Back

Critical .NET Vulnerabilities in Ubuntu Lead to Denial of Service Risks

Severity: High (Score: 70.5)

Sources: Ubuntu, launchpad.net, Linuxsecurity

Summary

Multiple security vulnerabilities have been identified in .NET affecting Ubuntu 25.10, 24.04 LTS, and 22.04 LTS. Discovered by Ludvig Pedersen and Kevin Jones, these vulnerabilities allow attackers to exploit the System.Security.Cryptography.Xml library and the System.Net.Mail component. The vulnerabilities could lead to denial of service by consuming excessive resources or crashing the .NET runtime. Specifically, CVE-2026-33116 and CVE-2026-26171 relate to resource consumption, while CVE-2026-32203 pertains to potential crashes. Additionally, CVE-2026-32178 could enable network spoofing attacks. Users are advised to update their systems to mitigate these risks. The vulnerabilities were published on April 14, 2026, and are now addressed in the latest package updates. Key Points: • Critical vulnerabilities in .NET affect multiple Ubuntu versions. • Attackers can exploit these issues to cause denial of service and network spoofing. • Immediate system updates are recommended to mitigate the vulnerabilities.

Key Entities

  • DDoS (attack_type)
  • Denial of Service (attack_type)
  • CVE-2026-26171 (cve)
  • CVE-2026-32178 (cve)
  • CVE-2026-32203 (cve)
  • CVE-2026-33116 (cve)
  • Cwe-400 - Uncontrolled Resource Consumption (cwe)
  • system.net (domain)
  • T1499 - Endpoint Denial of Service (mitre_attack)
  • Ubuntu (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed