Headline
Debian Security Advisory 5486-1
Debian Linux Security Advisory 5486-1 - An invalid memory access was discovered in json-c, a JSON library which could result in denial of service.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5486-1 [email protected]://www.debian.org/security/ Moritz MuehlenhoffAugust 30, 2023 https://www.debian.org/security/faq- -------------------------------------------------------------------------Package : json-cCVE ID : CVE-2021-32292An invalid memory access was discovered in json-c, a JSON librarywhich could result in denial of service.For the oldstable distribution (bullseye), this problem has been fixedin version 0.15-2+deb11u1.We recommend that you upgrade your json-c packages.For the detailed security status of json-c please refer toits security tracker page at:https://security-tracker.debian.org/tracker/json-cFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmTvg0kACgkQEMKTtsN8TjbBag//SgTS3cthPTxMvtMctQnwOtbmjPNqjhWb8WVaesTs+y67+z38V1OWc6kdd5Lzxv0O9iHHOq78X8I7OEXDwltfcxNqlxMqNN2vYsTGeC4/ciVibn2PHYQbfistEM/cRifQsKDFZ8xb1R6t67kpSjy2ufiyODFkI/+q88qCzC2NrrtpL7/bGDEU+k6U61Ff7CYIntg8dW9FGGiZE7aeBQX6qF8o+6smsmRM+352xuv58lJdduy3IcxfSEFFWzMY6GrkbZEl1VqbjVWjjKGkfDaMHXzgsPmiAfqce36WXhcZeAVLMbVLgs2+ebcZJ/SP+tRkLqX7LNMpf/JjfAeYQTlR8855wEkpVGUa/l/idkEp3UxVKJzrdwLxZFiC38eE5ySywDKUeNWIF55ieA0+fDnepLmIbLc8OD2n9FVy4trMFLiyDvaRMGw5kdP5XdTJi44J8YtMO0BwFdryOX5Pqpl2WBGcXEcI4QxmdmoBAGz5pWp+kURCmou6t/h0JO6Lmc40T5jCnPT72OQM8Od7HjPgabm8L4I3McQjGNT4F1uwTe8MiTRoJQgdXrJQz4cuQ+Ifo29jZVJTdGrDBZi/OLfc73NZXrBakWj/ZHc4Ifu0cRQAxTxFhMWnmJZhXV9lFoC5Qf8XsBy99xIMJ6yjhT9SjIY6a+8xXgfw6Dlk0kt6pIg==J1IA-----END PGP SIGNATURE-----Related news
Gentoo Linux Security Advisory 202408-8 - A vulnerability has been discovered in json-c, which can lead to a stack buffer overflow. Versions greater than or equal to 0.16 are affected.
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Ubuntu Security Notice 6310-1 - It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
An issue was discovered in json-c through 0.15-20200726. A stack-buffer-overflow exists in the function parseit located in json_parse.c. It allows an attacker to cause code Execution.