Stay Vigilant with Timely Linux Security Advisories

security advisorydenial of servicefedora

Fedora 44 libcoap Critical Memory Corruption DoS Fix 2026-148e35657a

Update to 4.3.5b. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-148e35657a 2026-04-28 01:29:45.334610+00:00 -------------------------------------------------------------------------------- Name : libcoap Product : Fedora 44 Version : 4.3.5b Release : 1.fc44 URL : https://libcoap.net/ Summary : C library implementation of CoAP Description : The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Internet of Things. The protocol is designed for machine-to-machine (M2M) applications such as smart energy and building automation. libcoap implements a lightweight application-protocol for devices with constrained resources such as computing power, RF range, memory, bandwidth, or network packet sizes. This protocol, CoAP, was standardized in the IETF working group "CoRE" as RFC 7252. -------------------------------------------------------------------------------- Update Information: Update to 4.3.5b -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 17 2026 Peter Robinson - 4.3.5b-1 - Update to 4.3.5b -------------------------------------------------------------------------------- References: [ 1 ] Bug #2459331 - CVE-2026-29013 libcoap: libcoap: Memory corruption and denial of service via crafted CoAP requests https://bugzilla.redhat.com/show_bug.cgi?id=2459331 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-148e35657a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by theFedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Libcoap 4.3.5b update addresses memory issues and enhances Fedora's IoT capabilities.. libcoap update, Fedora security advisory, memory corruption fix, CoAP protocol. . Severity: Critical. LinuxSecurity.com Team

Apr 28, 2026 •Critical Fedora

security advisorydenial of servicefedora

Fedora 42 libcoap 4.3.5b Memory Corruption DoS Security Fix 2026-a8ee24f019

Update to 4.3.5b. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-a8ee24f019 2026-04-28 01:11:18.587359+00:00 -------------------------------------------------------------------------------- Name : libcoap Product : Fedora 42 Version : 4.3.5b Release : 1.fc42 URL : https://libcoap.net/ Summary : C library implementation of CoAP Description : The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Internet of Things. The protocol is designed for machine-to-machine (M2M) applications such as smart energy and building automation. libcoap implements a lightweight application-protocol for devices with constrained resources such as computing power, RF range, memory, bandwidth, or network packet sizes. This protocol, CoAP, was standardized in the IETF working group "CoRE" as RFC 7252. -------------------------------------------------------------------------------- Update Information: Update to 4.3.5b -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 17 2026 Peter Robinson - 4.3.5b-1 - Update to 4.3.5b * Fri Jan 16 2026 Fedora Release Engineering - 4.3.5a-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2459331 - CVE-2026-29013 libcoap: libcoap: Memory corruption and denial of service via crafted CoAP requests https://bugzilla.redhat.com/show_bug.cgi?id=2459331 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-a8ee24f019' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fedora 42 updates libcoap to 4.3.5b to address a memory corruption issue that causes denial of service.. libcoap update, Fedora 42, memory corruption, denial of service, security advisory. . Severity: Important. LinuxSecurity.com Team

Apr 28, 2026 •Important Fedora

security advisorydenial of servicefedora

Fedora 43 libcoap Noteworthy Memory Fault DoS Alert 2026-1be934b12d

Update to 4.3.5b. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-0ce923a09d 2026-04-28 00:55:52.209207+00:00 -------------------------------------------------------------------------------- Name : libcoap Product : Fedora 43 Version : 4.3.5b Release : 1.fc43 URL : https://libcoap.net/ Summary : C library implementation of CoAP Description : The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Internet of Things. The protocol is designed for machine-to-machine (M2M) applications such as smart energy and building automation. libcoap implements a lightweight application-protocol for devices with constrained resources such as computing power, RF range, memory, bandwidth, or network packet sizes. This protocol, CoAP, was standardized in the IETF working group "CoRE" as RFC 7252. -------------------------------------------------------------------------------- Update Information: Update to 4.3.5b -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 17 2026 Peter Robinson - 4.3.5b-1 - Update to 4.3.5b * Fri Jan 16 2026 Fedora Release Engineering - 4.3.5a-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2459331 - CVE-2026-29013 libcoap: libcoap: Memory corruption and denial of service via crafted CoAP requests https://bugzilla.redhat.com/show_bug.cgi?id=2459331 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-0ce923a09d' at the command line. For more information, refer to the dnf documentation availableat http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Learn about the recent security advisory for Fedora 43 libcoap addressing denial of service and memory corruption issues.. libcoap Fedora update DoS memory corruption. . Severity: Important. LinuxSecurity.com Team

