Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Ubuntu 18.04 LTS and 16.04 LTS: USN-3911-2 Critical File Regression

ubuntu
Calendar Grey May 13, 2020
Dist Ubuntu Esm H88
A vulnerability concern impacts Ubuntu 20.04 LTS and 22.04 LTS owing to a recent patch that rectifies previous security flaws.
USN-3911-1 introduced a regression in file.

Summary

USN-3911-1 introduced a regression in file.

Software Description:

- file: Tool to determine file types

Details:

USN-3911-1 fixed vulnerabilities in file. One of the backported security

fixes introduced a regression that caused the interpreter string to be

truncated. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that file incorrectly handled certain malformed ELF

files. An attacker could use this issue to cause a denial of service, or

possibly execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  file                            1:5.32-2ubuntu0.4
  libmagic1                       1:5.32-2ubuntu0.4

Ubuntu 16.04 LTS:
  file                            1:5.25-2ubuntu1.4
  libmagic1                       1:5.25-2ubuntu1.4

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3911-2

https://ubuntu.com/security/notices/USN-3911-1

https://bugs.launchpad.net/ubuntu/+source/file/+bug/1835596

Severity
critical
Lowest
Low
Medium
High
Critical

May 13, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here