==========================================================================
Ubuntu Security Notice USN-8520-1
July 09, 2026

expat vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

Expat could be made to crash if it received specially crafted input.

Software Description:
- expat: XML parsing C library

Details:

It was discovered that Expat used insufficient entropy when generating
hash salt values for its internal hash table. An attacker could use this
to craft an XML document that triggers hash flooding, leading to a
denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS
  libexpat1                       2.1.0-7ubuntu0.16.04.5+esm12
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-8520-1
  CVE-2026-41080

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to