Your submission was sent successfully! Close

CVE-2022-3515

Published: 17 October 2022

Integer Overflow in LibKSBA

From the Ubuntu Security Team

It was discovered that an integer overflow could be triggered in Libksba when decoding certain data. An attacker could use this issue to cause a denial of service (application crash) or possibly execute arbitrary code.

Priority

High

Status

Package Release Status
libksba
Launchpad, Ubuntu, Debian
bionic
Released (1.3.5-2ubuntu0.18.04.1)
focal
Released (1.3.5-2ubuntu0.20.04.1)
jammy
Released (1.6.0-2ubuntu0.1)
kinetic
Released (1.6.0-3ubuntu1)
trusty
Released (1.3.0-3ubuntu0.14.04.2+esm1)
upstream
Released (1.6.2-1)
xenial
Released (1.3.3-1ubuntu0.16.04.1+esm1)
Patches:
upstream: https://dev.gnupg.org/rK4b7d9cd4a018898d7714ce06f3faf2626c14582b