USN-7505-1

It was discovered that Abseil incorrectly handled memory with the upper bound of the size argument. An attacker could possibly use this issue to cause a denial of service or memory corruption.

References

Affected packages

Ubuntu:22.04:LTS / abseil

Package

Name: abseil
Purl: pkg:deb/ubuntu/abseil@0~20210324.2-2ubuntu0.2?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0~20210324.2-2ubuntu0.2

Affected versions

0~20200923.*

0~20200923.3-3ubuntu1

0~20210324.*

0~20210324.2-2

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libabsl-dev",
            "binary_version": "0~20210324.2-2ubuntu0.2"
        },
        {
            "binary_name": "libabsl20210324",
            "binary_version": "0~20210324.2-2ubuntu0.2"
        },
        {
            "binary_name": "libabsl20210324-dbgsym",
            "binary_version": "0~20210324.2-2ubuntu0.2"
        }
    ]
}

Ubuntu:24.04:LTS / abseil

Package

Name: abseil
Purl: pkg:deb/ubuntu/abseil@20220623.1-3.1ubuntu3.2?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20220623.1-3.1ubuntu3.2

Affected versions

20220623.*

20220623.1-3

20220623.1-3.1ubuntu1

20220623.1-3.1ubuntu3

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libabsl-dev",
            "binary_version": "20220623.1-3.1ubuntu3.2"
        },
        {
            "binary_name": "libabsl20220623t64",
            "binary_version": "20220623.1-3.1ubuntu3.2"
        },
        {
            "binary_name": "libabsl20220623t64-dbgsym",
            "binary_version": "20220623.1-3.1ubuntu3.2"
        }
    ]
}

Ubuntu:25.04 / abseil

Package

Name: abseil
Purl: pkg:deb/ubuntu/abseil@20230802.1-4.2ubuntu0.2?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20230802.1-4.2ubuntu0.2

Affected versions

20230802.*

20230802.1-4ubuntu1

20230802.1-4ubuntu2

20230802.1-4.2

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libabsl-dev",
            "binary_version": "20230802.1-4.2ubuntu0.2"
        },
        {
            "binary_name": "libabsl20230802",
            "binary_version": "20230802.1-4.2ubuntu0.2"
        },
        {
            "binary_name": "libabsl20230802-dbgsym",
            "binary_version": "20230802.1-4.2ubuntu0.2"
        }
    ]
}