UBUNTU-CVE-2026-40213

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2026-40213

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40213.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-40213

Upstream

CVE-2026-40213

Downstream

USN-8413-1

Related

USN-8413-1

Published

2026-05-07T22:16:00Z

Modified

2026-06-09T21:19:11.290788631Z

Severity

7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complete various actions such as reprogramming FPGA bitstreams on arbitrary compute nodes via agent RPC.

References

Affected packages

Ubuntu:25.10 / cyborg

Package

Name: cyborg
Purl: pkg:deb/ubuntu/cyborg?arch=source&distro=questing

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

14.0.0-3+deb13u1build0.25.10.1

Affected versions

13.*

13.0.0-2

14.*

14.0.0-2

14.0.0-3

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cyborg-agent",
            "binary_version": "14.0.0-3+deb13u1build0.25.10.1"
        },
        {
            "binary_name": "cyborg-api",
            "binary_version": "14.0.0-3+deb13u1build0.25.10.1"
        },
        {
            "binary_name": "cyborg-common",
            "binary_version": "14.0.0-3+deb13u1build0.25.10.1"
        },
        {
            "binary_name": "cyborg-conductor",
            "binary_version": "14.0.0-3+deb13u1build0.25.10.1"
        },
        {
            "binary_name": "python3-cyborg",
            "binary_version": "14.0.0-3+deb13u1build0.25.10.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40213.json"

Ubuntu:26.04:LTS / cyborg

Package

Name: cyborg
Purl: pkg:deb/ubuntu/cyborg?arch=source&distro=resolute

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

16.0.0-2ubuntu0.1

Affected versions

14.*

14.0.0-3

15.*

15.0.0-1

16.*

16.0.0~rc1-2

16.0.0-2

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cyborg-agent",
            "binary_version": "16.0.0-2ubuntu0.1"
        },
        {
            "binary_name": "cyborg-api",
            "binary_version": "16.0.0-2ubuntu0.1"
        },
        {
            "binary_name": "cyborg-common",
            "binary_version": "16.0.0-2ubuntu0.1"
        },
        {
            "binary_name": "cyborg-conductor",
            "binary_version": "16.0.0-2ubuntu0.1"
        },
        {
            "binary_name": "python3-cyborg",
            "binary_version": "16.0.0-2ubuntu0.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-40213.json"