USN-6422-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-6422-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-6422-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-6422-1
Related
Published
2023-10-09T15:09:52.233384Z
Modified
2023-10-09T15:09:52.233384Z
Summary
ring vulnerabilities
Details

It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-37706)

It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-43299, CVE-2021-43300, CVE-2021-43301, CVE-2021-43302, CVE-2021-43303, CVE-2021-43804, CVE-2021-43845, CVE-2022-21723, CVE-2022-23537, CVE-2022-23547, CVE-2022-23608, CVE-2022-24754, CVE-2022-24763, CVE-2022-24764, CVE-2022-24793, CVE-2022-31031, CVE-2022-39244)

It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-21722)

It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-27585)

References

Affected packages

Ubuntu:Pro:18.04:LTS / ring

Package

Name
ring

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20180228.1.503da2b~ds1-1ubuntu0.1~esm1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "ring-daemon": "20180228.1.503da2b~ds1-1ubuntu0.1~esm1",
            "ring": "20180228.1.503da2b~ds1-1ubuntu0.1~esm1"
        }
    ]
}

Ubuntu:20.04:LTS / ring

Package

Name
ring

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "jami": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1",
            "ring-daemon": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1",
            "jami-daemon": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1",
            "ring": "20190215.1.f152c98~ds1-1+deb10u2build0.20.04.1"
        }
    ]
}