Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

Ubuntu 17.04 USN-3311-1 Critical: libnl Denial Of Service Risk

ubuntu
Calendar Grey June 6, 2017
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-3312-1 reports on a critical flaw in libcurl that poses threats to various distributions, potentially leading to data leaks.
libnl could be made to crash or run programs.

Summary

libnl could be made to crash or run programs.

Software Description:

- libnl3: library for dealing with netlink sockets

Details:

It was discovered that libnl incorrectly handled memory when performing

certain operations. A local attacker could possibly use this issue to cause

libnl to crash, resulting in a denial of service, or execute arbitrary

code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.04:
  libnl-3-200                     3.2.29-0ubuntu2.1

Ubuntu 16.10:
  libnl-3-200                     3.2.27-1ubuntu0.16.10.1

Ubuntu 16.04 LTS:
  libnl-3-200                     3.2.27-1ubuntu0.16.04.1

Ubuntu 14.04 LTS:
  libnl-3-200                     3.2.21-1ubuntu4.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3311-1

CVE-2017-0553

Severity
critical
Lowest
Low
Medium
High
Critical

June 06, 2017

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.