Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Ubuntu 16.04: USN-5488-2 High OpenSSL c_rehash Command Flaw

Calendar Jul 06, 2022 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory high severity command execution Ubuntu update instructions openssl
OpenSSL could be made to crash or run programs when the c_rehash script is used. 
=========================================================================Ubuntu Security Notice USN-5488-2
July 06, 2022

openssl vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM

Summary:

OpenSSL could be made to crash or run programs when the c_rehash script is
used.

Software Description:
- openssl: Secure Socket Layer (SSL) cryptographic library and tools

Details:

USN-5488-1 fixed vulnerabilities in OpenSSL. This update provides the
corresponding updates for Ubuntu 16.04 ESM.

Original advisory details:

  Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the
  c_rehash script. A local attacker could possibly use this issue to execute
  arbitrary commands when c_rehash is run.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   openssl                         1.0.2g-1ubuntu4.20+esm5

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5488-2
   https://ubuntu.com/security/notices/USN-5488-1
   CVE-2022-2068

Ubuntu 16.04: USN-5488-2 High OpenSSL c_rehash Command Flaw

ubuntu
Calendar Grey July 6, 2022
Dist Ubuntu Esm H88
A vulnerability in OpenSSL poses risks, potentially leading to application failures or command executions arising from problems in the c_rehash script within Ubuntu 16.04 ESM.
OpenSSL could be made to crash or run programs when the c_rehash script is used.

Summary

Topics%20covered

Topics Covered

security advisory high severity command execution Ubuntu update instructions openssl

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: openssl 1.0.2g-1ubuntu4.20+esm5 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5488-2

https://ubuntu.com/security/notices/USN-5488-1

CVE-2022-2068

July 06, 2022

Topics%20covered

Topics Covered

security advisory high severity command execution Ubuntu update instructions openssl

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here