An out-of-bounds read flaw was found in w3m, in the growbuftoStr function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "low", "binaries": [ { "binary_version": "0.5.3-36ubuntu0.1+esm1", "binary_name": "w3m" }, { "binary_version": "0.5.3-36ubuntu0.1+esm1", "binary_name": "w3m-dbgsym" }, { "binary_version": "0.5.3-36ubuntu0.1+esm1", "binary_name": "w3m-img" }, { "binary_version": "0.5.3-36ubuntu0.1+esm1", "binary_name": "w3m-img-dbgsym" } ], "priority_reason": "Greatest impact is a crash (and therefore denial-of-service) in this command-line application - no real security impact." }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "0.5.3-37ubuntu0.2", "binary_name": "w3m" }, { "binary_version": "0.5.3-37ubuntu0.2", "binary_name": "w3m-dbgsym" }, { "binary_version": "0.5.3-37ubuntu0.2", "binary_name": "w3m-img" }, { "binary_version": "0.5.3-37ubuntu0.2", "binary_name": "w3m-img-dbgsym" } ], "priority_reason": "Greatest impact is a crash (and therefore denial-of-service) in this command-line application - no real security impact." }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "0.5.3+git20210102-6ubuntu0.2", "binary_name": "w3m" }, { "binary_version": "0.5.3+git20210102-6ubuntu0.2", "binary_name": "w3m-dbgsym" }, { "binary_version": "0.5.3+git20210102-6ubuntu0.2", "binary_name": "w3m-img" }, { "binary_version": "0.5.3+git20210102-6ubuntu0.2", "binary_name": "w3m-img-dbgsym" } ], "priority_reason": "Greatest impact is a crash (and therefore denial-of-service) in this command-line application - no real security impact." }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "0.5.3+git20230121-2ubuntu1", "binary_name": "w3m" }, { "binary_version": "0.5.3+git20230121-2ubuntu1", "binary_name": "w3m-dbgsym" }, { "binary_version": "0.5.3+git20230121-2ubuntu1", "binary_name": "w3m-img" }, { "binary_version": "0.5.3+git20230121-2ubuntu1", "binary_name": "w3m-img-dbgsym" } ], "priority_reason": "Greatest impact is a crash (and therefore denial-of-service) in this command-line application - no real security impact." }