Ubuntu Update For Lzo2 USN-2300-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Don A. Bailey discovered that LZO incorrectly handled certain input data. An attacker could use this issue to cause LZO to crash, resulting in a denial of service, or possibly execute arbitrary code.

Affected

lzo2 on Ubuntu 14.04 LTS , Ubuntu 12.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-July/002607.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-4607

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for bzip2 vulnerability USN-986-1
Ubuntu Update for aptdaemon vulnerability USN-1068-1
Ubuntu Update for apt USN-1385-1
Ubuntu Update for curl USN-2346-1
Ubuntu Update for bind9 USN-1163-1

Ubuntu Update for lzo2 USN-2300-1

Take action and discover your vulnerabilities