StackPatch is liveSee product

Back to CVE digest
Ubuntu USN · USN-8359-1

NNCP vulnerability

Published: Mon, 01 Jun 2026 15:04

CVE-2025-60020

Summary

NNCP could allow unintended access to files.

Details

It was discovered that NNCP did not properly sanitize file paths in packet data during file requesting and file saving operations. A remote attacker could possibly use this issue to read or write arbitrary files outside of the intended directory.

Recommended actions per Ubuntu release

StackPatch playbook auto-generated per release codename and per affected package.

Ubuntu jammy

  • nncp8.5.0-1ubuntu0.1+esm3apt_upgrade

    Standard apt upgrade. Install 8.5.0-1ubuntu0.1+esm3 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y nncp

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • nncp8.5.0-1ubuntu0.1+esm3apt_upgrade

    Standard apt upgrade. Install 8.5.0-1ubuntu0.1+esm3 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y nncp

    Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu noble

  • nncp8.10.0-8ubuntu0.3+esm3apt_upgrade

    Standard apt upgrade. Install 8.10.0-8ubuntu0.3+esm3 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y nncp

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • nncp8.10.0-8ubuntu0.3+esm3apt_upgrade

    Standard apt upgrade. Install 8.10.0-8ubuntu0.3+esm3 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y nncp

    Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu questing

  • nncp8.11.0-4+deb13u1build0.25.10.1apt_upgrade

    Standard apt upgrade. Install 8.11.0-4+deb13u1build0.25.10.1 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y nncp

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • nncp8.11.0-4+deb13u1build0.25.10.1apt_upgrade

    Standard apt upgrade. Install 8.11.0-4+deb13u1build0.25.10.1 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y nncp

    Most apt upgrades restart their service automatically. needrestart lists anything else.

Are YOU affected by USN-8359-1?

5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether USN-8359-1 (and any other live CVE) applies. Anonymous, no signup.

curl https://mindsparkstack.com/scan.sh | bash
Form-based quickscan Read the bash source first
Want this automated for your servers?

StackPatch runs this match against YOUR installed packages every hour

Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.

Buy lifetime →See StackPatch →Live audit log →