CVE-2026-44931
Publication date 13 May 2026
Last updated 22 May 2026
Ubuntu priority
Description
The newly introduced RecordUsage D-Bus method https://gitlab.freedesktop.org/pwithnall/malcontent/-/blob/0.14.0/libmalcontent-timer/child-timer-service.c in malcontent-timerd allows arbitrary users in the system to slowly fill up disk space in /var/lib/malcontent-timerd
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| malcontent | 26.04 LTS resolute |
Vulnerable, fix deferred
|
| 25.10 questing |
Not affected
|
|
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Not affected
|
Notes
mdeslaur
Introduced in 0.14.0 As of 2026-05-19, there is no fix available for this issue from malcontant developers