Stay Secure with the Latest Linux Advisories

security advisorydenial of servicecritical

Ubuntu 14.04 LTS: libmspack Critical Denial of Service Advisory USN-7788-1

Several security issues were fixed in libmspack.. ========================================================================== Ubuntu Security Notice USN-7788-1 October 01, 2025 libmspack vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: Several security issues were fixed in libmspack. Software Description: - libmspack: library for Microsoft compression formats Details: Jakub Wilk discovered that libmspack did not correctly handle certain integer operations and bounds checking. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2015-4467, CVE-2015-4468, CVE-2015-4469, CVE-2015-4472) It was discovered that libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service. (CVE-2017-11423) It was discovered that libmspack incorrectly handled certain malformed CHM files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2017-6419) Hanno Böck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-14679, CVE-2018-14680) Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-14681) Dmitry Glavatskikh discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-14682) It was discovered libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service. (CVE-2018-18585) It was discovered that libmspack incorrectly handled certain CHM files. A remote attacker could possibly use this issue toaccess sensitive information. (CVE-2019-1010305) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS libmspack-dev 0.4-1ubuntu0.1~esm2 Available with Ubuntu Pro libmspack-doc 0.4-1ubuntu0.1~esm2 Available with Ubuntu Pro libmspack0 0.4-1ubuntu0.1~esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7788-1 CVE-2015-4467, CVE-2015-4468, CVE-2015-4469, CVE-2015-4472, CVE-2017-11423, CVE-2017-6419, CVE-2018-14679, CVE-2018-14680, CVE-2018-14681, CVE-2018-14682, CVE-2018-18585, CVE-2019-1010305 . Several security issues in libmspack can lead to denial of service or arbitrary code execution. Update recommended!. Ubuntu 14.04 LTS, libmspack, security issues. . Severity: Critical. LinuxSecurity.com Team

Oct 01, 2025 •Critical Ubuntu