USN-6422-1

Source

https://ubuntu.com/security/notices/USN-6422-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-6422-1.json

Related

Published

2023-10-09T15:09:52.233384Z

Modified

2023-10-09T15:09:52.233384Z

Details

It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-43299, CVE-2021-43300, CVE-2021-43301, CVE-2021-43302, CVE-2021-43303, CVE-2021-43804, CVE-2021-43845, CVE-2022-21723, CVE-2022-23537, CVE-2022-23547, CVE-2022-23608, CVE-2022-24754, CVE-2022-24763, CVE-2022-24764, CVE-2022-24793, CVE-2022-31031, CVE-2022-39244)

References

Affected packages

Ubuntu:Pro:18.04:LTS / ring

Package

Name: ring

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

20180228.1.503da2b~ds1-1ubuntu0.1~esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "ring-daemon": "20180228.1.503da2b~ds1-1ubuntu0.1~esm1",
            "ring": "20180228.1.503da2b~ds1-1ubuntu0.1~esm1"
        }
    ]
}

Ubuntu:20.04:LTS / ring

Package

Name: ring

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "jami": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1",
            "ring-daemon": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1",
            "jami-daemon": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1",
            "ring": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1"
        }
    ]
}