Apr 28, 2026 •Important Fedora

security advisorydenial of servicefedora

Fedora 42: libcoap Security Update 2025-6a43695048 for Denial of Service

Update to security release 4.3.5a. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-6a43695048 2025-12-05 02:40:12.306048+00:00 -------------------------------------------------------------------------------- Name : libcoap Product : Fedora 42 Version : 4.3.5a Release : 1.fc42 URL : https://libcoap.net/ Summary : C library implementation of CoAP Description : The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Internet of Things. The protocol is designed for machine-to-machine (M2M) applications such as smart energy and building automation. libcoap implements a lightweight application-protocol for devices with constrained resources such as computing power, RF range, memory, bandwidth, or network packet sizes. This protocol, CoAP, was standardized in the IETF working group "CoRE" as RFC 7252. -------------------------------------------------------------------------------- Update Information: Update to security release 4.3.5a -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 29 2025 Peter Robinson - 4.3.5a-1 - Update to 4.3.5a * Thu Jul 24 2025 Fedora Release Engineering - 4.3.5-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2388738 - CVE-2025-50518 libcoap: Libcoap Use-After-Free Vulnerability [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2388738 [ 2 ] Bug #2388740 - CVE-2025-50518 libcoap: Libcoap Use-After-Free Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2388740 [ 3 ] Bug #2416889 - CVE-2025-65493 libcoap: libcoap denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2416889 [ 4 ] Bug #2416890 -CVE-2025-65494 libcoap: libcoap denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2416890 [ 5 ] Bug #2416891 - CVE-2025-65493 libcoap: libcoap denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2416891 [ 6 ] Bug #2416892 - CVE-2025-65495 libcoap: libcoap denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2416892 [ 7 ] Bug #2416893 - CVE-2025-65493 libcoap: libcoap denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2416893 [ 8 ] Bug #2416894 - CVE-2025-65494 libcoap: libcoap denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2416894 [ 9 ] Bug #2416895 - CVE-2025-65495 libcoap: libcoap denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2416895 [ 10 ] Bug #2416896 - CVE-2025-65494 libcoap: libcoap denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2416896 [ 11 ] Bug #2416897 - CVE-2025-65495 libcoap: libcoap denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2416897 [ 12 ] Bug #2417721 - CVE-2025-65496 libcoap: NULL pointer dereference during DTLS operations [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417721 [ 13 ] Bug #2417722 - CVE-2025-65496 libcoap: NULL pointer dereference during DTLS operations [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417722 [ 14 ] Bug #2417723 - CVE-2025-65497 libcoap: NULL pointer dereference during DTLS operations [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417723 [ 15 ] Bug #2417724 - CVE-2025-65497 libcoap: NULL pointer dereference during DTLS operations [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417724 [ 16 ] Bug #2417725 - CVE-2025-65498 libcoap: NULL pointer dereference during DTLS operations [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417725 [ 17 ] Bug #2417726 - CVE-2025-65498libcoap: NULL pointer dereference during DTLS operations [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417726 [ 18 ] Bug #2417727 - CVE-2025-65499 libcoap: NULL pointer dereference during DTLS operations [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417727 [ 19 ] Bug #2417728 - CVE-2025-65499 libcoap: NULL pointer dereference during DTLS operations [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417728 [ 20 ] Bug #2417729 - CVE-2025-65500 libcoap: NULL pointer dereference during DTLS operations [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417729 [ 21 ] Bug #2417731 - CVE-2025-65501 libcoap: NULL pointer dereference during DTLS operations [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417731 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6a43695048' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Update to libcoap for Fedora 42 addresses multiple critical issuesincluding denial of service and use-after-free vulnerabilities.. libcoap update, Fedora 42 security, denial of service fix, use-after-free vulnerability, software security. . Severity: Important. LinuxSecurity.com Team

