drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in GNU C Library (Aktualisierung)
| Name: |
Ausführen beliebiger Kommandos in GNU C Library (Aktualisierung) |
|
| ID: |
USN-7259-3 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 14.04 LTS |
|
| Datum: |
Mo, 10. Februar 2025, 19:16 |
|
| Referenzen: |
https://www.cve.org/CVERecord?id=CVE-2025-0395 |
|
| Applikationen: |
GNU C library |
|
| Update von: |
Ausführen beliebiger Kommandos in GNU C Library |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============8889491070199759139==
Content-Language: en-US
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="------------0Y0QuCWVjp3GhOKA2KRAVRMR"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------0Y0QuCWVjp3GhOKA2KRAVRMR
Content-Type: multipart/mixed;
boundary="------------1El2j5P076qn1pg9Ip6KD6BM";
protected-headers="v1"
From: Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>
Reply-To: security@ubuntu.com
To: ubuntu-security-announce@lists.ubuntu.com
Message-ID: <026e3eb4-1a34-4f38-a2f8-952664a8394d@canonical.com>
Subject: [USN-7259-3] GNU C Library vulnerability
--------------1El2j5P076qn1pg9Ip6KD6BM
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64
==========================================================================
Ubuntu Security Notice USN-7259-3
February 10, 2025
eglibc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
GNU C Library could be made to crash or run programs if it received
specially crafted input.
Software Description:
- eglibc: GNU C Library
Details:
USN-7259-1 fixed a vulnerability in GNU C Library. This update provides the
corresponding update for Ubuntu 14.04 LTS.
Original advisory details:
It was discovered that GNU C Library incorrectly handled memory when using
the assert function. An attacker could possibly use this issue to cause a
denial of service or execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS
libc6 2.19-0ubuntu6.15+esm4
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7259-3
https://ubuntu.com/security/notices/USN-7259-2
https://ubuntu.com/security/notices/USN-7259-1
CVE-2025-0395
--------------1El2j5P076qn1pg9Ip6KD6BM--
--------------0Y0QuCWVjp3GhOKA2KRAVRMR
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature.asc"
-----BEGIN PGP SIGNATURE-----
wsF5BAABCAAjFiEELOLXZEFYQHcSWEHiyfW2m9Ldu6sFAmeqI7IFAwAAAAAACgkQyfW2m9Ldu6vZ
gg/+P/JuWXNfwdnXQ3wWwuSLW4tGAtjsINRenwYNTdb6w7JhUq86Vs3cOaE4JgZEczeRLWWvr/bq
3GBEX0ymZhWOBfpTBv8gj3xTUYxRS353f99jodIZDOFBwisj/BqHnZX04iFL+GkusF/xcLPzKXAr
24YE3mTxp1D0aJgVYHXEFTQedr1IlndQrXCYBOHuSyCu7gdlMwFvlv3iHu6XcqEP+aF+tpYmkUQ+
N0r36qBlliYrFxlkCUqS/Rt7h22fqbJkaBNYNz5ECHtE1wF+tyK2rfFsYmWpb+OP/uGxRsUalT50
lz/KTq4WRGbvNSFIQYZl9XGynU+wCFvHKCLL8NcAqWqELguPp/1c753pDwfZvMIeRR034IXobxV+
uvp+v6nKMcYGb+bLnCclvz77SE+BCikfzmfaXbsabqY0iaBki/vt9SJxiTdZVqP7VjGcwZ4EoUEu
3rcHZJ9pSL59DcZcJl+oq6D08tPdcm1tZJI5gExpbrRIc7jmCey98Qb0jNMyV1WhQzHNr0Buh2NL
mgbjmXS0YZmANBHndHbMXAxGUa83hpXJi+uy5UrNlzvNMjq1EggNoS1OEoG4Y1PaHlE4jMoF0pd9
K288POisM3eDCX1LMNDhupyknptMVwOUg/GNKlkzi4rI4iYz+MKGICMOlqm9uhKL3tH/RyzXBWGK
cpg=
=eNz9
-----END PGP SIGNATURE-----
--------------0Y0QuCWVjp3GhOKA2KRAVRMR--
--===============8889491070199759139==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
Cg==
--===============8889491070199759139==--
|
|
|
|
