[USN-5656-1] JACK vulnerability
Ian Constantin
ian.constantin at canonical.com
Tue Oct 4 23:00:49 UTC 2022
==========================================================================
Ubuntu Security Notice USN-5656-1
October 04, 2022
jackd2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
JACK could cause a crash in certain conditions.
Software Description:
- jackd2: JACK Audio Connection Kit (server and example clients)
Details:
Joseph Yasi discovered that JACK incorrectly handled the closing of a
socket in certain conditions. An attacker could potentially use this
issue to cause a crash.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
jackd2
1.9.10+20150825git1ed50c92~dfsg-1ubuntu1+esm1
jackd2-firewire
1.9.10+20150825git1ed50c92~dfsg-1ubuntu1+esm1
libjack-jackd2-0
1.9.10+20150825git1ed50c92~dfsg-1ubuntu1+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5656-1
CVE-2019-13351
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 659 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20221004/18b33f5a/attachment-0001.sig>
More information about the ubuntu-security-announce
mailing list