg:deb/ubuntu/ubuntu-advantage-tools@37.1ubuntu0~16.04.1?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "37.1ubuntu0~16.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2",
        "10ubuntu0.16.04.1",
        "27.0~16.04.1",
        "27.1~16.04.1",
        "27.2.1~16.04.1",
        "27.2.2~16.04.1",
        "27.3~16.04.1",
        "27.4.1~16.04.1",
        "27.4.2~16.04.1",
        "27.5~16.04.1",
        "27.6~16.04.1",
        "27.7~16.04.1",
        "27.8~16.04.1",
        "27.9~16.04.1",
        "27.10.1~16.04.1",
        "27.11.2~16.04.1",
        "27.11.3~16.04.1",
        "27.12~16.04.1",
        "27.13.1~16.04.1",
        "27.13.2~16.04.1",
        "27.13.3~16.04.1",
        "27.13.5~16.04.1",
        "27.13.6~16.04.1",
        "27.14.4~16.04",
        "28.1~16.04",
        "29.4~16.04",
        "30~16.04",
        "31.2~16.04",
        "31.2.2~16.04",
        "32.3~16.04",
        "32.3.1~16.04",
        "33.2~16.04",
        "34~16.04",
        "35.1ubuntu0~16.04",
        "36ubuntu0~16.04",
        "37.1ubuntu0~16.04"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [],
          "ecosystem": "Ubuntu:18.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "ubuntu-advantage-pro",
            "binary_version": "37.1ubuntu0~18.04.1"
          },
          {
            "binary_name": "ubuntu-advantage-tools",
            "binary_version": "37.1ubuntu0~18.04.1"
          },
          {
            "binary_name": "ubuntu-pro-auto-attach",
            "binary_version": "37.1ubuntu0~18.04.1"
          },
          {
            "binary_name": "ubuntu-pro-client",
            "binary_version": "37.1ubuntu0~18.04.1"
          },
          {
            "binary_name": "ubuntu-pro-client-l10n",
            "binary_version": "37.1ubuntu0~18.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:18.04:LTS",
        "name": "ubuntu-advantage-tools",
        "purl": "pkg:deb/ubuntu/ubuntu-advantage-tools@37.1ubuntu0~18.04.1?arch=source\u0026distro=bionic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "37.1ubuntu0~18.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "10",
        "13",
        "14",
        "16",
        "17",
        "27.0.2~18.04.1",
        "27.1~18.04.1",
        "27.2.1~18.04.1",
        "27.2.2~18.04.1",
        "27.3~18.04.1",
        "27.4.1~18.04.1",
        "27.4.2~18.04.1",
        "27.5~18.04.1",
        "27.6~18.04.1",
        "27.7~18.04.1",
        "27.8~18.04.1",
        "27.9~18.04.1",
        "27.10.1~18.04.1",
        "27.11.2~18.04.1",
        "27.11.3~18.04.1",
        "27.12~18.04.1",
        "27.13.1~18.04.1",
        "27.13.2~18.04.1",
        "27.13.3~18.04.1",
        "27.13.5~18.04.1",
        "27.13.6~18.04.1",
        "27.14.4~18.04",
        "28.1~18.04",
        "29.4~18.04",
        "30~18.04",
        "31.2~18.04",
        "31.2.2~18.04",
        "31.2.3~18.04",
        "32.3~18.04",
        "32.3.1~18.04",
        "33.2~18.04",
        "34~18.04",
        "35.1ubuntu0~18.04",
        "36ubuntu0~18.04",
        "37.1ubuntu0~18.04"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [],
          "ecosystem": "Ubuntu:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "ubuntu-advantage-pro",
            "binary_version": "37.1ubuntu0~20.04.1"
          },
          {
            "binary_name": "ubuntu-advantage-tools",
            "binary_version": "37.1ubuntu0~20.04.1"
          },
          {
            "binary_name": "ubuntu-pro-auto-attach",
            "binary_version": "37.1ubuntu0~20.04.1"
          },
          {
            "binary_name": "ubuntu-pro-client",
            "binary_version": "37.1ubuntu0~20.04.1"
          },
          {
            "binary_name": "ubuntu-pro-client-l10n",
            "binary_version": "37.1ubuntu0~20.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:20.04:LTS",
        "name": "ubuntu-advantage-tools",
        "purl": "pkg:deb/ubuntu/ubuntu-advantage-tools@37.1ubuntu0~20.04.1?arch=source\u0026distro=focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "37.1ubuntu0~20.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "19.5.1",
        "20.2.1~0ubuntu1",
        "20.3",
        "27.0.2~20.04.1",
        "27.1~20.04.1",
        "27.2.1~20.04.1",
        "27.2.2~20.04.1",
        "27.3~20.04.1",
        "27.4.1~20.04.1",
        "27.4.2~20.04.1",
        "27.5~20.04.1",
        "27.6~20.04.1",
        "27.7~20.04.1",
        "27.8~20.04.1",
        "27.9~20.04.1",
        "27.10.1~20.04.1",
        "27.11.2~20.04.1",
        "27.11.3~20.04.1",
        "27.12~20.04.1",
        "27.13.1~20.04.1",
        "27.13.2~20.04.1",
        "27.13.3~20.04.1",
        "27.13.5~20.04.1",
        "27.13.6~20.04.1",
        "27.14.4~20.04",
        "28.1~20.04",
        "29.4~20.04",
        "30~20.04",
        "31.2~20.04",
        "31.2.2~20.04",
        "31.2.3~20.04",
        "32.3~20.04",
        "32.3.1~20.04",
        "33.2~20.04",
        "34~20.04",
        "35.1ubuntu0~20.04",
        "36ubuntu0~20.04",
        "37.1ubuntu0~20.04"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2026-9494",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2026-11386",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2026-12391",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:22.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "ubuntu-advantage-pro",
            "binary_version": "37.2ubuntu~22.04.1"
          },
          {
            "binary_name": "ubuntu-advantage-tools",
            "binary_version": "37.2ubuntu~22.04.1"
          },
          {
            "binary_name": "ubuntu-pro-auto-attach",
            "binary_version": "37.2ubuntu~22.04.1"
          },
          {
            "binary_name": "ubuntu-pro-client",
