Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 516
Alerts This Week
Warning Icon 1 516

Ubuntu 16.04 ESM: USN-5638-1 Critical: Expat Code Execution Threat

ubuntu
Calendar Grey September 26, 2022
Dist Ubuntu Esm H88
Security flaw detected in Ubuntu affecting expat could lead to system crashes or unauthorized code execution. Immediate update advised.
Expat could be made to crash or execute arbitrary code.

Summary

Expat could be made to crash or execute arbitrary code.

Software Description:

- expat: XML parsing C library

Details:

Rhodri James discovered that Expat incorrectly handled memory when

processing certain malformed XML files. An attacker could possibly

use this issue to cause a crash or execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   expat                               2.1.0-7ubuntu0.16.04.5+esm6
   lib64expat1                     2.1.0-7ubuntu0.16.04.5+esm6
   libexpat1                         2.1.0-7ubuntu0.16.04.5+esm6

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5638-1

CVE-2022-40674

Severity
critical
Lowest
Low
Medium
High
Critical

September 26, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.