Headline
Ubuntu Security Notice USN-6310-1
Ubuntu Security Notice 6310-1 - It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
==========================================================================Ubuntu Security Notice USN-6310-1August 28, 2023json-c vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:json-c could be made to crash or execute arbitrary code if it received aspecially crafted JSON file.Software Description:- json-c: JSON manipulation libraryDetails:It was discovered that json-c incorrectly handled certain JSON files.An attacker could possibly use this issue to cause a crash orexecute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS: libjson-c5 0.15-3~ubuntu1.22.04.2In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-6310-1 CVE-2021-32292Package Information: https://launchpad.net/ubuntu/+source/json-c/0.15-3~ubuntu1.22.04.2Related news
Gentoo Linux Security Advisory 202408-8 - A vulnerability has been discovered in json-c, which can lead to a stack buffer overflow. Versions greater than or equal to 0.16 are affected.
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Debian Linux Security Advisory 5486-1 - An invalid memory access was discovered in json-c, a JSON library which could result in denial of service.
An issue was discovered in json-c through 0.15-20200726. A stack-buffer-overflow exists in the function parseit located in json_parse.c. It allows an attacker to cause code Execution.