GUPnP could allow unintended access to network services.
Software Description:
- gupnp: framework for creating UPnP devices and control points
Details:
It was discovered that GUPnP incorrectly filtered local requests. If a user
were tricked into visiting a malicious website, a remote attacker could
possibly use this issue to perform actions against local UPnP services such
as obtaining or altering sensitive information.
The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: libgupnp-1.2-0 1.2.4-1ubuntu0.21.04.1 Ubuntu 20.10: libgupnp-1.2-0 1.2.4-1ubuntu0.20.10.1 Ubuntu 20.04 LTS: libgupnp-1.2-0 1.2.3-0ubuntu0.20.04.2 After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-4970-1
CVE-2021-33516
Get the latest Linux and open source security news straight to your inbox.