Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Ubuntu 14.04 LTS USN-5807-3: libXpm Denial Of Service Fix

ubuntu
Calendar Grey July 26, 2023
Dist Ubuntu Esm H88
Ubuntu 20.04 LTS libXpm security flaw patched on July 26, 2023. Prompt upgrades advised to avert service disruption.
libXpm could be made to denial of service if it received a specially crafted XPM file.

Summary

libXpm could be made to denial of service if it received a specially

crafted XPM file.

Software Description:

- libxpm: X11 pixmap library

Details:

USN-5807-1 fixed a vulnerability in libXpm. This update provides

the corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

Marco Ivaldi discovered that libXpm incorrectly handled certain XPM files.

If a user or automated system were tricked into opening a specially crafted

XPM file, a remote attacker could possibly use this issue to cause libXpm

to stop responding, resulting in a denial of service. (CVE-2022-46285)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS (Available with Ubuntu Pro):
  libxpm4                         1:3.5.10-1ubuntu0.1+esm1
  xpmutils                        1:3.5.10-1ubuntu0.1+esm1

After a standard system update you need to restart your session to make all
the necessary changes.

References

https://ubuntu.com/security/notices/USN-5807-3

https://ubuntu.com/security/notices/USN-5807-1

CVE-2022-46285

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-5807-3

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here