vulnerability

Amazon Linux AMI 2: CVE-2023-36328: Security patch for libtommath (ALASANSIBLE2-2023-010)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	2023-09-01	2023-09-28	2025-01-28

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

2023-09-01

Added

2023-09-28

Modified

2025-01-28

Description

Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS).

Solution(s)

amazon-linux-ami-2-upgrade-libtommathamazon-linux-ami-2-upgrade-libtommath-debuginfoamazon-linux-ami-2-upgrade-libtommath-devel

References

AMAZON-AL2/ALASANSIBLE2-2023-010
CVE-2023-36328
https://attackerkb.com/topics/CVE-2023-36328

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today