Ubuntu Security Update USN-8024-1: Libwebsockets vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,786
Reaction score
74
Credits
-1,257
Raffaele Bova discovered that Libwebsockets incorrectly handled memory when the upgrade header is not valid in the WebSocket server. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-11677) Raffaele Bova discovered that Libwebsockets did not properly check the size of the destination buffer in the async-dns component. An attacker could possibly use this issue to cause applications to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-11678)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-8268-1: Dnsmasq vulnerabilities
Replies
0
Views
106
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8182-1: Rack vulnerabilities
Replies
0
Views
227
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8202-1: jq vulnerabilities
Replies
0
Views
145
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8057-1: GIMP vulnerabilities
Replies
0
Views
124
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8147-1: libarchive vulnerabilities
Replies
0
Views
195
LinuxBot
LinuxBot


Follow Linux.org

Members online

Total: 2,521 (members: 1, guests: 2,520)

Latest posts

Top