Headline
Ubuntu Security Notice USN-6402-2
Ubuntu Security Notice 6402-2 - USN-6402-1 fixed vulnerabilities in LibTomMath. This update provides the corresponding updates for Ubuntu 23.10. It was discovered that LibTomMath incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code and cause a denial of service.
==========================================================================
Ubuntu Security Notice USN-6402-2
November 27, 2023
libtommath vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.10
Summary:
LibTomMatch could be made to execute arbitrary code or
denial of service if it received a specially crafted input.
Software Description:
- libtommath: multiple-precision integer library [development files]
Details:
USN-6402-1 fixed vulnerabilities in LibTomMath. This update
provides the corresponding updates for Ubuntu 23.10.
Original advisory details:
It was discovered that LibTomMath incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code
and cause a denial of service (DoS).
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.10:
libtommath1 1.2.0-6ubuntu0.23.10.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6402-2
https://ubuntu.com/security/notices/USN-6402-1
CVE-2023-36328
Package Information:
https://launchpad.net/ubuntu/+source/libtommath/1.2.0-6ubuntu0.23.10.1
Related news
Ubuntu Security Notice 6402-1 - It was discovered that LibTomMath incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code and cause a denial of service.
Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS).