Ubuntu Update For Json-c USN-2245-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Florian Weimer discovered that json-c incorrectly handled buffer lengths. An attacker could use this issue with a specially-crafted large JSON document to cause json-c to crash, resulting in a denial of service. (CVE-2013-6370) Florian Weimer discovered that json-c incorrectly handled hash arrays. An attacker could use this issue with a specially-crafted JSON document to cause json-c to consume CPU resources, resulting in a denial of service. (CVE-2013-6371)

Affected

json-c on Ubuntu 14.04 LTS , Ubuntu 13.10 , Ubuntu 12.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2014-June/002546.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-6370, CVE-2013-6371
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Ubuntu Update for dovecot USN-1143-1
Ubuntu Update for apache2 vulnerabilities USN-575-1
Ubuntu Update for bluez-utils vulnerability USN-413-1
Ubuntu Update for curl USN-2058-1
Ubuntu Update for acpid USN-1296-1

Ubuntu Update for json-c USN-2245-1

Take action and discover your vulnerabilities