USN-6692-1: Gson vulnerability

Q: What is the severity of USN-6692-1?

The severity of USN-6692-1 is classified as a potential denial of service vulnerability.

Q: How do I fix USN-6692-1?

To fix USN-6692-1, upgrade to the patched versions of libgoogle-gson-java as specified in the advisory for your Ubuntu version.

Q: Which Ubuntu versions are affected by USN-6692-1?

USN-6692-1 affects Ubuntu 16.04, 18.04, 20.04, and 22.04 with specific versions of libgoogle-gson-java.

Q: What is the impact of the vulnerability identified by USN-6692-1?

The impact of the vulnerability identified by USN-6692-1 could allow a remote attacker to cause a denial of service.

Q: Is user intervention required for the USN-6692-1 vulnerability to be exploited?

Yes, user intervention is required as the vulnerability can be triggered by opening specially crafted input files.

Published Mar 12, 2024

Updated

It was discovered that Gson incorrectly handled deserialization of untrusted input data. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

Affected Software

8 affected componentsFixes available

All of the following

ubuntu/libgoogle-gson-java<2.8.8-1ubuntu0.1

2.8.8-1ubuntu0.1

Ubuntu Ubuntu=22.04

All of the following

ubuntu/libgoogle-gson-java<2.8.5-3+deb10u1build0.20.04.1

2.8.5-3+deb10u1build0.20.04.1

Ubuntu Ubuntu=20.04

All of the following

ubuntu/libgoogle-gson-java<2.8.5-3~18.04.1~esm1

2.8.5-3~18.04.1~esm1

Ubuntu Ubuntu=18.04

All of the following

ubuntu/libgoogle-gson-java<2.4-1ubuntu0.1~esm1

2.4-1ubuntu0.1~esm1

Ubuntu Ubuntu=16.04

Event History

Mar 12, 2024

Advisory Published

via Ubuntu·12:00 AM

Child vulnerabilities

Contains the following vulnerabilities.

CVE-2022-25647

Frequently Asked Questions

What is the severity of USN-6692-1?

The severity of USN-6692-1 is classified as a potential denial of service vulnerability.

How do I fix USN-6692-1?

To fix USN-6692-1, upgrade to the patched versions of libgoogle-gson-java as specified in the advisory for your Ubuntu version.

Which Ubuntu versions are affected by USN-6692-1?

USN-6692-1 affects Ubuntu 16.04, 18.04, 20.04, and 22.04 with specific versions of libgoogle-gson-java.

What is the impact of the vulnerability identified by USN-6692-1?

The impact of the vulnerability identified by USN-6692-1 could allow a remote attacker to cause a denial of service.

Is user intervention required for the USN-6692-1 vulnerability to be exploited?

Yes, user intervention is required as the vulnerability can be triggered by opening specially crafted input files.

USN-6692-1: Gson vulnerability

Affected Software

Event History

Child vulnerabilities

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the severity of USN-6692-1?

How do I fix USN-6692-1?

Which Ubuntu versions are affected by USN-6692-1?

What is the impact of the vulnerability identified by USN-6692-1?

Is user intervention required for the USN-6692-1 vulnerability to be exploited?

Company

Resources

Contact