UBUNTU-CVE-2026-8084
- Source
- https://ubuntu.com/security/CVE-2026-8084
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-8084.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-8084
- Upstream
- Published
- 2026-05-07T19:16:00Z
- Modified
- 2026-05-29T10:45:13.687779168Z
- Severity
-
- 3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- 1.9 (Low) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. Upgrading to version 3.13.0RC1 is able to resolve this issue. Patch name: a791f70f8eaec540974ec989ca6fb00266b7646c. Upgrading the affected component is advised.
- References
Affected packages
Ubuntu:18.04:LTS
gdal
Package
- Name
- gdal
- Purl
- pkg:deb/ubuntu/gdal?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.2.1+dfsg-2build3
2.2.1+dfsg-2build5
2.2.2+dfsg-2build1
2.2.3+dfsg-1
2.2.3+dfsg-2
Ecosystem specific
{
"binaries": [
{
"binary_version": "2.2.3+dfsg-2",
"binary_name": "gdal-bin"
},
{
"binary_version": "2.2.3+dfsg-2",
"binary_name": "gdal-data"
},
{
"binary_version": "2.2.3+dfsg-2",
"binary_name": "libgdal-java"
},
{
"binary_version": "2.2.3+dfsg-2",
"binary_name": "libgdal-perl"
},
{
"binary_version": "2.2.3+dfsg-2",
"binary_name": "libgdal20"
},
{
"binary_version": "2.2.3+dfsg-2",
"binary_name": "python-gdal"
},
{
"binary_version": "2.2.3+dfsg-2",
"binary_name": "python3-gdal"
}
]
}Ubuntu:20.04:LTS
gdal
Package
- Name
- gdal
- Purl
- pkg:deb/ubuntu/gdal?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.4.2+dfsg-1build2
2.4.2+dfsg-1build4
2.4.2+dfsg-2
2.4.3+dfsg-1
3.*
3.0.4+dfsg-1
3.0.4+dfsg-1build1
3.0.4+dfsg-1build2
3.0.4+dfsg-1build3
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.0.4+dfsg-1build3",
"binary_name": "gdal-bin"
},
{
"binary_version": "3.0.4+dfsg-1build3",
"binary_name": "gdal-data"
},
{
"binary_version": "3.0.4+dfsg-1build3",
"binary_name": "libgdal-java"
},
{
"binary_version": "3.0.4+dfsg-1build3",
"binary_name": "libgdal-perl"
},
{
"binary_version": "3.0.4+dfsg-1build3",
"binary_name": "libgdal26"
},
{
"binary_version": "3.0.4+dfsg-1build3",
"binary_name": "python3-gdal"
}
]
}Ubuntu:22.04:LTS
gdal
Package
- Name
- gdal
- Purl
- pkg:deb/ubuntu/gdal?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.2.2+dfsg-3ubuntu2
3.4.0+dfsg-1
3.4.1+dfsg-1
3.4.1+dfsg-1build1
3.4.1+dfsg-1build3
3.4.1+dfsg-1build4
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.4.1+dfsg-1build4",
"binary_name": "gdal-bin"
},
{
"binary_version": "3.4.1+dfsg-1build4",
"binary_name": "gdal-data"
},
{
"binary_version": "3.4.1+dfsg-1build4",
"binary_name": "libgdal-perl"
},
{
"binary_version": "3.4.1+dfsg-1build4",
"binary_name": "libgdal30"
},
{
"binary_version": "3.4.1+dfsg-1build4",
"binary_name": "python3-gdal"
}
]
}Ubuntu:24.04:LTS
gdal
Package
- Name
- gdal
- Purl
- pkg:deb/ubuntu/gdal?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.7.1+dfsg-1build1
3.8.0+dfsg-1
3.8.1+dfsg-1build1
3.8.2+dfsg-1
3.8.3+dfsg-1
3.8.4+dfsg-1
3.8.4+dfsg-3ubuntu2
3.8.4+dfsg-3ubuntu3
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.8.4+dfsg-3ubuntu3",
"binary_name": "gdal-bin"
},
{
"binary_version": "3.8.4+dfsg-3ubuntu3",
"binary_name": "gdal-data"
},
{
"binary_version": "3.8.4+dfsg-3ubuntu3",
