Your submission was sent successfully! Close


Published: 31 July 2019

An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301.

From the Ubuntu security team

It was discovered that libmodbus incorrectly handled inputs. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.



CVSS 3 base score: 9.1


Package Release Status
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.10 (Impish Indri) Not vulnerable
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
Ubuntu 18.04 LTS (Bionic Beaver)
Released (3.0.6-2+deb9u1build0.18.04.1)
Ubuntu 16.04 ESM (Xenial Xerus) Ignored
(end of standard support, was needed)
Ubuntu 14.04 ESM (Trusty Tahr) Needed

Upstream: (3.1.5)
Upstream: (3.1.5)
Upstream: (3.1.5)
Upstream: (3.0.7)
Upstream: (3.0.8)