Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Moderate USN-7336-1 Gnuchess Overflow Issue in Ubuntu 24.10, 24.04 LTS

ubuntu
Calendar Grey March 10, 2025
Dist Ubuntu Esm H88
This alert highlights a vulnerability in gnuchess present across various Ubuntu distributions, which may lead to unauthorized code execution.
gnuchess could be made to crash or run programs as your login if it opened a specially crafted file.

Summary

gnuchess could be made to crash or run programs as your login if it

opened a specially crafted file.

Software Description:

- gnuchess: Plays a game of chess, either against the user or against itself

Details:

Michael Vaughan discovered an overflow vulnerability in GNU Chess that

occurs when reading a specially crafted Portable Game Notation (PGN)

file. An attacker could possibly use this issue to cause GNU Chess to

crash, resulting in a denial of service, or the execution of arbitrary

code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
   gnuchess                        6.2.7-1+deb11u1build0.24.10.1

Ubuntu 24.04 LTS
   gnuchess                        6.2.7-1+deb11u1build0.24.04.1

Ubuntu 22.04 LTS
   gnuchess                        6.2.7-1+deb11u1build0.22.04.1

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-7336-1

  CVE-2021-30184

Ubuntu Security Notice USN-7336-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here