First published: Mon Nov 12 2018(Updated: )
It was discovered libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service. (CVE-2018-18584, CVE-2018-18585)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libmspack0 | <0.7-1ubuntu0.1 | 0.7-1ubuntu0.1 |
=18.10 | ||
All of | ||
ubuntu/libmspack0 | <0.6-3ubuntu0.2 | 0.6-3ubuntu0.2 |
=18.04 | ||
All of | ||
ubuntu/libmspack0 | <0.5-1ubuntu0.16.04.3 | 0.5-1ubuntu0.16.04.3 |
=16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for libmspack is CVE-2018-18584 and CVE-2018-18585.
The libmspack vulnerabilities could cause the application to crash, resulting in a denial of service.
Versions 0.7-1ubuntu0.1, 0.6-3ubuntu0.2, and 0.5-1ubuntu0.16.04.3 of libmspack are affected.
To fix the libmspack vulnerabilities on Ubuntu 18.10, update the libmspack0 package to version 0.7-1ubuntu0.1.
You can find more information about the libmspack vulnerabilities at the following references: CVE-2018-18584, CVE-2018-18585, and USN-3814-2.