USN-5173-2: libmodbus vulnerabilities
9 December 2021
libmodbus could be made to crash if it received specially crafted input.
Releases
Packages
- libmodbus - Library to send/receive data according to the Modbus protocol
Details
USN-5173-1 fixed vulnerabilities in libmodbus.
This update provides the corresponding updates for Ubuntu 14.04 ESM and
Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libmodbus incorrectly handled inputs. An attacker
could possibly use this issue to cause a denial of service or other
unspecified impact.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04
-
libmodbus5
-
3.0.6-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 14.04
-
libmodbus5
-
3.0.5-1ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-5173-1: libmodbus-dev, libmodbus, libmodbus5