SecurityHome.eu [USN-8445-1] Config-IniFiles vulnerability

Home / mailings PDF

[USN-8445-1] Config-IniFiles vulnerability
Posted on 17 June 2026
Ubuntu Security
==========================================================================Ubuntu Security Notice USN-8445-1
June 17, 2026

libconfig-inifiles-perl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 26.04 LTS
- Ubuntu 25.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Config-IniFiles could be made to run commands or overwrite files if it
received specially crafted input.

Software Description:
- libconfig-inifiles-perl: Perl module for working with INI configuration files

Details:

It was discovered that Config-IniFiles incorrectly handled the -file
argument in certain situations. An attacker could possibly use this issue
to execute arbitrary commands or overwrite arbitrary files.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
libconfig-inifiles-perl 3.000003-4ubuntu0.1

Ubuntu 25.10
libconfig-inifiles-perl 3.000003-3ubuntu0.1

Ubuntu 24.04 LTS
libconfig-inifiles-perl 3.000003-2ubuntu0.1

Ubuntu 22.04 LTS
libconfig-inifiles-perl 3.000003-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-8445-1
CVE-2026-11527

Package Information:
https://launchpad.net/ubuntu/+source/libconfig-inifiles-perl/3.000003-4ubuntu0.1
https://launchpad.net/ubuntu/+source/libconfig-inifiles-perl/3.000003-3ubuntu0.1
https://launchpad.net/ubuntu/+source/libconfig-inifiles-perl/3.000003-2ubuntu0.1
https://launchpad.net/ubuntu/+source/libconfig-inifiles-perl/3.000003-1ubuntu0.1

--===============4329874703281571148==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature

TOP

Mailings :

Last 20

Exploits :

Last 20