Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Ubuntu 22.04: USN-5610-2 Critical Python-magic Code Exec Flaw

ubuntu
Calendar Grey September 14, 2022
Dist Ubuntu Esm H88
The Ubuntu Security Notice USN-5610-1 addresses a vulnerability in rust-regex that may lead to a denial of service when faced with crafted inputs.
rust-regex could be made to crash if it received specially crafted input.

Summary

rust-regex could be made to crash if it received specially crafted

input.

Software Description:

- rust-regex: Regular expressions for Rust

Details:

Addison Crump discovered that rust-regex did not properly limit

the complexity of the regular expressions (regex) it parses.

An attacker could possibly use this issue to cause a denial of

service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
   librust-regex-dev               1.5.4-1ubuntu0.1

Ubuntu 20.04 LTS:
   librust-regex-dev               1.2.1-3ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-5610-1

  CVE-2022-24713

Severity
critical
Lowest
Low
Medium
High
Critical

September 14, 2022

Package Information

  https://launchpad.net/ubuntu/+source/rust-regex/1.5.4-1ubuntu0.1
  https://launchpad.net/ubuntu/+source/rust-regex/1.2.1-3ubuntu0.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.