CVE-2026-14461
Publication date 10 July 2026
Last updated 16 July 2026
Ubuntu priority
Description
mtr is vulnerable to Out-of-bound read vulnerability in ipinfo_lookup() function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME field. ipinfo_lookup() function uses the length of the response as the end-of-message boundary for dn_expand() function. The result is a reliable crash. This issue exists in the mtr through version 0.96 and it was fixed in commit 48e1794414d338ce47abc0f27c25ade8788af9c3.
Read the notes from the security team
Why is this CVE low priority?
Only a denial of service in traceroute tool
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| mtr | 26.04 LTS resolute |
Needs evaluation
|
| 24.04 LTS noble |
Needs evaluation
|
|
| 22.04 LTS jammy |
Needs evaluation
|
|
| 20.04 LTS focal |
Needs evaluation
|
|
| 18.04 LTS bionic |
Needs evaluation
|
|
| 16.04 LTS xenial |
Needs evaluation
|
|
| 14.04 LTS trusty |
Needs evaluation
|
Notes
mdeslaur
This is just a crash in a traceroute tool, this has very little security impact. Setting priority to low.
Severity score breakdown
CVSS version: CVSS v4.0
Base score
5.1 · Medium
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N