Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 620
Alerts This Week
Warning Icon 1 620

Ubuntu 23.04 USN-6402-1 Critical: libtommath DoS Threat Details

ubuntu
Calendar Grey October 2, 2023
Dist Ubuntu Esm H88
Ubuntu 23.04 Security Advisory USN-6402-1: libtommath Severe Denial of Service vulnerability particulars and remediation guidelines.
LibTomMatch could be made to execute arbitrary code or denial of service if it received a specially crafted input.

Summary

LibTomMatch could be made to execute arbitrary code or

denial of service if it received a specially crafted input.

Software Description:

- libtommath: multiple-precision integer library [development files]

Details:

It was discovered that LibTomMath incorrectly handled certain inputs.

An attacker could possibly use this issue to execute arbitrary code

and cause a denial of service (DoS).

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.04:
  libtommath1                     1.2.0-6ubuntu0.23.04.1

Ubuntu 22.04 LTS:
  libtommath1                     1.2.0-6ubuntu0.22.04.1

Ubuntu 20.04 LTS:
  libtommath1                     1.2.0-3ubuntu0.1

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
  libtommath1                     1.0.1-1ubuntu0.1~esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
  libtommath0                     0.42.0-1.2ubuntu0.1~esm1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6402-1

CVE-2023-36328

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6402-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.