Dec 05, 2025 •Important Fedora

security advisorydenial of servicefedora

Fedora 43: libcoap Major Security Flaw Identified 2025-b412c87h5z

Update to security release 4.3.5a. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-d408d76c4a 2025-12-05 02:08:09.994420+00:00 -------------------------------------------------------------------------------- Name : libcoap Product : Fedora 43 Version : 4.3.5a Release : 1.fc43 URL : https://libcoap.net/ Summary : C library implementation of CoAP Description : The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Internet of Things. The protocol is designed for machine-to-machine (M2M) applications such as smart energy and building automation. libcoap implements a lightweight application-protocol for devices with constrained resources such as computing power, RF range, memory, bandwidth, or network packet sizes. This protocol, CoAP, was standardized in the IETF working group "CoRE" as RFC 7252. -------------------------------------------------------------------------------- Update Information: Update to security release 4.3.5a -------------------------------------------------------------------------------- ChangeLog: * Sat Nov 29 2025 Peter Robinson - 4.3.5a-1 - Update to 4.3.5a -------------------------------------------------------------------------------- References: [ 1 ] Bug #2388738 - CVE-2025-50518 libcoap: Libcoap Use-After-Free Vulnerability [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2388738 [ 2 ] Bug #2388740 - CVE-2025-50518 libcoap: Libcoap Use-After-Free Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2388740 [ 3 ] Bug #2416889 - CVE-2025-65493 libcoap: libcoap denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2416889 [ 4 ] Bug #2416890 - CVE-2025-65494 libcoap: libcoap denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2416890 [ 5 ]Bug #2416891 - CVE-2025-65493 libcoap: libcoap denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2416891 [ 6 ] Bug #2416892 - CVE-2025-65495 libcoap: libcoap denial of service [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2416892 [ 7 ] Bug #2416893 - CVE-2025-65493 libcoap: libcoap denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2416893 [ 8 ] Bug #2416894 - CVE-2025-65494 libcoap: libcoap denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2416894 [ 9 ] Bug #2416895 - CVE-2025-65495 libcoap: libcoap denial of service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2416895 [ 10 ] Bug #2416896 - CVE-2025-65494 libcoap: libcoap denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2416896 [ 11 ] Bug #2416897 - CVE-2025-65495 libcoap: libcoap denial of service [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2416897 [ 12 ] Bug #2417721 - CVE-2025-65496 libcoap: NULL pointer dereference during DTLS operations [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417721 [ 13 ] Bug #2417722 - CVE-2025-65496 libcoap: NULL pointer dereference during DTLS operations [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417722 [ 14 ] Bug #2417723 - CVE-2025-65497 libcoap: NULL pointer dereference during DTLS operations [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417723 [ 15 ] Bug #2417724 - CVE-2025-65497 libcoap: NULL pointer dereference during DTLS operations [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417724 [ 16 ] Bug #2417725 - CVE-2025-65498 libcoap: NULL pointer dereference during DTLS operations [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417725 [ 17 ] Bug #2417726 - CVE-2025-65498 libcoap: NULL pointer dereference during DTLS operations [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417726 [18 ] Bug #2417727 - CVE-2025-65499 libcoap: NULL pointer dereference during DTLS operations [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417727 [ 19 ] Bug #2417728 - CVE-2025-65499 libcoap: NULL pointer dereference during DTLS operations [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417728 [ 20 ] Bug #2417729 - CVE-2025-65500 libcoap: NULL pointer dereference during DTLS operations [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2417729 [ 21 ] Bug #2417730 - CVE-2025-65500 libcoap: NULL pointer dereference during DTLS operations [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417730 [ 22 ] Bug #2417732 - CVE-2025-65501 libcoap: NULL pointer dereference during DTLS operations [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2417732 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-d408d76c4a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Libcoap has released a criticalsecurity update in Fedora 43 addressing multiple denial of service issues and use-after-free.. libcoap update, Fedora security, denial of service, use-after-free, security release. . Severity: Critical. LinuxSecurity.com Team

