Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Ubuntu 16.04 ESM USN-5735-1 Critical Sysstat Code Execution Risk

Calendar Nov 22, 2022 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory Ubuntu input validation code execution risk sysstat
Sysstat could be made to crash or run programs as your login if it processed specially crafted input. 
=========================================================================Ubuntu Security Notice USN-5735-1
November 22, 2022

sysstat vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 ESM

Summary:

Sysstat could be made to crash or run programs as your login if it
processed specially crafted input.

Software Description:
- sysstat: system performance tools for Linux

Details:

It was discovered that Sysstat did not properly check bounds
when perfoming certain arithmetic operations on 32 bit systems.
An attacker could possibly use this issue to cause a crash or
arbitrary code execution.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 ESM:
   sysstat                         11.2.0-1ubuntu0.3+esm1

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-5735-1
   CVE-2022-39377

Ubuntu 16.04 ESM USN-5735-1 Critical Sysstat Code Execution Risk

ubuntu
Calendar Grey November 22, 2022
Dist Ubuntu Esm H88
A flaw in Sysstat for Ubuntu raises the risk of system crashes or potential execution of unintended code. Apply the latest updates to mitigate this vulnerability promptly.
Sysstat could be made to crash or run programs as your login if it processed specially crafted input.

Summary

Topics%20covered

Topics Covered

security advisory Ubuntu input validation code execution risk sysstat

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: sysstat 11.2.0-1ubuntu0.3+esm1 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5735-1

CVE-2022-39377

Severity
critical
Lowest
Low
Medium
High
Critical

November 22, 2022

Topics%20covered

Topics Covered

security advisory Ubuntu input validation code execution risk sysstat

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here