Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 543
Alerts This Week
Warning Icon 1 543

Ubuntu 18.04 LTS USN-5054-1 Moderate: Risk of uWSGI Crashes Identified

ubuntu
Calendar Grey August 30, 2021
Dist Ubuntu Esm H88
Recently, Security Alert USN-5054-1 exposes a severe vulnerability in uWSGI, which could lead to system instability and exploitation through specially designed input.
uWSGI could be made to crash if it received specially crafted input.

Summary

uWSGI could be made to crash if it received specially crafted

input.

Software Description:

- uwsgi: fast, self-healing application container server

Details:

Felix Wilhelm discovered a buffer overflow flaw in the mod_proxy_uwsgi module.

An attacker could use this vulnerability to provoke an information disclosure

or potentially remote code execution.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libapache2-mod-proxy-uwsgi      2.0.15-10.2ubuntu2.2
  libapache2-mod-ruwsgi           2.0.15-10.2ubuntu2.2
  libapache2-mod-uwsgi            2.0.15-10.2ubuntu2.2
  uwsgi                           2.0.15-10.2ubuntu2.2
  uwsgi-core                      2.0.15-10.2ubuntu2.2

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5054-1

CVE-2020-11984

August 30, 2021

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.