Packages
- lwip - Lightweight TCP/IP stack
Details
It was discovered that lwIP contained a buffer overflow in the EAP
authentication handling code. An attacker could possibly use this issue
to trigger a buffer overflow, resulting in arbitrary code execution or a
denial of service. This issue only affected Ubuntu 20.04 LTS.
(CVE-2020-8597)
It was discovered that lwIP incorrectly handled certain ICMPv6 or
6LoWPAN packets. An attacker could possibly use this issue to trigger a
buffer overflow, resulting in information disclosure. This issue only
affected Ubuntu 20.04 LTS. (CVE-2020-22283, CVE-2020-22284)
It was discovered that lwIP did not properly validate certain SNMPv3
authentication parameters. An attacker could possibly use this issue to
trigger a stack-based buffer overflow, resulting in arbitrary code
execution or a denial of service. (
It was discovered that lwIP contained a buffer overflow in the EAP
authentication handling code. An attacker could possibly use this issue
to trigger a buffer overflow, resulting in arbitrary code execution or a
denial of service. This issue only affected Ubuntu 20.04 LTS.
(CVE-2020-8597)
It was discovered that lwIP incorrectly handled certain ICMPv6 or
6LoWPAN packets. An attacker could possibly use this issue to trigger a
buffer overflow, resulting in information disclosure. This issue only
affected Ubuntu 20.04 LTS. (CVE-2020-22283, CVE-2020-22284)
It was discovered that lwIP did not properly validate certain SNMPv3
authentication parameters. An attacker could possibly use this issue to
trigger a stack-based buffer overflow, resulting in arbitrary code
execution or a denial of service. (CVE-2026-8836)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 26.04 LTS resolute | liblwip-dev – 2.2.1+dfsg1-4ubuntu0.1~esm1 | ||
| liblwip-doc – 2.2.1+dfsg1-4ubuntu0.1~esm1 | |||
| liblwip0t64 – 2.2.1+dfsg1-4ubuntu0.1~esm1 | |||
| 24.04 LTS noble | liblwip-dev – 2.2.0+dfsg1-6.1ubuntu0.1~esm1 | ||
| liblwip-doc – 2.2.0+dfsg1-6.1ubuntu0.1~esm1 | |||
| liblwip0t64 – 2.2.0+dfsg1-6.1ubuntu0.1~esm1 | |||
| 22.04 LTS jammy | liblwip-dev – 2.1.3+dfsg1-1ubuntu0.1~esm1 | ||
| liblwip-doc – 2.1.3+dfsg1-1ubuntu0.1~esm1 | |||
| liblwip0 – 2.1.3+dfsg1-1ubuntu0.1~esm1 | |||
| 20.04 LTS focal | liblwip-dev – 2.1.2+dfsg1-4ubuntu0.1~esm1 | ||
| liblwip-doc – 2.1.2+dfsg1-4ubuntu0.1~esm1 | |||
| liblwip0 – 2.1.2+dfsg1-4ubuntu0.1~esm1 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.