xfpt could be made to crash or run programs if it opened a specially
crafted file.
Software Description:
- xfpt: generate XML from plain text
Details:
It was discovered that xfpt did not properly manage memory under certain
circumstances. If a user were tricked into opening a specially crafted
file, an attacker could possibly use this issue to cause the application
to crash or execute arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 xfpt 1.00-2ubuntu0.24.10.1 Ubuntu 24.04 LTS xfpt 1.00-2ubuntu0.24.04.1 Ubuntu 22.04 LTS xfpt 0.11-1ubuntu0.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-7192-1
CVE-2024-43700
Get the latest Linux and open source security news straight to your inbox.