Ubuntu: USN-5379-1 Critical: Klibc Memory Issues and Denial of Service
Apr 18, 2022
•
LinuxSecurity Advisories
1 - 2 min read
Topics Covered
Several security issues were fixed in klibc.
=========================================================================Ubuntu Security Notice USN-5379-1 April 18, 2022 klibc vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in klibc. Software Description: - klibc: small utilities built with klibc for early boot Details: It was discovered that klibc did not properly perform some mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31870) It was discovered that klibc did not properly handled some memory allocations on 64 bit systems. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31871) It was discovered that klibc did not properly handled some file sizes values on 32 bit systems. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31872) It was discovered that klibc did not properly handled some memory allocations. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-31873) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: klibc-utils 2.0.7-1ubuntu5.1 libklibc 2.0.7-1ubuntu5.1 Ubuntu 18.04 LTS: klibc-utils 2.0.4-9ubuntu2.1 libklibc 2.0.4-9ubuntu2.1 Ubuntu 16.04 ESM: klibc-utils 2.0.4-8ubuntu1.16.04.4+esm1 libklibc 2.0.4-8ubuntu1.16.04.4+esm1 Ubuntu 14.04 ESM: klibc-utils 2.0.3-0ubuntu1.14.04.3+esm2 libklibc 2.0.3-0ubuntu1.14.04.3+esm2 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5379-1 CVE-2021-31870, CVE-2021-31871, CVE-2021-31872, CVE-2021-31873 Package Information: https://launchpad.net/ubuntu/+source/klibc/2.0.7-1ubuntu5.1 https://launchpad.net/ubuntu/+source/klibc/2.0.4-9ubuntu2.1
PREVIOUS
NEXT
Ubuntu: USN-5379-1 Critical: Klibc Memory Issues and Denial of Service
ubuntu
April 18, 2022
Several security issues were fixed in klibc.
Summary
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: klibc-utils 2.0.7-1ubuntu5.1 libklibc 2.0.7-1ubuntu5.1 Ubuntu 18.04 LTS: klibc-utils 2.0.4-9ubuntu2.1 libklibc 2.0.4-9ubuntu2.1 Ubuntu 16.04 ESM: klibc-utils 2.0.4-8ubuntu1.16.04.4+esm1 libklibc 2.0.4-8ubuntu1.16.04.4+esm1 Ubuntu 14.04 ESM: klibc-utils 2.0.3-0ubuntu1.14.04.3+esm2 libklibc 2.0.3-0ubuntu1.14.04.3+esm2 After a standard system update you need to reboot your computer to make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-5379-1
CVE-2021-31870, CVE-2021-31871, CVE-2021-31872, CVE-2021-31873
Severity
critical
Lowest
Low
Medium
High
Critical
April 18, 2022
Topics Covered
Package Information
https://launchpad.net/ubuntu/+source/klibc/2.0.7-1ubuntu5.1 https://launchpad.net/ubuntu/+source/klibc/2.0.4-9ubuntu2.1
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!