| Package | libmodbus |
|---|---|
| Version | 3.0.6-1+deb8u2 (jessie), 3.0.6-2+deb9u2 (stretch), 3.1.4-2+deb10u3 (buster) |
| Related CVEs | CVE-2024-10918 |
Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response the function tries to reply to a Modbus request with an unexpect length.
For Debian 10 buster, these problems have been fixed in version 3.1.4-2+deb10u3.
For Debian 8 jessie, these problems have been fixed in version 3.0.6-1+deb8u2.
For Debian 9 stretch, these problems have been fixed in version 3.0.6-2+deb9u2.
We recommend that you upgrade your libmodbus packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.