Not a user yet?
Log in Register for free Suggest a product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Update

USN-7661-1: GoBGP vulnerabilities

Ubuntu DesktopUbuntu Desktop
Canonical
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

USN-7661-1: GoBGP vulnerabilities
Publication date: 22 July 2025
Overview: Several security issues were fixed in GoBGP.

Packages
gobgp - BGP implementation in Go

Details
It was discovered that GoBGP did not properly manage memory under
certain circumstances, which could lead to a buffer overflow. An
attacker could possibly use this issue to cause a denial of service. This
issue was only addressed in Ubuntu 22.04 LTS and Ubuntu 20.04 LTS.
(CVE-2023-46565)

It was discovered that GoBGP did not properly verify the length of
certain inputs. An attacker could possibly use this issue to cause a
panic resulting in a denial of service.
(CVE-2025-43970, CVE-2025-43971, CVE-2025-43972, CVE-2025-43973)

Update instructions
The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
24.04 noble

  • gobgpd – 3.23.0-1ubuntu0.3+esm2
  • golang-github-osrg-gobgp-dev – 3.23.0-1ubuntu0.3+esm2
    22.04 jammy
  • gobgpd – 2.25.0-3ubuntu0.1+esm2
  • golang-github-osrg-gobgp-dev – 2.25.0-3ubuntu0.1+esm2
    20.04 focal
  • gobgpd – 2.12.0-1ubuntu0.1~esm2
  • golang-github-osrg-gobgp-dev – 2.12.0-1ubuntu0.1~esm2
    18.04 bionic
  • gobgpd – 1.29-1ubuntu0.1+esm1
  • golang-github-osrg-gobgp-dev – 1.29-1ubuntu0.1+esm1
Version: 24.04 LTS Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Canonical Ubuntu Desktop updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad