Lucene search

DebianDEBIAN:DLA-2825-1:4432C

HistoryNov 22, 2021 - 4:07 p.m.

[SECURITY] [DLA 2825-1] libmodbus security update

2021-11-2216:07:58

lists.debian.org

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

9.7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.3%

JSON

Debian LTS Advisory DLA-2825-1 [email protected]
https://www.debian.org/lts/security/ Thorsten Alteholz
November 22, 2021 https://wiki.debian.org/LTS

Package : libmodbus
Version : 3.0.6-2+deb9u1
CVE ID : CVE-2019-14462 CVE-2019-14463

Two issues have been found in libmodbus, a library for the Modbus
protocol.
Both issues are related to out of bound reads, which could result in a
denial of service or other unspecified impact.

For Debian 9 stretch, these problems have been fixed in version
3.0.6-2+deb9u1.

We recommend that you upgrade your libmodbus packages.

For the detailed security status of libmodbus please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libmodbus

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian10s390xlibmodbus5-dbgsym< 3.1.4-2+deb10u1libmodbus5-dbgsym_3.1.4-2+deb10u1_s390x.deb
Debian9amd64libmodbus5< 3.0.6-2+deb9u1libmodbus5_3.0.6-2+deb9u1_amd64.deb
Debian10mipslibmodbus5-dbgsym< 3.1.4-2+deb10u1libmodbus5-dbgsym_3.1.4-2+deb10u1_mips.deb
Debian10armellibmodbus5< 3.1.4-2+deb10u1libmodbus5_3.1.4-2+deb10u1_armel.deb
Debian10s390xlibmodbus-dev< 3.1.4-2+deb10u1libmodbus-dev_3.1.4-2+deb10u1_s390x.deb
Debian10mips64ellibmodbus5< 3.1.4-2+deb10u1libmodbus5_3.1.4-2+deb10u1_mips64el.deb
Debian9armhflibmodbus5< 3.0.6-2+deb9u1libmodbus5_3.0.6-2+deb9u1_armhf.deb
Debian10amd64libmodbus5-dbgsym< 3.1.4-2+deb10u1libmodbus5-dbgsym_3.1.4-2+deb10u1_amd64.deb
Debian9amd64libmodbus-dev< 3.0.6-2+deb9u1libmodbus-dev_3.0.6-2+deb9u1_amd64.deb
Debian10amd64libmodbus5< 3.1.4-2+deb10u1libmodbus5_3.1.4-2+deb10u1_amd64.deb

OS	Version	Architecture	Package	Version	Filename
Debian	10	s390x	libmodbus5-dbgsym	< 3.1.4-2+deb10u1	libmodbus5-dbgsym_3.1.4-2+deb10u1_s390x.deb
Debian	9	amd64	libmodbus5	< 3.0.6-2+deb9u1	libmodbus5_3.0.6-2+deb9u1_amd64.deb
Debian	10	mips	libmodbus5-dbgsym	< 3.1.4-2+deb10u1	libmodbus5-dbgsym_3.1.4-2+deb10u1_mips.deb
Debian	10	armel	libmodbus5	< 3.1.4-2+deb10u1	libmodbus5_3.1.4-2+deb10u1_armel.deb
Debian	10	s390x	libmodbus-dev	< 3.1.4-2+deb10u1	libmodbus-dev_3.1.4-2+deb10u1_s390x.deb
Debian	10	mips64el	libmodbus5	< 3.1.4-2+deb10u1	libmodbus5_3.1.4-2+deb10u1_mips64el.deb
Debian	9	armhf	libmodbus5	< 3.0.6-2+deb9u1	libmodbus5_3.0.6-2+deb9u1_armhf.deb
Debian	10	amd64	libmodbus5-dbgsym	< 3.1.4-2+deb10u1	libmodbus5-dbgsym_3.1.4-2+deb10u1_amd64.deb
Debian	9	amd64	libmodbus-dev	< 3.0.6-2+deb9u1	libmodbus-dev_3.0.6-2+deb9u1_amd64.deb
Debian	10	amd64	libmodbus5	< 3.1.4-2+deb10u1	libmodbus5_3.1.4-2+deb10u1_amd64.deb