Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 18.04 LTS libopenmpt Faces Serious Denial of Service Threat

ubuntu
Calendar Grey April 23, 2026
Dist Ubuntu Esm H88
OpenMPT crash issue can lead to denial of service; updates available for Ubuntu 18.04 LTS to mitigate risks.
OpenMPT could be made to crash if it received specially crafted input.

Summary

OpenMPT could be made to crash if it received specially crafted input.

Software Description:

- libopenmpt: module music library based on OpenMPT

Details:

Antonio Morales Maldonado discovered that OpenMPT did not properly limit

the length of strings in certain cases, leading to a buffer overflow.

An attacker could possibly use this issue to cause OpenMPT to crash,

resulting in a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
  libopenmpt-dev                  0.3.6-1ubuntu0.1~esm2
                                  Available with Ubuntu Pro
  libopenmpt-modplug1             0.3.6-1ubuntu0.1~esm2
                                  Available with Ubuntu Pro
  libopenmpt0                     0.3.6-1ubuntu0.1~esm2
                                  Available with Ubuntu Pro
  openmpt123                      0.3.6-1ubuntu0.1~esm2
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8206-1

CVE-2019-17113

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8206-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here