"binary_name": "gdal-plugins"
},
{
"binary_version": "3.8.4+dfsg-3ubuntu3",
"binary_name": "libgdal34t64"
},
{
"binary_version": "3.8.4+dfsg-3ubuntu3",
"binary_name": "python3-gdal"
}
]
}Ubuntu:25.10
gdal
Package
- Name
- gdal
- Purl
- pkg:deb/ubuntu/gdal?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.10.3+dfsg-1build2",
"binary_name": "gdal-bin"
},
{
"binary_version": "3.10.3+dfsg-1build2",
"binary_name": "gdal-data"
},
{
"binary_version": "3.10.3+dfsg-1build2",
"binary_name": "gdal-plugins"
},
{
"binary_version": "3.10.3+dfsg-1build2",
"binary_name": "libgdal36"
},
{
"binary_version": "3.10.3+dfsg-1build2",
"binary_name": "python3-gdal"
}
]
}Ubuntu:26.04:LTS
gdal
Package
- Name
- gdal
- Purl
- pkg:deb/ubuntu/gdal?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.10.3+dfsg-1build2
3.10.3+dfsg-1build3
3.11.4+dfsg-1
3.12.0+dfsg-1
3.12.1+dfsg-1
3.12.2+dfsg-1
3.12.2+dfsg-1build1
3.12.2+dfsg-1build2
Ecosystem specific
{
"binaries": [
{
"binary_version": "3.12.2+dfsg-1build2",
"binary_name": "gdal-bin"
},
{
"binary_version": "3.12.2+dfsg-1build2",
"binary_name": "gdal-data"
},
{
"binary_version": "3.12.2+dfsg-1build2",
"binary_name": "gdal-plugins"
},
{
"binary_version": "3.12.2+dfsg-1build2",
"binary_name": "libgdal38"
},
{
"binary_version": "3.12.2+dfsg-1build2",
"binary_name": "python3-gdal"
}
]
}Ubuntu:Pro:14.04:LTS
gdal
Package
- Name
- gdal
- Purl
- pkg:deb/ubuntu/gdal?arch=source&distro=esm-infra-legacy%2Ftrusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.9.0-3.1ubuntu4
1.9.0-3.1ubuntu6
1.10.1+dfsg-2
1.10.1+dfsg-2build1
1.10.1+dfsg-3
1.10.1+dfsg-3build1
1.10.1+dfsg-3build2
1.10.1+dfsg-3ubuntu1
1.10.1+dfsg-3ubuntu2
1.10.1+dfsg-5ubuntu1
1.10.1+dfsg-5ubuntu1+esm1
1.10.1+dfsg-5ubuntu1+esm2
Ecosystem specific
{
"binaries": [
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm2",
"binary_name": "gdal-bin"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm2",
"binary_name": "libgdal-java"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm2",
"binary_name": "libgdal-perl"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm2",
"binary_name": "libgdal1h"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm2",
"binary_name": "python-gdal"
},
{
"binary_version": "1.10.1+dfsg-5ubuntu1+esm2",
"binary_name": "python3-gdal"
}
]
}Ubuntu:Pro:16.04:LTS
gdal
Package
- Name
- gdal
- Purl
- pkg:deb/ubuntu/gdal?arch=source&distro=esm-apps-legacy%2Fxenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.11.2+dfsg-3ubuntu3
1.11.2+dfsg-3ubuntu4
1.11.3+dfsg-2build1
1.11.3+dfsg-2build2
1.11.3+dfsg-2build3
1.11.3+dfsg-3
1.11.3+dfsg-3build1
1.11.3+dfsg-3build2
1.11.3+dfsg-3ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "1.11.3+dfsg-3ubuntu0.1~esm1",
"binary_name": "gdal-bin"
},
{
"binary_version": "1.11.3+dfsg-3ubuntu0.1~esm1",
"binary_name": "libgdal-java"
},
{
"binary_version": "1.11.3+dfsg-3ubuntu0.1~esm1",
"binary_name": "libgdal-perl"
},
{
"binary_version": "1.11.3+dfsg-3ubuntu0.1~esm1",
"binary_name": "libgdal1i"
},
{
"binary_version": "1.11.3+dfsg-3ubuntu0.1~esm1",
"binary_name": "python-gdal"
},
{
"binary_version": "1.11.3+dfsg-3ubuntu0.1~esm1",
"binary_name": "python3-gdal"
}
]
}