Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Ubuntu 18.04, 16.04, 14.04 Security Advisory USN-5570-1 Zlib DoS

Calendar Aug 17, 2022 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service security issue ubuntu zlib attack vector
zlib could be made to crash or run programs if it received specially crafted input. 
=========================================================================Ubuntu Security Notice USN-5570-1
August 17, 2022

zlib vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

zlib could be made to crash or run programs if it received specially
crafted input.

Software Description:
- zlib: Lossless data-compression library

Details:

Evgeny Legerov discovered that zlib incorrectly handled memory when
performing certain inflate operations. An attacker could use this issue
to cause zlib to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
   lib32z1                         1:1.2.11.dfsg-0ubuntu2.2
   lib64z1                         1:1.2.11.dfsg-0ubuntu2.2
   libx32z1                        1:1.2.11.dfsg-0ubuntu2.2
   zlib1g                          1:1.2.11.dfsg-0ubuntu2.2

Ubuntu 16.04 ESM:
   lib32z1                         1:1.2.8.dfsg-2ubuntu4.3+esm2
   lib64z1                         1:1.2.8.dfsg-2ubuntu4.3+esm2
   libx32z1                        1:1.2.8.dfsg-2ubuntu4.3+esm2
   zlib1g                          1:1.2.8.dfsg-2ubuntu4.3+esm2

Ubuntu 14.04 ESM:
   lib32z1                         1:1.2.8.dfsg-1ubuntu1.1+esm2
   lib64z1                         1:1.2.8.dfsg-1ubuntu1.1+esm2
   libx32z1                        1:1.2.8.dfsg-1ubuntu1.1+esm2
   zlib-bin                        1:1.2.8.dfsg-1ubuntu1.1+esm2
   zlib1g                          1:1.2.8.dfsg-1ubuntu1.1+esm2

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5570-1
   CVE-2022-37434

Package Information:
   https://launchpad.net/ubuntu/+source/zlib/1:1.2.11.dfsg-0ubuntu2.2

Ubuntu 18.04, 16.04, 14.04 Security Advisory USN-5570-1 Zlib DoS

ubuntu
Calendar Grey August 17, 2022
Dist Ubuntu Esm H88
The Ubuntu Security Advisory USN-5570-1 pertains to a vulnerability in zlib, which could potentially result in unauthorized code execution or service interruption.
zlib could be made to crash or run programs if it received specially crafted input.

Summary

Topics%20covered

Topics Covered

security advisory denial of service security issue ubuntu zlib attack vector

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: lib32z1 1:1.2.11.dfsg-0ubuntu2.2 lib64z1 1:1.2.11.dfsg-0ubuntu2.2 libx32z1 1:1.2.11.dfsg-0ubuntu2.2 zlib1g 1:1.2.11.dfsg-0ubuntu2.2 Ubuntu 16.04 ESM: lib32z1 1:1.2.8.dfsg-2ubuntu4.3+esm2 lib64z1 1:1.2.8.dfsg-2ubuntu4.3+esm2 libx32z1 1:1.2.8.dfsg-2ubuntu4.3+esm2 zlib1g 1:1.2.8.dfsg-2ubuntu4.3+esm2 Ubuntu 14.04 ESM: lib32z1 1:1.2.8.dfsg-1ubuntu1.1+esm2 lib64z1 1:1.2.8.dfsg-1ubuntu1.1+esm2 libx32z1 1:1.2.8.dfsg-1ubuntu1.1+esm2 zlib-bin 1:1.2.8.dfsg-1ubuntu1.1+esm2 zlib1g 1:1.2.8.dfsg-1ubuntu1.1+esm2 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5570-1

CVE-2022-37434

Severity
critical
Lowest
Low
Medium
High
Critical

August 17, 2022

Topics%20covered

Topics Covered

security advisory denial of service security issue ubuntu zlib attack vector

Package Information

https://launchpad.net/ubuntu/+source/zlib/1:1.2.11.dfsg-0ubuntu2.2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here