- Vulnerability/
- USN-3228-1
USN-3228-1: libevent vulnerabilities
First published: Mon Mar 13 2017(Updated: )
Guido Vranken discovered that libevent incorrectly handled memory when processing certain data. A remote attacker could possibly use this issue with an application that uses libevent to cause a denial of service, or possibly execute arbitrary code.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libevent-2.0-5 | <2.0.21-stable-2ubuntu0.16.10.1 | 2.0.21-stable-2ubuntu0.16.10.1 |
| Ubuntu gir1.2-packagekitglib-1.0 | =16.10 | |
| All of | ||
| ubuntu/libevent-2.0-5 | <2.0.21-stable-2ubuntu0.16.04.1 | 2.0.21-stable-2ubuntu0.16.04.1 |
| Ubuntu gir1.2-packagekitglib-1.0 | =16.04 | |
| All of | ||
| ubuntu/libevent-2.0-5 | <2.0.21-stable-1ubuntu1.14.04.2 | 2.0.21-stable-1ubuntu1.14.04.2 |
| Ubuntu gir1.2-packagekitglib-1.0 | =14.04 | |
| All of | ||
| ubuntu/libevent-2.0-5 | <2.0.16-stable-1ubuntu0.2 | 2.0.16-stable-1ubuntu0.2 |
| Ubuntu gir1.2-packagekitglib-1.0 | =12.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2016-10195
- https://ubuntu.com/security/CVE-2016-10196
- https://ubuntu.com/security/CVE-2016-10197
- https://ubuntu.com/security/notices/USN-3278-1
- https://launchpad.net/ubuntu/+source/libevent/2.0.21-stable-2ubuntu0.16.10.1
- https://launchpad.net/ubuntu/+source/libevent/2.0.21-stable-2ubuntu0.16.04.1
- https://launchpad.net/ubuntu/+source/libevent/2.0.21-stable-1ubuntu1.14.04.2
- https://launchpad.net/ubuntu/+source/libevent/2.0.16-stable-1ubuntu0.2
- https://ubuntu.com/security/notices/USN-3228-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-3228-1?
The severity of USN-3228-1 is critical due to potential denial of service and arbitrary code execution risks.
How do I fix USN-3228-1?
To fix USN-3228-1, update libevent to the latest patched version provided for your Ubuntu version.
What vulnerability does USN-3228-1 address?
USN-3228-1 addresses vulnerabilities in libevent that could lead to memory handling issues, potentially allowing for remote denial of service or code execution.
Which versions of Ubuntu are affected by USN-3228-1?
USN-3228-1 affects Ubuntu versions 16.10, 16.04, 14.04, and 12.04 with specific versions of libevent.
Who discovered the issue reported in USN-3228-1?
The issue reported in USN-3228-1 was discovered by Guido Vranken.
- agent/severity
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/title
- agent/references
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu gir1.2-packagekitglib-1.0
- version/ubuntu gir1.2-packagekitglib-1.0/16.10
- version/ubuntu gir1.2-packagekitglib-1.0/16.04
- version/ubuntu gir1.2-packagekitglib-1.0/14.04
- version/ubuntu gir1.2-packagekitglib-1.0/12.04