Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Ubuntu 19.10: USN-4242-1 Critical Sysstat Code Execution Threat

ubuntu
Calendar Grey January 20, 2020
Dist Ubuntu Esm H88
Recent vulnerabilities addressed in Sysstat impacting various Ubuntu releases. Please update your system for enhanced security.
Several security issues were fixed in Sysstat.

Summary

Several security issues were fixed in Sysstat.

Software Description:

- sysstat: system performance tools for Linux

Details:

It was discovered that Sysstat incorrectly handled certain inputs.

An attacker could possibly use this issue to cause a crash or execute

arbitrary code. This issue only affected Ubuntu 19.04 and Ubuntu 19.10.

(CVE-2019-16167)

It was discovered that Sysstat incorrectly handled certain inputs.

An attacker could possibly use this issue to execute arbitrary code.

(CVE-2019-19725)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
  sysstat                         12.0.6-1ubuntu0.1

Ubuntu 19.04:
  sysstat                         12.0.1-1ubuntu0.1

Ubuntu 18.04 LTS:
  sysstat                         11.6.1-1ubuntu0.1

Ubuntu 16.04 LTS:
  sysstat                         11.2.0-1ubuntu0.3

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4242-1

CVE-2019-16167, CVE-2019-19725

Severity
critical
Lowest
Low
Medium
High
Critical

January 20, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here