14 DAY TRIAL // Canonical has announced that a couple of json-c vulnerabilities have been identified in its Ubuntu 14.04 LTS, Ubuntu 13.10, Ubuntu 12.10, and Ubuntu 12.04 LTS operating systems.
Canonical has also released an update to take care of these small problems, and users have been advised to upgrade their systems as soon as possible.
“Florian Weimer discovered that json-c incorrectly handled buffer lengths. An attacker could use this issue with a specially-crafted large JSON document to cause json-c to crash, resulting in a denial of service,” reads the security notice.
Also, the same developer discovered that “json-c incorrectly handled hash arrays. An attacker could use this issue with a specially-crafted JSON document to cause json-c to consume CPU resources, resulting in a denial of service.”
For a more detailed description of the problems, you can see Canonical's security notification.
The flaws can be fixed if you upgrade your system(s) to the latest libjson0packages specific to each distribution. To apply the patch, run the Update Manager application; or you can open a terminal and enter the following commands (you will need to be root for this to work):
sudo apt-get update sudo apt-get dist-upgrade In general, a standard system update will make all the necessary changes and users won't have to restart the PC or the laptop in order to apply the patch.