USN-6746-1: Google Guest Agent and Google OS Config Agent vulnerability
23 April 2024
Google Guest Agent and OS Config Agent could be made to crash if it open a specially crafted JSON.
Releases
Packages
- google-guest-agent - Google Compute Engine Guest Agent
- google-osconfig-agent - Google OS Config Agent
Details
It was discovered that Google Guest Agent and Google OS Config Agent incorrectly
handled certain JSON files. An attacker could possibly use this issue to
cause a denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.10
Ubuntu 22.04
-
google-guest-agent
-
20231004.02-0ubuntu1~22.04.4
-
google-osconfig-agent
-
20230504.00-0ubuntu1~22.04.1
In general, a standard system update will make all the necessary changes.