CVE-2024-1013

Publication date 18 March 2024

Last updated 24 July 2024


Ubuntu priority

An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.

Status

Package Ubuntu Release Status
unixodbc 24.10 oracular
Fixed 2.3.12-1ubuntu1
24.04 LTS noble
Fixed 2.3.12-1ubuntu0.24.04.1
23.10 mantic
Fixed 2.3.12-1ubuntu0.23.10.1
22.04 LTS jammy
Fixed 2.3.9-5ubuntu0.1
20.04 LTS focal
Fixed 2.3.6-0.1ubuntu0.1
18.04 LTS bionic
16.04 LTS xenial
14.04 LTS trusty
Needs evaluation

Get expanded security coverage with Ubuntu Pro

Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.

Get Ubuntu Pro

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
unixodbc