Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 536
Alerts This Week
Warning Icon 1 536

Ubuntu 26.04 lwIP Severe Buffer Overflow Denial of Service Issue USN-8423-1

ubuntu
Calendar Grey June 11, 2026
Scroller Ubuntu
Update for lwIP addresses security issues in Ubuntu versions 20.04 through 26.04, including buffer overflow fixes.
Several security issues were fixed in lwIP.

Summary

Several security issues were fixed in lwIP.

Software Description:

- lwip: Lightweight TCP/IP stack

Details:

It was discovered that lwIP contained a buffer overflow in the EAP

authentication handling code. An attacker could possibly use this issue

to trigger a buffer overflow, resulting in arbitrary code execution or a

denial of service. This issue only affected Ubuntu 20.04 LTS.

(CVE-2020-8597)

It was discovered that lwIP incorrectly handled certain ICMPv6 or

6LoWPAN packets. An attacker could possibly use this issue to trigger a

buffer overflow, resulting in information disclosure. This issue only

affected Ubuntu 20.04 LTS. (CVE-2020-22283, CVE-2020-22284)

It was discovered that lwIP did not properly validate certain SNMPv3

authentication parameters. An attacker could possibly use this issue to

trigger a stack-based buffer overflow, resulting in arbitrary code

execution or a denial of service. (CVE-2026-8836)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 26.04 LTS
  liblwip-dev                     2.2.1+dfsg1-4ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  liblwip-doc                     2.2.1+dfsg1-4ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  liblwip0t64                     2.2.1+dfsg1-4ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 24.04 LTS
  liblwip-dev                     2.2.0+dfsg1-6.1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  liblwip-doc                     2.2.0+dfsg1-6.1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  liblwip0t64                     2.2.0+dfsg1-6.1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  liblwip-dev                     2.1.3+dfsg1-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  liblwip-doc                     2.1.3+dfsg1-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  liblwip0                        2.1.3+dfsg1-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  liblwip-dev                     2.1.2+dfsg1-4ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  liblwip-doc                     2.1.2+dfsg1-4ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  liblwip0                        2.1.2+dfsg1-4ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8423-1

CVE-2020-22283, CVE-2020-22284, CVE-2020-8597, CVE-2026-8836

Severity
high
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8423-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.