Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
172
security advisoryDoSarbitrary code executionUbuntu 23.04 USN-6402-1 Critical: libtommath DoS Threat Details
LibTomMatch could be made to execute arbitrary code or denial of service if it received a specially crafted input.. ========================================================================== Ubuntu Security Notice USN-6402-1 October 02, 2023 libtommath vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: LibTomMatch could be made to execute arbitrary code or denial of service if it received a specially crafted input. Software Description: - libtommath: multiple-precision integer library [development files] Details: It was discovered that LibTomMath incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code and cause a denial of service (DoS). Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: libtommath1 1.2.0-6ubuntu0.23.04.1 Ubuntu 22.04 LTS: libtommath1 1.2.0-6ubuntu0.22.04.1 Ubuntu 20.04 LTS: libtommath1 1.2.0-3ubuntu0.1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): libtommath1 1.0.1-1ubuntu0.1~esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): libtommath0 0.42.0-1.2ubuntu0.1~esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6402-1 CVE-2023-36328 Package Information: https://launchpad.net/ubuntu/+source/libtommath/1.2.0-6ubuntu0.23.04.1 https://launchpad.net/ubuntu/+source/libtommath/1.2.0-6ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/libtommath/1.2.0-3ubuntu0.1 . Ubuntu 23.04 Security Advisory USN-6402-1: libtommath Severe Denial of Service vulnerability particulars and remediation guidelines.. libtommath,DoS threat, arbitrary code, Ubuntu security notice. . Severity: Critical. LinuxSecurity.com Team
Oct 02, 2023
•Critical
Ubuntu
203
security advisorydenial of servicecritical updateMageia: 2023-0167 High libtommath Memory Corruption Vulnerability Report
libtomath is vulnerable to an Integer Overflow vulnerability that could allow attackers to execute arbitrary code and cause a denial of service (DoS). (CVE-2023-36328) References: . MGASA-2023-0265 - Updated libtommath packages fix security vulnerability Publication date: 24 Sep 2023 URL: https://advisories.mageia.org/MGASA-2023-0265.html Type: security Affected Mageia releases: 8, 9 CVE: CVE-2023-36328 libtomath is vulnerable to an Integer Overflow vulnerability that could allow attackers to execute arbitrary code and cause a denial of service (DoS). (CVE-2023-36328) References: - https://bugs.mageia.org/show_bug.cgi?id=32247 - https://github.com/libtom/libtommath/pull/546 - https://www.cve.org/CVERecord?id=CVE-2023-36328 SRPMS: - 9/core/libtommath-1.2.1-1.mga9 - 8/core/libtommath-1.2.1-1.mga8 . Debian 2023-0453: Urgent openssl patch fixes buffer overflow vulnerabilities permitting remote execution and service disruption.. libtommath, Integer Overflow, Security Update, Mageia 8, Mageia 9. . LinuxSecurity.com Team
Sep 24, 2023
Mageia
89
security advisoryFedorasoftware fixFedora 38: FEDORA-2023-a7c6b2d9c3 Critical: OpenSSL Buffer Overflow
Security fix for CVE-2023-36328. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-f5680e3b4b 2023-09-18 01:37:07.642176 -------------------------------------------------------------------------------- Name : libtommath Product : Fedora 37 Version : 1.2.0 Release : 11.fc37 URL : https://www.libtom.net/ Summary : A portable number theoretic multiple-precision integer library Description : A free open source portable number theoretic multiple-precision integer library written entirely in C. (phew!). The library is designed to provide a simple to work with API that provides fairly efficient routines that build out of the box without configuration. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-36328 -------------------------------------------------------------------------------- ChangeLog: * Sat Sep 2 2023 Frantisek Sumsal - 1.2.0-11 - Fix CVE-2023-36328 (#2236877,#2236878) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2236877 - CVE-2023-36328 libtommath: Integer Overflow vulnerability in mp_grow in libtom https://bugzilla.redhat.com/show_bug.cgi?id=2236877 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-f5680e3b4b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Sep 18, 2023
•Critical
Fedora
89
security advisorycriticalsoftware updateFedora 39: 2023-f357a25877 Critical LibTomMath Integer Overflow Fix
Security fix for CVE-2023-36328. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-f357a25877 2023-09-18 00:15:36.942722 -------------------------------------------------------------------------------- Name : libtommath Product : Fedora 39 Version : 1.2.0 Release : 13.fc39 URL : https://www.libtom.net/ Summary : A portable number theoretic multiple-precision integer library Description : A free open source portable number theoretic multiple-precision integer library written entirely in C. (phew!). The library is designed to provide a simple to work with API that provides fairly efficient routines that build out of the box without configuration. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-36328 -------------------------------------------------------------------------------- ChangeLog: * Sat Sep 2 2023 Frantisek Sumsal - 1.2.0-13 - Fix CVE-2023-36328 (#2236877,#2236878) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2236877 - CVE-2023-36328 libtommath: Integer Overflow vulnerability in mp_grow in libtom https://bugzilla.redhat.com/show_bug.cgi?id=2236877 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-f357a25877' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Sep 18, 2023
•Critical
Fedora
89
security advisoryFedoracritical updateFedora 38: Security Advisory 2023-69b85312f0 Critical: Integer Overflow Fix
Security fix for CVE-2023-36328. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-69b85312f0 2023-09-05 00:40:06.815803 -------------------------------------------------------------------------------- Name : libtommath Product : Fedora 38 Version : 1.2.0 Release : 12.fc38 URL : https://www.libtom.net/ Summary : A portable number theoretic multiple-precision integer library Description : A free open source portable number theoretic multiple-precision integer library written entirely in C. (phew!). The library is designed to provide a simple to work with API that provides fairly efficient routines that build out of the box without configuration. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-36328 -------------------------------------------------------------------------------- ChangeLog: * Sat Sep 2 2023 Frantisek Sumsal - 1.2.0-12 - Fix CVE-2023-36328 (#2236877,#2236878) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2236877 - CVE-2023-36328 libtommath: Integer Overflow vulnerability in mp_grow in libtom https://bugzilla.redhat.com/show_bug.cgi?id=2236877 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-69b85312f0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Sep 05, 2023
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!