Local Privilege Escalation in authd by Canonical
CVE-2026-6970

7.3HIGH

Key Information:

Vendor: Canonical
Status: Authd
Vendor: CVE Published:; 27 April 2026

What is CVE-2026-6970?

authd versions prior to 0.6.4 are affected by a logic error related to primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID (GID) is set differently from their user ID (UID), due to either account creation issues or manual changes, an update in the user's identity provider record can trigger authd to incorrectly reset the primary group ID to match the UID upon the next login. This misconfiguration causes new files and directories to be owned by the incorrect group, resulting in denial of service and potentially allowing unauthorized access to other local users.

Affected Version(s)

authd Linux 0.6.0 < 0.6.4

authd Linux 0.6.1 < 0.6.1ubuntu0.1

References

https://github.com/canonical/authd/security/advisories/GH...

vendor-advisory

https://github.com/canonical/authd/commit/154b428305cb1a7...

patch

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 27, 2026
Vulnerability Reserved
Apr 24, 2026

CVE-2026-6970 Data

JSON