Ubuntu USN · USN-8464-1

LIBNFS vulnerability

Published: Tue, 23 Jun 2026 14:57

CVE-2026-53689

Summary

LIBNFS could be made to crash or run programs if it connected to a specially crafted NFS server.

Details

It was discovered that LIBNFS incorrectly handled certain string sizes when connecting to an NFS server. An attacker could use this issue to cause LIBNFS to crash, resulting in a denial of service, or possibly execute arbitrary code.

Recommended actions per Ubuntu release

StackPatch playbook auto-generated per release codename and per affected package.

Ubuntu jammy

libnfs→4.0.0-1ubuntu0.1apt_upgrade
Standard apt upgrade. Install 4.0.0-1ubuntu0.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs-dev→4.0.0-1ubuntu0.1apt_upgrade
Standard apt upgrade. Install 4.0.0-1ubuntu0.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs-dev
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs-utils→4.0.0-1ubuntu0.1apt_upgrade
Standard apt upgrade. Install 4.0.0-1ubuntu0.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs-utils
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs13→4.0.0-1ubuntu0.1apt_upgrade
Standard apt upgrade. Install 4.0.0-1ubuntu0.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs13
```
Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu noble

libnfs→5.0.2-1ubuntu0.24.04.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu0.24.04.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs-dev→5.0.2-1ubuntu0.24.04.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu0.24.04.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs-dev
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs-utils→5.0.2-1ubuntu0.24.04.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu0.24.04.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs-utils
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs14→5.0.2-1ubuntu0.24.04.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu0.24.04.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs14
```
Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu questing

libnfs→5.0.2-1ubuntu0.25.10.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu0.25.10.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs-dev→5.0.2-1ubuntu0.25.10.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu0.25.10.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs-dev
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs-utils→5.0.2-1ubuntu0.25.10.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu0.25.10.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs-utils
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs14→5.0.2-1ubuntu0.25.10.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu0.25.10.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs14
```
Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu resolute

libnfs→5.0.2-1ubuntu1.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu1.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs-dev→5.0.2-1ubuntu1.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu1.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs-dev
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs-utils→5.0.2-1ubuntu1.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu1.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs-utils
```
Most apt upgrades restart their service automatically. needrestart lists anything else.
libnfs14→5.0.2-1ubuntu1.1apt_upgrade
Standard apt upgrade. Install 5.0.2-1ubuntu1.1 from the apt repo.
```
sudo apt-get update
sudo apt-get install --only-upgrade -y libnfs14
```
Most apt upgrades restart their service automatically. needrestart lists anything else.

Are YOU affected by USN-8464-1?

5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether USN-8464-1 (and any other live CVE) applies. Anonymous, no signup.

curl https://mindsparkstack.com/scan.sh | bash

Form-based quickscan Read the bash source first

Want this automated for your servers?

StackPatch runs this match against YOUR installed packages every hour

Free (3 servers) / from $9/mo (14-day free trial) / Solo $9/mo / Pro $29/mo / Team $79/mo. Indie pricing.

Start free trial →See StackPatch →Live audit log →