Ubuntu Security Update USN-8406-1: Net::CIDR::Lite vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,906
Reaction score
75
Credits
-1,257
Dave Rolsky discovered that Net::CIDR::Lite did not properly handle extraneous zero characters at the beginning of an IP address string. A remote attacker could possibly use this issue to bypass access controls that are based on IP addresses. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2021-47154) It was discovered that Net::CIDR::Lite did not properly validate the IPv6 group count when handling uncompressed IPv6 addresses. A remote attacker could possibly use this issue to bypass access controls. (CVE-2026-40198) It was discovered that Net::CIDR::Lite mishandled IPv4 mapped IPv6 addresses. A remote attacker could possibly use this issue to bypass access controls that are based on IP addresses. (CVE-2026-40199)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-8110-1: Net-CIDR vulnerability
Replies
0
Views
73
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8216-1: .NET vulnerabilities
Replies
0
Views
136
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8176-1: .NET vulnerabilities
Replies
0
Views
137
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8284-1: GnuTLS vulnerabilities
Replies
0
Views
129
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8354-1: nginx vulnerabilities
Replies
0
Views
85
LinuxBot
LinuxBot


Follow Linux.org

Members online

No members online now.
Total: 2,793 (members: 0, guests: 2,793)

Latest posts

Top