rabbitmq-c vulnerabilities
Published: Tue, 16 Jun 2026 14:48
Summary
Several security issues were fixed in rabbitmq-c.
Details
It was discovered that rabbitmq-c exposed credentials in command-line arguments under certain circumstances. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2023-35789) It was discovered that rabbitmq-c incorrectly handled AMQP frame lengths under certain circumstances, which could lead to an out-of-bounds read. A remote attacker could possibly use this issue to cause rabbitmq-c to crash, resulting in a denial of service. (CVE-2026-44235) It was discovered that rabbitmq-c incorrectly handled AMQP login handshakes under certain circumstances, which could lead to a heap buffer overflow. A remote attacker could possibly use this issue to cause rabbitmq-c to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2026-44236)
Recommended actions per Ubuntu release
StackPatch playbook auto-generated per release codename and per affected package.
Ubuntu jammy
librabbitmq→0.10.0-1ubuntu2.1apt_upgradeStandard apt upgrade. Install 0.10.0-1ubuntu2.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq
Most apt upgrades restart their service automatically. needrestart lists anything else.
amqp-tools→0.10.0-1ubuntu2.1apt_upgradeStandard apt upgrade. Install 0.10.0-1ubuntu2.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y amqp-tools
Most apt upgrades restart their service automatically. needrestart lists anything else.
librabbitmq-dev→0.10.0-1ubuntu2.1apt_upgradeStandard apt upgrade. Install 0.10.0-1ubuntu2.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq-dev
Most apt upgrades restart their service automatically. needrestart lists anything else.
librabbitmq4→0.10.0-1ubuntu2.1apt_upgradeStandard apt upgrade. Install 0.10.0-1ubuntu2.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq4
Most apt upgrades restart their service automatically. needrestart lists anything else.
Ubuntu noble
librabbitmq→0.11.0-1ubuntu0.1apt_upgradeStandard apt upgrade. Install 0.11.0-1ubuntu0.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq
Most apt upgrades restart their service automatically. needrestart lists anything else.
amqp-tools→0.11.0-1ubuntu0.1apt_upgradeStandard apt upgrade. Install 0.11.0-1ubuntu0.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y amqp-tools
Most apt upgrades restart their service automatically. needrestart lists anything else.
librabbitmq-dev→0.11.0-1ubuntu0.1apt_upgradeStandard apt upgrade. Install 0.11.0-1ubuntu0.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq-dev
Most apt upgrades restart their service automatically. needrestart lists anything else.
librabbitmq4→0.11.0-1ubuntu0.1apt_upgradeStandard apt upgrade. Install 0.11.0-1ubuntu0.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq4
Most apt upgrades restart their service automatically. needrestart lists anything else.
Ubuntu questing
librabbitmq→0.15.0-1ubuntu0.25.10.1apt_upgradeStandard apt upgrade. Install 0.15.0-1ubuntu0.25.10.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq
Most apt upgrades restart their service automatically. needrestart lists anything else.
amqp-tools→0.15.0-1ubuntu0.25.10.1apt_upgradeStandard apt upgrade. Install 0.15.0-1ubuntu0.25.10.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y amqp-tools
Most apt upgrades restart their service automatically. needrestart lists anything else.
librabbitmq-dev→0.15.0-1ubuntu0.25.10.1apt_upgradeStandard apt upgrade. Install 0.15.0-1ubuntu0.25.10.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq-dev
Most apt upgrades restart their service automatically. needrestart lists anything else.
librabbitmq4→0.15.0-1ubuntu0.25.10.1apt_upgradeStandard apt upgrade. Install 0.15.0-1ubuntu0.25.10.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq4
Most apt upgrades restart their service automatically. needrestart lists anything else.
Ubuntu resolute
librabbitmq→0.15.0-1ubuntu0.26.04.1apt_upgradeStandard apt upgrade. Install 0.15.0-1ubuntu0.26.04.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq
Most apt upgrades restart their service automatically. needrestart lists anything else.
amqp-tools→0.15.0-1ubuntu0.26.04.1apt_upgradeStandard apt upgrade. Install 0.15.0-1ubuntu0.26.04.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y amqp-tools
Most apt upgrades restart their service automatically. needrestart lists anything else.
librabbitmq-dev→0.15.0-1ubuntu0.26.04.1apt_upgradeStandard apt upgrade. Install 0.15.0-1ubuntu0.26.04.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq-dev
Most apt upgrades restart their service automatically. needrestart lists anything else.
librabbitmq4→0.15.0-1ubuntu0.26.04.1apt_upgradeStandard apt upgrade. Install 0.15.0-1ubuntu0.26.04.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y librabbitmq4
Most apt upgrades restart their service automatically. needrestart lists anything else.
Are YOU affected by USN-8437-1?
5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether USN-8437-1 (and any other live CVE) applies. Anonymous, no signup.
curl https://mindsparkstack.com/scan.sh | bash
StackPatch runs this match against YOUR installed packages every hour
Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.