Dec 05, 2025 •Critical Fedora

security advisoryFedorapatching

Fedora 40: Critical libcoap Update Addressing CVE-2024-31031 Released

Patch to fix CVE-2024-31031. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-75863445ff 2024-05-03 01:40:26.180521 -------------------------------------------------------------------------------- Name : libcoap Product : Fedora 40 Version : 4.3.4a Release : 2.fc40 URL : https://libcoap.net/ Summary : C library implementation of CoAP Description : The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Internet of Things. The protocol is designed for machine-to-machine (M2M) applications such as smart energy and building automation. libcoap implements a lightweight application-protocol for devices with constrained resources such as computing power, RF range, memory, bandwidth, or network packet sizes. This protocol, CoAP, was standardized in the IETF working group "CoRE" as RFC 7252. -------------------------------------------------------------------------------- Update Information: Patch to fix CVE-2024-31031 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 24 2024 Peter Robinson - 4.3.4a-2 - Patch to fix CVE-2024-31031 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2275804 - CVE-2024-31031 libcoap: unsigned integer overflow vulnerability in coap_pdu.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2275804 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-75863445ff' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPGkeys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Update released for CVE-2024-31031 affecting Fedora 40's libcoap library, aimed at improving both security measures and overall system efficiency.. libcoap updates, security patches, Fedora software updates. . Severity: Critical. LinuxSecurity.com Team

May 03, 2024 •Critical Fedora

security advisoryFedorapatch

Fedora 39: FEDORA-2024-450b75e4a0 Moderate: libcoap Integer Overflow

Patch to fix CVE-2024-31031. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-450b75e4a0 2024-05-03 01:25:18.628875 -------------------------------------------------------------------------------- Name : libcoap Product : Fedora 39 Version : 4.3.4a Release : 2.fc39 URL : https://libcoap.net/ Summary : C library implementation of CoAP Description : The Constrained Application Protocol (CoAP) is a specialized web transfer protocol for use with constrained nodes and constrained networks in the Internet of Things. The protocol is designed for machine-to-machine (M2M) applications such as smart energy and building automation. libcoap implements a lightweight application-protocol for devices with constrained resources such as computing power, RF range, memory, bandwidth, or network packet sizes. This protocol, CoAP, was standardized in the IETF working group "CoRE" as RFC 7252. -------------------------------------------------------------------------------- Update Information: Patch to fix CVE-2024-31031 -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 24 2024 Peter Robinson - 4.3.4a-2 - Patch to fix CVE-2024-31031 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2275804 - CVE-2024-31031 libcoap: unsigned integer overflow vulnerability in coap_pdu.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2275804 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-450b75e4a0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPGkeys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . This release tackles CVE-2024-31032 affecting libcoap in Fedora 39, strengthening defenses through an important fix.. Fedora Libcoap Update, CVE-2024-31031 Patch, Security Advisory Fedora. . LinuxSecurity.com Team

May 03, 2024 Fedora

Community Poll

More Polls

Stay Secure with the Latest Linux Advisories

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Fedora 44 libcoap Critical Memory Corruption DoS Fix 2026-148e35657a

Fedora 42 libcoap 4.3.5b Memory Corruption DoS Security Fix 2026-a8ee24f019

Fedora 43 libcoap Noteworthy Memory Fault DoS Alert 2026-1be934b12d

Fedora 42: libcoap Security Update 2025-6a43695048 for Denial of Service

Fedora 43: libcoap Major Security Flaw Identified 2025-b412c87h5z

Fedora 40: Critical libcoap Update Addressing CVE-2024-31031 Released

Fedora 39: FEDORA-2024-450b75e4a0 Moderate: libcoap Integer Overflow

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!