Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 20.04, 18.04, 16.04 LTS: USN-4450-1 Moderate Whoopsie DoS

ubuntu
Calendar Grey August 4, 2020
Dist Ubuntu Esm H88
Recent findings reveal significant vulnerabilities in Ubuntu LTS versions 20.04, 18.04, and 16.04, urging users to update promptly to enhance security
Several security issues were fixed in whoopsie.

Summary

Several security issues were fixed in whoopsie.

Software Description:

- whoopsie: Ubuntu error tracker submission

Details:

Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A

local attacker could use this issue to cause Whoopsie to consume memory,

resulting in a denial of service. (CVE-2020-11937)

Seong-Joong Kim discovered that Whoopsie incorrectly handled parsing files.

A local attacker could use this issue to cause Whoopsie to crash, resulting

in a denial of service, or possibly execute arbitrary code.

(CVE-2020-12135)

Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A

local attacker could use this issue to cause Whoopsie to consume memory,

resulting in a denial of service. (CVE-2020-15570)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
  libwhoopsie0                    0.2.69ubuntu0.1
  whoopsie                        0.2.69ubuntu0.1

Ubuntu 18.04 LTS:
  libwhoopsie0                    0.2.62ubuntu0.5
  whoopsie                        0.2.62ubuntu0.5

Ubuntu 16.04 LTS:
  libwhoopsie0                    0.2.52.5ubuntu0.5
  whoopsie                        0.2.52.5ubuntu0.5

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-4450-1

CVE-2020-11937, CVE-2020-12135, CVE-2020-15570

Severity
important
Lowest
Low
Medium
High
Critical

August 04, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here