Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 22.04 LTS USN-7128-1: pygments denial of service advisory

ubuntu
Calendar Grey November 26, 2024
Dist Ubuntu Esm H88
A critical flaw in Pygments impacts Ubuntu 22.04 LTS, leading to unexpected terminations when handling maliciously designed inputs.
Pygments could be made to crash if it received specially crafted input.

Summary

Pygments could be made to crash if it received specially crafted input.

Software Description:

- pygments: Generic syntax highlighter

Details:

Sebastian Chnelik discovered that Pygments had an inefficient regex query

for analyzing certain inputs. An attacker could possibly use this issue to

cause a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
   python3-pygments                2.11.2+dfsg-2ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-7128-1

  CVE-2022-40896

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7128-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here