Security News

Cybersecurity news aggregator

🐧
MEDIUM Vulnerabilities Ubuntu Security

USN-8024-1: Libwebsockets vulnerabilities

libwebsocketscve-2025-11677cve-2025-11678ubuntumitre-ta0001
  • What: Two vulnerabilities were discovered in Libwebsockets related to memory handling and buffer size checking.
  • Impact: An attacker could cause a denial of service or potentially execute arbitrary code.
  • Affected: Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
  • CVE: CVE-2025-11677, CVE-2025-11678
Read Full Article →

Raffaele Bova discovered that Libwebsockets incorrectly handled memory when the upgrade header is not valid in the WebSocket server. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-11677) Raffaele Bova discovered that Libwebsockets did not properly check the size of the destination buffer in the async-dns component. An attacker could possibly use this issue to cause applications to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-11678)

Related Articles

HIGH USN-7985-1: TeX Live vulnerabilities Ubuntu Security MEDIUM USN-8009-1: Django vulnerabilities Ubuntu Security HIGH USN-8011-1: Emacs vulnerabilities Ubuntu Security MEDIUM USN-8027-1: Python-Multipart vulnerabilities Ubuntu Security
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn