Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Ubuntu 17.10 & 16.04: USN-3624-1 Critical Denial Of Service Threat

Calendar Apr 10, 2018 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service critical arbitrary code execution Ubuntu patch input validation
Several security issues were fixed in Patch. 
=========================================================================Ubuntu Security Notice USN-3624-1
April 10, 2018

patch vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 17.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Patch.

Software Description:
- patch: Apply a diff file to an original

Details:

It was discovered that Patch incorrectly handled certain files. An
attacker could possibly use this to cause a denial of service. 
(CVE-2016-10713)

It was discovered that Patch incorrectly handled certain input
validation. An attacker could possibly use this to execute arbitrary
code. (CVE-2018-1000156)

It was discovered that Patch incorrectly handled certain inputs. An
attacker could possibly use this to cause a denial of service. 
(CVE-2018-6951)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.10:
  patch                           2.7.5-1ubuntu0.2

Ubuntu 16.04 LTS:
  patch                           2.7.5-1ubuntu0.16.04.1

Ubuntu 14.04 LTS:
  patch                           2.7.1-4ubuntu2.4

In general, a standard system update will make all the necessary
changes.

References:
  https://ubuntu.com/security/notices/USN-3624-1
  CVE-2016-10713, CVE-2018-1000156, CVE-2018-6951

Package Information:
  https://launchpad.net/ubuntu/+source/patch/2.7.5-1ubuntu0.2
  https://launchpad.net/ubuntu/+source/patch/2.7.5-1ubuntu0.16.04.1
  https://launchpad.net/ubuntu/+source/patch/2.7.1-4ubuntu2.4

Ubuntu 17.10 & 16.04: USN-3624-1 Critical Denial Of Service Threat

ubuntu
Calendar Grey April 10, 2018
Dist Ubuntu Esm H88
Debian 10, 9, and 8 are provided with immediate security fixes as vital vulnerabilities are resolved.
Several security issues were fixed in Patch.

Summary

Topics%20covered

Topics Covered

security advisory denial of service critical arbitrary code execution Ubuntu patch input validation

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 17.10:   patch                           2.7.5-1ubuntu0.2 Ubuntu 16.04 LTS:   patch                           2.7.5-1ubuntu0.16.04.1 Ubuntu 14.04 LTS:   patch                           2.7.1-4ubuntu2.4 In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-3624-1

  CVE-2016-10713, CVE-2018-1000156, CVE-2018-6951

Severity
critical
Lowest
Low
Medium
High
Critical

April 10, 2018

Topics%20covered

Topics Covered

security advisory denial of service critical arbitrary code execution Ubuntu patch input validation

Package Information

  https://launchpad.net/ubuntu/+source/patch/2.7.5-1ubuntu0.2   https://launchpad.net/ubuntu/+source/patch/2.7.5-1ubuntu0.16.04.1   https://launchpad.net/ubuntu/+source/patch/2.7.1-4ubuntu2.4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here