Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Ubuntu 21.04: USN-5004-1 Critical: RabbitMQ Denial Of Service

ubuntu
Calendar Grey June 24, 2021
Dist Ubuntu Esm H88
Stay informed on the RabbitMQ security flaws impacting various Ubuntu versions and discover prompt mitigation strategies.
Several security issues were fixed in rabbitmq-server.

Summary

Several security issues were fixed in rabbitmq-server.

Software Description:

- rabbitmq-server: AMQP server written in Erlang

Details:

It was discovered that RabbitMQ incorrectly handled certain inputs.

An attacker could possibly use this issue to cause a denial of service. This

issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2019-11287)

Jonathan Knudsen discovered RabbitMQ incorrectly handled certain inputs.

An attacker could possibly use this issue to cause a denial of service.

(CVE-2021-22116)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
  rabbitmq-server                 3.8.9-2ubuntu0.1

Ubuntu 20.10:
  rabbitmq-server                 3.8.5-1ubuntu0.2

Ubuntu 20.04 LTS:
  rabbitmq-server                 3.8.2-0ubuntu1.3

Ubuntu 18.04 LTS:
  rabbitmq-server                 3.6.10-1ubuntu0.5

Ubuntu 16.04 ESM:
  rabbitmq-server                 3.5.7-1ubuntu0.16.04.4+esm1

In general, a standard system update will make all the necessary changes.

References

CVE-2019-11287, CVE-2021-22116

Severity
critical
Lowest
Low
Medium
High
Critical

June 24, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here