Alerts This Week
Warning Icon 1 681
Alerts This Week
Warning Icon 1 681

Ubuntu 18.04 LTS USN-5054-1 Moderate: Risk of uWSGI Crashes Identified

Calendar Aug 30, 2021 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory buffer overflow remote code execution information disclosure ubuntu application container
uWSGI could be made to crash if it received specially crafted input. 
=========================================================================Ubuntu Security Notice USN-5054-1
August 30, 2021

uwsgi vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

uWSGI could be made to crash if it received specially crafted
input.

Software Description:
- uwsgi: fast, self-healing application container server

Details:

Felix Wilhelm discovered a buffer overflow flaw in the mod_proxy_uwsgi module.
An attacker could use this vulnerability to provoke an information disclosure
or potentially remote code execution.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libapache2-mod-proxy-uwsgi      2.0.15-10.2ubuntu2.2
  libapache2-mod-ruwsgi           2.0.15-10.2ubuntu2.2
  libapache2-mod-uwsgi            2.0.15-10.2ubuntu2.2
  uwsgi                           2.0.15-10.2ubuntu2.2
  uwsgi-core                      2.0.15-10.2ubuntu2.2

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5054-1
  CVE-2020-11984

Package Information:
  https://launchpad.net/ubuntu/+source/uwsgi/2.0.15-10.2ubuntu2.2

Ubuntu 18.04 LTS USN-5054-1 Moderate: Risk of uWSGI Crashes Identified

ubuntu
Calendar Grey August 30, 2021
Dist Ubuntu Esm H88
Recently, Security Alert USN-5054-1 exposes a severe vulnerability in uWSGI, which could lead to system instability and exploitation through specially designed input.
uWSGI could be made to crash if it received specially crafted input.

Summary

Topics%20covered

Topics Covered

security advisory buffer overflow remote code execution information disclosure ubuntu application container

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: libapache2-mod-proxy-uwsgi 2.0.15-10.2ubuntu2.2 libapache2-mod-ruwsgi 2.0.15-10.2ubuntu2.2 libapache2-mod-uwsgi 2.0.15-10.2ubuntu2.2 uwsgi 2.0.15-10.2ubuntu2.2 uwsgi-core 2.0.15-10.2ubuntu2.2 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5054-1

CVE-2020-11984

August 30, 2021

Topics%20covered

Topics Covered

security advisory buffer overflow remote code execution information disclosure ubuntu application container

Package Information

https://launchpad.net/ubuntu/+source/uwsgi/2.0.15-10.2ubuntu2.2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here