USN-4631-1: libmaxminddb vulnerability

12 November 2020

libmaxminddb could be made to crash if it received specially crafted data.

Releases

Packages

  • libmaxminddb - C library for the MaxMind DB file format

Details

It was discovered that libmaxminddb incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause
applications using libmaxminddb to crash, resulting in a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.10
Ubuntu 20.04

In general, a standard system update will make all the necessary changes.

References