Login
Newsletter
Werbung

Sicherheit: Zwei Probleme in GNU C Library
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in GNU C Library
ID: USN-4954-1
Distribution: Ubuntu
Plattformen: Ubuntu 16.04 LTS
Datum: Fr, 14. Mai 2021, 07:07
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5155
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
Applikationen: GNU C library

Originalnachricht


--===============5516680941306010310==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="X0Oy6HxjCebmfbjw"
Content-Disposition: inline


--X0Oy6HxjCebmfbjw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-4954-1
May 14, 2021

glibc vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in GNU C Library.

Software Description:
- glibc: GNU C Library

Details:

Jason Royes and Samuel Dytrych discovered that the memcpy()
implementation for 32 bit ARM processors in the GNU C Library contained
an integer underflow vulnerability. An attacker could possibly use
this to cause a denial of service (application crash) or execute
arbitrary code. (CVE-2020-6096)

It was discovered that the POSIX regex implementation in the GNU C
Library did not properly parse alternatives. An attacker could use this
to cause a denial of service. (CVE-2009-5155)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
libc6 2.23-0ubuntu11.3

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-4954-1
CVE-2009-5155, CVE-2020-6096


--X0Oy6HxjCebmfbjw
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAmCdx8sACgkQLwmejQBe
gfTDYRAAqnFQL33FTYFAaSR5PXMg/um9naER6ATG3lb7Wu0k+QYE5dK1XSgUDe2Y
140yeexhxLM0NTvAT726u0REwh4EC02EbT7EUU79rH8sNRIB2nIDqD1vX3AQVwUf
ZsMf9n3LAoFZtpP8O/eomcJpKh+gMBSp5AiBzSwsnfKKXVSR1OFjHgYQAcmH0nxf
S7svM+ozQLj9XXOXeuBjUDnA2s9OVokSO1lvMlp6zxA2os2UkwYgLYH5rjppUFQR
G7Y7jtTFl4L06oP78UyssgSz/OE9S5FJIBLAHtuAOaWxAfbV6at/4OfAUeXCDH0v
c9uQayRE8aKjsWlACyR4TrPSRmy3yWKymX9NoT4a+Q8WAC6tSRQjpr6PfjzM/lSj
6ng45RzVrM8/vnpBz5fO2wLaN5rz+LEzjEEY/239fcbMSFYUrSsjI+3YowAp0d09
e1liB6eZgX1fWy4DCsmDw6l2mH/ViNo30PBPxmsI7Cc2wrBtfMYMZ/ypkD3gSZCJ
vT5N2pa3W6QEHvTBd79YGKyaYGh0Kl6+l22MHAppXjY8VOXwBbUDvOGQjAP9fgCk
0VcxOx4qjM2TfqyYjMO+sPUmSgDhOTz6g8XHlxu9UP1kaBgjje6dytf/xCjxWi/6
9PMdkQyS6gq8Svtf4+ZHRRgCq/lAEGyRNxb4hYpXHdUatWS9A1Y=
=mFfm
-----END PGP SIGNATURE-----

--X0Oy6HxjCebmfbjw--


--===============5516680941306010310==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung