Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 734
Alerts This Week
Warning Icon 1 734

Ubuntu 22.04 LTS USN-5447-1 Critical: Logrotate Denial Of Service

ubuntu
Calendar Grey May 26, 2022
Dist Ubuntu Esm H88
A critical flaw in Logrotate on Ubuntu systems may permit local attackers to cause denial of service. It's essential to apply the latest updates immediately for protection!
logrotate could be made to stop processing log files.

Summary

logrotate could be made to stop processing log files.

Software Description:

- logrotate: Log rotation utility

Details:

It was discovered that logrotate incorrectly handled the state file. A

local attacker could possibly use this issue to keep a lock on the state

file and cause logrotate to stop working, leading to a denial of service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
  logrotate                       3.19.0-1ubuntu1.1

Ubuntu 21.10:
  logrotate                       3.18.0-2ubuntu1.1

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5447-1

CVE-2022-1348

Severity
critical
Lowest
Low
Medium
High
Critical

May 26, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.