USN-8288-1: Bubblewrap vulnerability

🗓️ 20 May 2026 18:16:25Reported by UbuntuType

ubuntu

ubuntu🔗 ubuntu.com👁 5 Views

Bubblewrap sandbox setup in setuid mode may allow a local attacker to bypass sandbox restrictions.

Reporter	Title	Published	Views	Family All 28
ATTACKERKB	CVE-2026-41163	9 May 202603:56	–	attackerkb
AlpineLinux	CVE-2026-41163	9 May 202603:56	–	alpinelinux
Circl	CVE-2026-41163	25 Apr 202611:17	–	circl
CNNVD	Bubblewrap 安全漏洞	9 May 202600:00	–	cnnvd
CVE	CVE-2026-41163	9 May 202603:56	–	cve
Cvelist	CVE-2026-41163 bubblewrap vulnerable to privilege escalation in setuid mode via ptrace	9 May 202603:56	–	cvelist
Debian CVE	CVE-2026-41163	9 May 202603:56	–	debiancve
EUVD	EUVD-2026-28884	9 May 202603:56	–	euvd
NVD	CVE-2026-41163	9 May 202604:16	–	nvd
Tenable Nessus	openSUSE 16 Security Update : bubblewrap (openSUSE-SU-2026:20811-1)	29 May 202600:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	25.10	amd64	bubblewrap	0.11.0-2ubuntu0.1	bubblewrap_0.11.0-2ubuntu0.1_amd64.deb
Ubuntu	25.10	amd64v3	bubblewrap	0.11.0-2ubuntu0.1	bubblewrap_0.11.0-2ubuntu0.1_amd64v3.deb
Ubuntu	25.10	arm64	bubblewrap	0.11.0-2ubuntu0.1	bubblewrap_0.11.0-2ubuntu0.1_arm64.deb
Ubuntu	25.10	armhf	bubblewrap	0.11.0-2ubuntu0.1	bubblewrap_0.11.0-2ubuntu0.1_armhf.deb
Ubuntu	25.10	i386	bubblewrap	0.11.0-2ubuntu0.1	bubblewrap_0.11.0-2ubuntu0.1_i386.deb
Ubuntu	25.10	ppc64el	bubblewrap	0.11.0-2ubuntu0.1	bubblewrap_0.11.0-2ubuntu0.1_ppc64el.deb
Ubuntu	25.10	riscv64	bubblewrap	0.11.0-2ubuntu0.1	bubblewrap_0.11.0-2ubuntu0.1_riscv64.deb
Ubuntu	25.10	s390x	bubblewrap	0.11.0-2ubuntu0.1	bubblewrap_0.11.0-2ubuntu0.1_s390x.deb
Ubuntu	26.04	amd64	bubblewrap	0.11.1-1ubuntu0.1	bubblewrap_0.11.1-1ubuntu0.1_amd64.deb
Ubuntu	26.04	amd64v3	bubblewrap	0.11.1-1ubuntu0.1	bubblewrap_0.11.1-1ubuntu0.1_amd64v3.deb

20 May 2026 18:16Current

5.8Medium risk

Vulners AI Score5.8

CVSS 48.7

EPSS0.0008

SSVC

bubblewrap sandbox setup phase setuid mode local attacker bypass sandbox restrictions