Critical Privilege Escalation Vulnerability in authd Affects Ubuntu Systems

Severity: High (Score: 70.5)

Sources: Linuxsecurity, Ubuntu, launchpad.net

Summary

A vulnerability in the authd service has been identified, which incorrectly assigns the primary group ID to users under specific conditions. This flaw allows local attackers to potentially escalate their privileges or gain unauthorized access to files belonging to other users. The issue affects various releases of Ubuntu and its derivatives. Users are advised to update their systems to mitigate the risk. The vulnerability is tracked as CVE-2026-6970 and was published on April 27, 2026. Affected users must restart authd after applying the necessary updates to ensure the changes take effect. Ubuntu Pro offers ten-year security coverage for over 25,000 packages, providing additional support for users. The vulnerability poses a significant risk, especially in multi-user environments where privilege escalation could lead to further exploitation. Key Points: • CVE-2026-6970 allows local privilege escalation via authd in Ubuntu systems. • Affected users must restart authd after applying updates to mitigate the vulnerability. • Ubuntu Pro offers extended security coverage for affected packages.

Key Entities

• Privilege Escalation (attack_type)
• CVE-2026-6970 (cve)
• CWE-269 - Improper Privilege Management (cwe)
• T1068 - Exploitation for Privilege Escalation (mitre_attack)
• Ubuntu (company)