Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 24.04 LTS USN-6833-1 Moderate: VTE Resource Crash

ubuntu
Calendar Grey June 13, 2024
Dist Ubuntu Esm H88
A critical vulnerability impacting various Ubuntu versions leads to excessive resource utilization and system instability. Apply updates immediately.
VTE could be made to consume resources and crash if it displayed specially crafted data.

Summary

VTE could be made to consume resources and crash if it displayed specially

crafted data.

Software Description:

- vte2.91: Terminal emulator widget for GTK

Details:

Siddharth Dushantha discovered that VTE incorrectly handled large window

resize escape sequences. An attacker could possibly use this issue to

consume resources, leading to a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
   libvte-2.91-0                   0.76.0-1ubuntu0.1
   libvte-2.91-gtk4-0              0.76.0-1ubuntu0.1

Ubuntu 23.10
   libvte-2.91-0                   0.74.0-2ubuntu0.1
   libvte-2.91-gtk4-0              0.74.0-2ubuntu0.1

Ubuntu 22.04 LTS
   libvte-2.91-0                   0.68.0-1ubuntu0.1

Ubuntu 20.04 LTS
   libvte-2.91-0                   0.60.3-0ubuntu1~20.5

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6833-1

CVE-2024-37535

Ubuntu Security Notice USN-6833-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here