Alerts This Week
Warning Icon 1 825
Alerts This Week
Warning Icon 1 825

Ubuntu 26.04 lwIP Severe Buffer Overflow Denial of Service Issue USN-8423-1

ubuntu
Calendar Grey June 11, 2026
Dist Ubuntu Esm H88
Update for lwIP addresses security issues in Ubuntu versions 20.04 through 26.04, including buffer overflow fixes.
Several security issues were fixed in lwIP.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in lwIP. Software Description: - lwip: Lightweight TCP/IP stack Details: It was discovered that lwIP contained a buffer overflow in the EAP authentication handling code. An attacker could possibly use this issue to trigger a buffer overflow, resulting in arbitrary code execution or a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-8597) It was discovered that lwIP incorrectly handled certain ICMPv6 or 6LoWPAN packets. An attacker could possibly use this issue to trigger a buffer overflow, resulting in information disclosure. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-22283, CVE-2020-22284) It was discovered that lwIP did not properly validate certain SNMPv3 authentication parameters. An attacker could possibly use this issue to trigger a stack-based buf...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory buffer overflow DoS arbitrary code execution Ubuntu high

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS liblwip-dev 2.2.1+dfsg1-4ubuntu0.1~esm1 Available with Ubuntu Pro liblwip-doc 2.2.1+dfsg1-4ubuntu0.1~esm1 Available with Ubuntu Pro liblwip0t64 2.2.1+dfsg1-4ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 24.04 LTS liblwip-dev 2.2.0+dfsg1-6.1ubuntu0.1~esm1 Available with Ubuntu Pro liblwip-doc 2.2.0+dfsg1-6.1ubuntu0.1~esm1 Available with Ubuntu Pro liblwip0t64 2.2.0+dfsg1-6.1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS liblwip-dev 2.1.3+dfsg1-1ubuntu0.1~esm1 Available with Ubuntu Pro liblwip-doc 2.1.3+dfsg1-1ubuntu0.1~esm1 Available with Ubuntu Pro liblwip0 2.1.3+dfsg1-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS liblwip-dev 2.1.2+dfsg1-4ubuntu0.1~esm1 Available with Ubuntu Pro liblwip-doc 2.1.2+dfsg1-4ubuntu0.1~esm1 Available with Ubuntu Pro liblwip0 2.1.2+dfsg1-4ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8423-1

CVE-2020-22283, CVE-2020-22284, CVE-2020-8597, CVE-2026-8836

Severity
high
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8423-1

Topics%20covered

Topics Covered

security advisory buffer overflow DoS arbitrary code execution Ubuntu high

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here