            "binary_version": "37.2ubuntu~22.04.1"
          },
          {
            "binary_name": "ubuntu-pro-client-l10n",
            "binary_version": "37.2ubuntu~22.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:22.04:LTS",
        "name": "ubuntu-advantage-tools",
        "purl": "pkg:deb/ubuntu/ubuntu-advantage-tools@37.2ubuntu~22.04.1?arch=source\u0026distro=jammy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "37.2ubuntu~22.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "27.2.2~21.10.1",
        "27.3~21.10.1",
        "27.4~22.04.1",
        "27.4.1~22.04.1",
        "27.4.2~22.04.1",
        "27.5~22.04.1",
        "27.6~22.04.1",
        "27.7~22.04.1",
        "27.8~22.04.1",
        "27.9~22.04.1",
        "27.10.1~22.04.1",
        "27.11.2~22.04.1",
        "27.11.3~22.04.1",
        "27.12~22.04.1",
        "27.13.1~22.04.1",
        "27.13.2~22.04.1",
        "27.13.3~22.04.1",
        "27.13.5~22.04.1",
        "27.13.6~22.04.1",
        "27.14.4~22.04",
        "28.1~22.04",
        "29.4~22.04",
        "30~22.04",
        "31.2~22.04",
        "31.2.2~22.04",
        "31.2.3~22.04",
        "32.3~22.04",
        "32.3.1~22.04",
        "33.2~22.04",
        "34~22.04",
        "35.1ubuntu0~22.04",
        "36ubuntu0~22.04",
        "37.1ubuntu0~22.04",
        "37.2ubuntu~22.04"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2026-9494",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2026-11386",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2026-12391",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:24.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "ubuntu-advantage-pro",
            "binary_version": "37.2ubuntu~24.04.1"
          },
          {
            "binary_name": "ubuntu-advantage-tools",
            "binary_version": "37.2ubuntu~24.04.1"
          },
          {
            "binary_name": "ubuntu-pro-auto-attach",
            "binary_version": "37.2ubuntu~24.04.1"
          },
          {
            "binary_name": "ubuntu-pro-client",
            "binary_version": "37.2ubuntu~24.04.1"
          },
          {
            "binary_name": "ubuntu-pro-client-l10n",
            "binary_version": "37.2ubuntu~24.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:24.04:LTS",
        "name": "ubuntu-advantage-tools",
        "purl": "pkg:deb/ubuntu/ubuntu-advantage-tools@37.2ubuntu~24.04.1?arch=source\u0026distro=noble"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "37.2ubuntu~24.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "29.4",
        "30",
        "30.1",
        "31.1",
        "31.2.2",
        "31.2.2build1",
        "31.2.3",
        "32.3~24.04",
        "32.3.1~24.04",
        "33.2~24.04.1",
        "34~24.04",
        "35.1ubuntu0~24.04",
        "36ubuntu0~24.04",
        "37.1ubuntu0~24.04",
        "37.2ubuntu~24.04"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2026-9494",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2026-11386",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2026-12391",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:26.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "ubuntu-advantage-pro",
            "binary_version": "37.2ubuntu0.1"
          },
          {
            "binary_name": "ubuntu-advantage-tools",
            "binary_version": "37.2ubuntu0.1"
          },
          {
            "binary_name": "ubuntu-pro-auto-attach",
            "binary_version": "37.2ubuntu0.1"
          },
          {
            "binary_name": "ubuntu-pro-client",
            "binary_version": "37.2ubuntu0.1"
          },
          {
            "binary_name": "ubuntu-pro-client-l10n",
            "binary_version": "37.2ubuntu0.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:26.04:LTS",
        "name": "ubuntu-advantage-tools",
        "purl": "pkg:deb/ubuntu/ubuntu-advantage-tools@37.2ubuntu0.1?arch=source\u0026distro=resolute"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "37.2ubuntu0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "37ubuntu0",
        "37.1ubuntu0",
        "37.2ubuntu"
      ]
    }
  ],
  "aliases": [],
  "details": "Bilal Teke discovered that Ubuntu Advantage Tools exposed the Pro bearer\ntoken in command-line arguments when validating APT credentials. A local\nattacker could possibly use this issue to obtain sensitive information\nand gain unauthorized access to Ubuntu Pro repositories. (CVE-2026-9494)\n\nFrederick Jerusha discovered that Ubuntu Advantage Tools did not properly\nvalidate data received from the contract server when writing APT source\nfiles. An attacker could possibly use this issue to inject arbitrary APT\nconfiguration and execute arbitrary code. (CVE-2026-11386)\n\nMateusz Gierblinski discovered that Ubuntu Advantage Tools did not\nproperly handle symbolic links when collecting diagnostic logs. A local\nattacker could possibly use this issue to obtain sensitive information\nfrom files owned by the administrator. This issue only affected Ubuntu\n16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,\nUbuntu 24.04 LTS and Ubuntu 26.04 LTS. (CVE-2026-12391)",
  "id": "USN-8555-1",
  "modified": "2026-07-16T12:59:08Z",
  "published": "2026-07-16T12:59:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-8555-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2026-9494"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2026-11386"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2026-12391"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "ubuntu-advantage-tools vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2026-9494",
    "UBUNTU-CVE-2026-11386",
    "UBUNTU-CVE-2026-12391"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…