{"id":"USN-6402-2","summary":"libtommath vulnerability","details":"USN-6402-1 fixed vulnerabilities in LibTomMath. This update\nprovides the corresponding updates for Ubuntu 23.10.\n\nOriginal advisory details:\n\n It was discovered that LibTomMath incorrectly handled certain inputs.\n An attacker could possibly use this issue to execute arbitrary code\n and cause a denial of service (DoS).\n","modified":"2026-02-04T02:57:04.086609Z","published":"2023-11-27T15:59:49.295427Z","related":["CVE-2023-36328","UBUNTU-CVE-2023-36328"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6402-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-36328"}],"affected":[{"package":{"name":"libtommath","ecosystem":"Ubuntu:23.10","purl":"pkg:deb/ubuntu/libtommath@1.2.0-6ubuntu0.23.10.1?arch=source&distro=mantic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.0-6ubuntu0.23.10.1"}]}],"versions":["1.2.0-6build3"],"ecosystem_specific":{"binaries":[{"binary_name":"libtommath-dev","binary_version":"1.2.0-6ubuntu0.23.10.1"},{"binary_name":"libtommath-doc","binary_version":"1.2.0-6ubuntu0.23.10.1"},{"binary_name":"libtommath1","binary_version":"1.2.0-6ubuntu0.23.10.1"},{"binary_name":"libtommath1-dbgsym","binary_version":"1.2.0-6ubuntu0.23.10.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6402-2.json"}}],"schema_version":"1.7.3"}