USN-6408-1 fixed several vulnerabilities in libXpm. This update provides
the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
Yair Mizrahi discovered that libXpm incorrectly handled certain malformed
XPM image files. If a user were tricked into opening a specially crafted
XPM image file, a remote attacker could possibly use this issue to consume
memory, leading to a denial of service. (CVE-2023-43786)
Yair Mizrahi discovered that libXpm incorrectly handled certain malformed
XPM image files. If a user were tricked into opening a specially crafted
XPM image file, a remote attacker could use this issue to cause libXpm to
crash, leading to a denial of service, or possibly execute arbitrary code.
(CVE-2023-43787)
Alan Coopersmith discovered that libXpm incorrectly handled certain
malformed XPM image files. If a user were tricked into opening a specially
crafted XPM image file, a remote attacker could possibly use this issue to
cause libXpm to crash, leading to a denial of service. (CVE-2023-43788,
CVE-2023-43789)
More Stories
USN-7415-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
Kubernetes Ingress-nginx Controller RCE
What is the Vulnerability?On March 24, researchers disclosed a set of five vulnerabilities, collectively known as "IngressNightmare,” affecting Ingress-nginx, one...
perl-Compress-Raw-Lzma-2.212-6.fc41 xz-5.8.1-1.fc41.1
FEDORA-2025-051becf4f2 Packages in this update: perl-Compress-Raw-Lzma-2.212-6.fc41 xz-5.8.1-1.fc41.1 Update description: xz 5.8.1 Read More
perl-Compress-Raw-Lzma-2.209-9.fc40 xz-5.8.1-1.1.fc40
FEDORA-2025-4871b31998 Packages in this update: perl-Compress-Raw-Lzma-2.209-9.fc40 xz-5.8.1-1.1.fc40 Update description: xz 5.8.1 Read More
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. ...
A Vulnerability in Ivanti Products Could Allow for Remote Code Execution
A Vulnerability has been discovered in Ivanti Connect Secure, Policy Secure, and ZTA Gateways which could allow for remote code...