AppArmor vulnerability fixes available | Ubuntu
AppArmor vulnerability fixes available | Ubuntu
ubuntu.com //blog/apparmor-vulnerability-fixes-available
How to check if you are impacted
To get the version of the sudo package installed, run the following command:
dpkg -l 'sudo*' | grep ^iiThe following table lists the fixed versions of the sudo package in all supported Ubuntu releases:
Release Package Fixed version Questing Quokka (25.10) sudo 1.9.17p2-1ubuntu1.1 sudo-ldap 1.9.17p2-1ubuntu1.1 sudo-rs Not affected Noble Numbat (24.04 LTS) sudo 1.9.15p5-3ubuntu5.24.04.2 sudo-ldap 1.9.15p5-3ubuntu5.24.04.2 Jammy Jellyfish (22.04 LTS) sudo 1.9.9-1ubuntu2.6 sudo-ldap 1.9.9-1ubuntu2.6 Focal Fossa (20.04 LTS) sudo Not affected sudo-ldap Not affected Bionic Beaver (18.04 LTS) sudo Not affected sudo-ldap Not affected Xenial Xerus (16.05 LTS) sudo Not affected sudo-ldap Not affected Trusty Tahr (14.04 LTS) sudo Not affected sudo-ldap Not affected Affected sudo versions
How to address
We recommend you upgrade all packages:
sudo apt update && sudo apt upgradeIf this is not possible, the sudo userspace mitigations can be installed directly and does not require a reboot to apply:
sudo apt update sudo apt install sudoThe unattended-upgrades feature is enabled by default for Ubuntu Xenial Xerus (16.04 LTS) onwards. This service:
- Applies new security updates every 24 hours automatically.
- If you have this enabled, the patches above will be automatically applied within 24 hours of being available.