Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 554
Alerts This Week
Warning Icon 1 554

Ubuntu 16.04: USN-5488-2 High OpenSSL c_rehash Command Flaw

ubuntu
Calendar Grey July 6, 2022
Dist Ubuntu Esm H88
A vulnerability in OpenSSL poses risks, potentially leading to application failures or command executions arising from problems in the c_rehash script within Ubuntu 16.04 ESM.
OpenSSL could be made to crash or run programs when the c_rehash script is used.

Summary

OpenSSL could be made to crash or run programs when the c_rehash script is

used.

Software Description:

- openssl: Secure Socket Layer (SSL) cryptographic library and tools

Details:

USN-5488-1 fixed vulnerabilities in OpenSSL. This update provides the

corresponding updates for Ubuntu 16.04 ESM.

Original advisory details:

Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the

c_rehash script. A local attacker could possibly use this issue to execute

arbitrary commands when c_rehash is run.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   openssl                         1.0.2g-1ubuntu4.20+esm5

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5488-2

https://ubuntu.com/security/notices/USN-5488-1

CVE-2022-2068

July 06, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.